Back to overview
Full document

FacturaOS Subprocessor and Provider List

This list identifies key providers that may process personal information to operate FacturaOS, along with their purpose and the legal role that may apply.

Last updated: July 13, 2026privacy@facturaos.com
On this page
  1. 1. How to read this list
  2. 2. Core hosting, database, storage, and authentication
  3. 3. Billing and payment services
  4. 4. Analytics, diagnostics, and sign-in providers
  5. 5. Email delivery
  6. 6. Changes, objections, and provider terms

1. How to read this list

A subprocessor processes Customer Personal Data for FacturaOS to provide the service. Some providers, particularly payment and authentication providers, may also act as independent controllers for their own regulated or directly requested services.

The exact providers involved depend on the feature, platform, authentication method, market, and account configuration you use. Provider locations and their own subprocessors may change under their published terms.

2. Core hosting, database, storage, and authentication

FacturaOS currently uses:

  • Supabase, Inc. — authentication, hosted PostgreSQL database, private object storage, server-side functions, and related platform services. Typical data: account identifiers, workspace and operational Customer Data, files, permissions, and technical logs. Primary processing is in the United States or selected project region, with infrastructure providers disclosed by Supabase.
  • Vercel Inc. — hosting, content delivery, web application execution, routing, firewall, and deployment services for the public sites and hosted SaaS. Typical data: web requests, IP address, device and request metadata, application payloads processed in transit, and technical logs. Processing may occur in the United States and Vercel network locations.

3. Billing and payment services

FacturaOS currently uses:

  • Stripe, Inc. and applicable Stripe affiliates — FacturaOS subscription billing, payment methods, invoices, refunds, connected-account onboarding, identity and business verification, invoice-payment processing, fraud prevention, disputes, reserves, and payouts. Typical data: account and representative details, billing contact, payment credentials collected directly by Stripe, bank and tax information, invoice and transaction data, device information, risk signals, and provider status. Stripe often acts as an independent controller for regulated payment functions.

4. Analytics, diagnostics, and sign-in providers

FacturaOS currently uses:

  • Google LLC — Google Analytics for optional web and product measurement; Firebase Analytics and Crashlytics for optional mobile measurement and diagnostics; and Google sign-in when selected. Typical data: privacy-safe event values, app-instance or browser identifiers, device and browser information, approximate region, crash diagnostics, IP address in network transmission, and authentication data when Google sign-in is chosen.
  • Apple Inc. — Sign in with Apple when selected and application-store distribution where applicable. Typical data: Apple-provided account identifier, name or relay email when shared, authentication events, device or store information. Apple acts as an independent controller for its services.

5. Email delivery

FacturaOS currently uses:

  • Plus Five Five, Inc. (Resend) — transactional delivery of supported invoice and service emails and related delivery events. Typical data: sender and recipient email, business display information, message subject and body, invoice-related content selected for delivery, provider message identifier, delivery status, and technical metadata. Processing may occur in the United States and provider locations.

6. Changes, objections, and provider terms

We may add, replace, or remove providers as the service changes. Material new subprocessors will be handled under the Data Processing Addendum. A provider may update its entity name, location, infrastructure, or own subprocessors without a change to FacturaOS functionality.

Business customers with reasonable data-protection concerns may contact privacy@facturaos.com. The provider's own privacy notice, DPA, and service terms provide more detail about its processing.

Questions about this document?

Contact us and include the document name so we can route your question correctly.

Data protection contact