Sub-Processor List
This page lists the sub-processors that SZTek Inc., doing business as EasyMark ("SZTek", "EasyMark", "we"), engages to support the EasyMark platform (the "Service"). It is published for transparency in keeping with our Privacy Policy and applicable Canadian privacy laws, including PIPEDA and Quebec's Law 25.
A "sub-processor" is a third party that processes personal information on our behalf in order to deliver, secure, or improve the Service. We select sub-processors based on their security posture, contractual commitments, and ability to support our compliance obligations. Each sub-processor is bound by a written agreement that requires confidentiality, security, breach notification, and a level of protection no less than that required of SZTek.
1. How to Read This List
Sub-processors are grouped by function. Some are engaged for all customers (for example, our cloud host and payment processor). Others are engaged only when you opt in or configure a feature (for example, a particular AI provider, an external email-sending service, or an advertising platform). Where data is transferred outside Canada, the listed location indicates the principal region of processing; sub-processors may also use sub-sub-processors of their own, which they identify in their own documentation.
2. Core Infrastructure
| Sub-processor | Purpose | Primary location |
|---|
| Oracle Cloud Infrastructure | Cloud hosting, compute, container orchestration, database, object storage, secrets vault, networking, CDN, WAF, monitoring | Canada (Toronto, Montréal) |
| Cloudflare, Inc. | DNS, edge routing, DDoS protection (where applicable) | Global (anycast) |
3. Identity and Authentication
| Sub-processor | Purpose | Primary location |
|---|
| Google LLC (reCAPTCHA) | Bot and abuse detection on public forms | United States |
4. Payments and Billing
| Sub-processor | Purpose | Primary location |
|---|
| Stripe Payments Canada, Ltd. | Subscription billing, metered usage billing, payment-card processing, customer portal, fraud prevention | Canada / United States |
5. Email and Notifications
| Sub-processor | Purpose | Primary location |
|---|
| Oracle Cloud Email Delivery | Default transactional and platform email delivery | Canada |
| SendGrid (Twilio) | Optional bulk-email delivery (Customer-selected add-on) | United States |
| Mailgun (Sinch) | Optional bulk-email delivery (Customer-selected add-on) | United States |
| Amazon SES (AWS) | Optional bulk-email delivery (Customer-selected add-on) | Customer-selected region |
| Postmark | Optional bulk-email delivery (Customer-selected add-on) | United States |
| Resend | Optional bulk-email delivery (Customer-selected add-on) | United States |
6. AI Providers — Text and Reasoning
| Sub-processor | Purpose | Primary location |
|---|
| Anthropic, PBC | Large language models (Claude family); used for content, planning, and agent reasoning | United States |
| OpenAI, OpCo, LLC | Language models (GPT family); used for text generation | United States |
| Google LLC (Gemini) | Language models (Gemini family); optional | United States |
| Mistral AI | Language models; optional | European Union (France) |
| Groq, Inc. | High-throughput inference for open models; optional | United States |
| Together AI | Hosted open models; optional | United States |
| Perplexity AI | Web-grounded language models; optional | United States |
7. AI Providers — Image, Video, Audio, and Embeddings
| Sub-processor | Purpose | Primary location |
|---|
| OpenAI (DALL-E, TTS) | Image and text-to-speech generation | United States |
| Fal.ai (Features and Labels, Inc.) | Hosted image and video models (FLUX, Wan, others) | United States |
| Stability AI | Open image models (SD3, SDXL); optional | United Kingdom / United States |
| Ideogram, Inc. | Text-in-image generation; optional | United States |
| Recraft | Brand-consistent image generation; optional | United States |
| Adobe (Firefly) | Brand-safe image generation; optional | United States |
| Midjourney, Inc. | Image generation; optional | United States |
| Kuaishou (Kling AI) | Video generation; optional | Asia-Pacific |
| Runway AI, Inc. | Video generation (Gen-3); optional | United States |
| Pika Labs | Short-form video; optional | United States |
| Luma AI, Inc. | Video generation; optional | United States |
| Minimax (Hailuo) | Video generation; optional | Asia-Pacific |
| Replicate, Inc. | Aggregated open-model inference; optional | United States |
| ElevenLabs Inc. | Voice synthesis and cloning; optional | United States / United Kingdom |
| PlayHT, Inc. | Voice synthesis; optional | United States |
| Murf, Inc. | Voice synthesis; optional | United States |
| Deepgram, Inc. | Speech-to-text transcription; optional | United States |
| AssemblyAI, Inc. | Speech-to-text transcription; optional | United States |
| Voyage AI | Embedding models; optional | United States |
| Cohere Inc. | Multilingual embedding models; optional | Canada |
| Suno, Inc. | Music generation; optional | United States |
| Stability AI (Stable Audio) | Music generation; optional | United Kingdom / United States |
| Envato Pty Ltd. (Elements) | Stock image, video, and music library; optional | Australia |
8. Web, Data, and Marketing Channels
| Sub-processor | Purpose | Primary location |
|---|
| Meta Platforms, Inc. | Facebook, Instagram, and Meta Ads when you connect those accounts | United States |
| Google LLC (Ads, Search Console, GA4, YouTube) | Advertising, search, analytics, and video when you connect those accounts | United States |
| LinkedIn Corporation | Publishing and Marketing when you connect that account | United States |
| X Corp. | Publishing when you connect that account | United States |
| TikTok Pte. Ltd. | Publishing when you connect that account | Singapore / United States |
| Pinterest, Inc. | Publishing when you connect that account | United States |
| Firecrawl | Public-web crawling for ingestion of Customer-supplied URLs | United States |
| DataForSEO | Search-engine results data; optional | European Union |
9. Customer Support and Operations
| Sub-processor | Purpose | Primary location |
|---|
| Slack Technologies, LLC | Internal team collaboration and operational alerts | United States |
| Atlassian Corporation | Internal issue tracking and documentation | Australia / United States |
| GitHub, Inc. | Source code hosting (no Customer Content) | United States |
10. Adding or Replacing Sub-Processors
We may add new sub-processors or replace existing ones from time to time as the Service evolves. Where required by applicable law or by a written Data Processing Addendum with you, we will provide advance notice of material changes by updating this list and, where appropriate, by email or in-product notice. If you have a written DPA that grants a right to object to a new sub-processor, you may exercise that right in accordance with its terms; otherwise, your continued use of the Service after a change constitutes acceptance of the updated list.
11. Customer-Initiated Integrations
When you connect a third-party platform (for example, a social network, ad platform, email-service provider, or BYO-AI provider), you direct EasyMark to share data with that platform on your behalf. Those platforms are not sub-processors of SZTek; their processing is governed by your relationship with them and by their own terms and policies.
12. Contact
For questions about this Sub-Processor List, write to privacy@easymark.ca.
