DeepWeb Platform, LLC

Last Updated: 2026-01-01

Deep uses the following third-party Subprocessors to support the delivery, security, and operation of the Deep platform. These vendors process limited personal data on our behalf as described below.

1. Paddle.com Market Ltd. (Merchant of Record)

Purpose:

• Payment processing

• Invoicing

• Fraud detection

• Tax/VAT/GST calculation and remittance

Location: United Kingdom / Global

Data Processed:

• Name

• Email address

• Billing address

• IP address

• Transaction metadata

Safeguards:

• GDPR compliant

• Standard Contractual Clauses (SCCs) where applicable

• PCI-DSS compliant infrastructure

More info: How Paddle handles VAT

2. Cloudflare, Inc.

Purpose:

• Security (WAF)

• DDoS mitigation

• CDN caching

• TLS termination

• Bot protection and performance routing

Location: United States / Global

Data Processed:

• IP address

• Request metadata

• Security logs

Safeguards:

• GDPR compliant

• SCCs in place

• ISO 27001–aligned infrastructure

3. Bunny.net (BunnyWay d.o.o.)

Purpose:

• CDN acceleration

• Global edge caching

• Static asset delivery

• Optional object storage (if used)

Location: EU-based (Slovenia HQ) with global PoPs

Data Processed:

• IP address (for routing and abuse prevention)

• Request headers and metadata

• Minimal log information required for performance and reliability

Safeguards:

• Full GDPR compliance (EU company)

• Data processed only to provide CDN/storage operations

• No selling or marketing use of data

• SCCs where global CDN traffic crosses borders

More info: Bunny.net Privacy

Deep may update this Subprocessor List as new vendors are added or removed. Changes will be reflected on this page.