FaulTrace ← Back to site

Data Processing Addendum & Sub-processors

Last updated: 2 July 2026

This page summarizes how FaulTrace processes customer personal data on your behalf and lists the sub-processors we engage. A countersigned Data Processing Addendum (DPA) incorporating the EU Standard Contractual Clauses is available for customers with GDPR/UK-GDPR obligations — contact hello@faultrace.com.

Roles

For the model content you store in your instance, you are the data controller and FaulTrace is the data processor. We process that content only to provide the Service and on your documented instructions.

Our commitments as processor

Persons we authorize to process customer personal data are bound by confidentiality obligations. We engage sub-processors only under written terms imposing data-protection obligations materially equivalent to ours, and we remain responsible for their performance. Taking into account the nature of the processing, we will assist you with data-subject requests and with your security, breach-notification, and impact-assessment obligations, and will make available information reasonably necessary to demonstrate compliance with this page. You may object to a newly listed sub-processor within 30 days of it appearing on this page; if we cannot reasonably accommodate your objection, you may cancel the affected subscription and receive a pro-rata refund of prepaid, unused fees.

Sub-processors

Sub-processor Purpose Data
DigitalOcean Cloud hosting of the control plane and each customer's dedicated instance Account, billing metadata, and model content
Stripe Payment processing and subscription billing Name, email, and payment details (card data held by Stripe)
Anthropic / OpenAI (bring-your-own-key) Optional AI-assistant features. You supply your own API key or provider account, so these providers process your content under your own agreement with them rather than as our sub-processors. The model content and files you choose to use with AI features
Forward Email (forwardemail.net) Forwarding of email sent to our support and contact addresses The contents of email you send to hello@faultrace.com
Google Mailbox hosting for our support email The contents of email you send to hello@faultrace.com

AI features are disabled by default and do not operate until you add your own AI provider credential to your instance. When you use them, the content you choose to send is transmitted to that provider under your own agreement with the provider; we do not store your API keys on our servers. If you enable the optional ChatGPT sign-in mode, its sign-in token is stored only on your own instance. You can remove your credential and stop all AI transmission at any time.

Security & isolation

Each paid customer is provisioned onto its own isolated instance, served over HTTPS, with data kept separate from other customers'. Fleet-management credentials — our cloud provider API tokens and license signing keys — are held only on our control-plane host and are never placed on customer instances. Each customer instance holds only its own instance-specific secrets (its application secret, its provisioning credential, and its initial administrator sign-in), which grant no access to any other customer’s instance.

Hosting location. Our control plane and each customer instance are hosted with DigitalOcean in the United States (New York region). If you access the Service from outside the United States, your data is transferred to and processed in the United States.

Breach notification

If we become aware of a personal data breach affecting customer personal data we process on your behalf, we will notify you without undue delay at your account owner’s email address, describe what we then know about its nature and scope, and keep you reasonably informed as we investigate and remediate.

Deletion on termination

When your subscription ends and the 3-day reinstatement window after the end of your paid period lapses, your instance is decommissioned and its virtual machine destroyed. A final snapshot of the instance’s data may be retained so your account can be restored on request; we will delete a retained final snapshot on your written request to hello@faultrace.com. Billing records are retained as required for legal and accounting purposes.

Changes & notice

We will update this list before engaging a new sub-processor that processes customer personal data. Contact us to request advance notice of changes.