NexaGuard
  1. Security-and-Privacy
NexaGuard
  • Getting-Started
    • NexaGuard Developer Documentation
    • Quickstart (5 to 10 Minutes)
    • Documentation Overview
    • Concepts and Glossary
  • Compliance-and-Standards
    • Compliance Overview
    • IAB TCF v2.3 Support
    • Google Consent Mode v2 Validation
    • TCF API Validation
    • Audit Checklist (Pre-Launch)
  • Web-and-CMS-Integrations
    • NexaGuard CMP SDK – Web & GTM Setup
    • Integrate NexaGuard CMP with Webflow and Wix
    • Integrate NexaGuard CMP with WordPress
    • Integrate NexaGuard CMP with Drupal
    • Integrate NexaGuard CMP with Shopify
  • Mobile-SDKs
    • NexaGuard CMP SDK - iOS Setup
    • iOS SDK API Reference
    • NexaGuard CMP SDK - Android Setup
    • Android SDK API Reference
    • App Attribution Partner (AAP) Integrations
  • Developer-Reference
    • Web JS API Reference
    • Consent Event Schema
    • Deployment and Environments
    • NexaGuard Debug Tool
    • Troubleshooting Playbook
    • Performance and Best Practices
    • Accessibility and UX Guidelines
    • Localization Workflow
    • Migration Guide
  • Security-and-Privacy
    • Security Overview
    • Privacy Architecture
    • Data and Logging Transparency
    • Subprocessors
    • CSP and Network Allowlist
  • Enterprise-and-Legal
    • DPA and Legal Pack
    • RFP Feature Matrix
    • Status and Reliability
    • Support and Escalation
    • NexaGuard CMP SDK – Commercial Licence
  • Operations
    • Changelog and Version Policy
  1. Security-and-Privacy

Subprocessors

Last updated: February 18, 2026
This page lists third-party subprocessors that NexaGuard may use to process customer data in connection with the NexaGuard CMP service.
A subprocessor is any third party engaged by NexaGuard to process customer data on its behalf.

Current Subprocessor List#

VendorService PurposeData ScopeRegionStatus
Cloudflare, Inc.Infrastructure and content delivery servicesConsent metadata and operational logsGlobalActive
Google Cloud Platform (Google LLC)Legacy infrastructure and storage servicesHistorical logs and backup dataUnited StatesActive (legacy components)
Stripe, Inc.Payment processing and subscription managementCustomer billing information and account email (no consent metadata)GlobalActive
Mailgun Technologies, Inc.Transactional email deliveryCustomer account email address (account-related communications only)United StatesActive

Data Scope Clarification#

NexaGuard subprocessors process only the minimum data necessary to deliver and support the service, including:
consent tokens or identifiers
consent status by category or purpose
consent timestamps
framework flags (for example TCF, GPP, Google Consent Mode)
API request and operational logs
customer billing information (Stripe only)
customer account email addresses (Mailgun only)
NexaGuard does not sell or use subprocessors to exploit consent data for marketing purposes.

Provider Notes#

Cloudflare, Inc. is used for infrastructure and content delivery services supporting CMP operations.
Google Cloud Platform (Google LLC) is retained for legacy infrastructure and storage services associated with historical operational data.
NexaGuard continues to simplify legacy dependencies where feasible to reduce third-party exposure.

Change Management#

NexaGuard will notify customers of material subprocessor additions or replacements in accordance with contractual obligations.
This page is updated when subprocessors are added, removed, or materially changed.
Effective dates of changes are reflected in the Changelog where applicable.
Customers may raise objections as defined in the Data Processing Addendum.

Security and Contractual Safeguards#

NexaGuard requires subprocessors to:
implement appropriate technical and organizational security measures
process data only pursuant to contractual obligations
maintain confidentiality and data protection commitments consistent with applicable law

Contact#

For questions regarding subprocessors or data processing arrangements:
[email protected]
Previous
Data and Logging Transparency
Next
CSP and Network Allowlist