1. Introduction
This page lists the third-party service providers (sub-processors) that Skybyte EOOD engages to deliver the Skybyte service. It is maintained on a current basis and forms part of our Data Processing Agreement for B2B customers.
2. Sub-processor List
| Name | Function | Location | Data | Transfer mechanism |
|---|---|---|---|---|
| Lovable Cloud / Supabase | Database, authentication, file storage | EU (EEA hosting region) | Account, order, eSIM, support data | EEA — no transfer mechanism required |
| PayNovus AD | Card payment processing (EMI) | Bulgaria, EU | Tokenised card data, transaction metadata | EEA — no transfer mechanism required |
| eSIM Go Limited | eSIM provisioning and connectivity | United Kingdom | eSIM identifiers, country, plan metadata | UK — adequacy decision |
| Maya Mobile | eSIM provisioning and connectivity (alternate) | Hong Kong / Singapore | eSIM identifiers, country, plan metadata | SCCs + supplementary measures |
| Postmark (ActiveCampaign) | Transactional and marketing email delivery | United States | Email address, message content | SCCs |
| Meta Platforms Ireland Ltd | WhatsApp Business messaging (opt-in) | Ireland, EU | Phone number, message content | EEA — onward SCCs where applicable |
| Cloudflare, Inc. | CDN, DDoS protection, WAF | Global edge network | IP address, request metadata | SCCs |
3. Change Notifications
B2B customers under our DPA can subscribe to advance notification of sub-processor changes by emailing [PLACEHOLDER: dpo@skybyte.com]. We provide at least 30 days’ notice before adding a new sub-processor that processes personal data of Customer-controlled data subjects.
Need a signed PDF copy? Email dpo@skybyte.com.