Rad Web Hosting – Sub-Processors

Effective Date: March 2026
Last Updated: March 2026

This page identifies third-party Sub-Processors authorized by Rad Web Hosting to process Personal Data on behalf of Customers in connection with the provision of hosting, infrastructure, billing, and support services.

This page forms Schedule A to the Rad Web Hosting Data Processing Addendum (“DPA”).

1. What Is a Sub-Processor?

   A Sub-Processor is a third party engaged by Rad Web Hosting to process Personal Data on behalf of a Customer solely for the purpose of delivering the contracted services.

   Rad Web Hosting:

   • Does not sell Personal Data
   • Does not permit Sub-Processors to use data for their own purposes
   • Uses Sub-Processors strictly as service providers / processors

2. Infrastructure & Data Center Providers

   Vendor	Service Provided	Processing Location
   DataBank Holdings, Ltd	Physical colocation, power, cooling, physical security	United States
   Equinix Inc.	Physical colocation, power, cooling, physical security	United States
   Equinix Inc.	Physical colocation for EU-based workloads	European Union

   Data Access:
   Limited to physical infrastructure management. No logical access to customer content.

3. Network, Transit & Security Providers

   Vendor	Service Provided	Location
   Tier-1 Network Transit Providers	Internet backbone connectivity	Global
   Path Network, LLC	Traffic filtering, attack mitigation	Global

   Data Access:
   Network metadata only (IP addresses, packet headers). No content inspection beyond automated threat detection.

4. Backup & Disaster Prevention/Recovery

   Vendor	Service Provided	Location
   UptimeRobot	Service and Network Monitoring	United States
   Object Storage Providers (where enabled)	Encrypted backup storage	United States

   Notes:

   • Backups are retained according to configured retention policies
   • Deleted data may persist in backups for a limited time

5. Billing, Payments & Subscriptions

   Vendor	Purpose	Location
   FraudLabs Pro	Fraud Prevention & Risk Analysis	Malaysia
   Stripe	Credit card payment processing	United States
   PayPal	Alternative payment processing	United States

   Data Processed:

   • Customer name
   • Email address
   • Billing address
   • Transaction metadata

   Important:
   Rad Web Hosting does not store raw credit card data. Payment data is handled directly by Stripe or PayPal.

6. Support & Customer Management

   Vendor	Purpose	Location
   WHMCS	Support and Billing	United States
   Email Notification Providers	Transactional emails, service alerts	United States

7. Communication, Marketing, & Compliance

   Vendor	Purpose	Location
   Crisp	Website Chat, Live Support Interface, Email Marketing	United States
   Usercentrics	Compliance, Consent Management	United States

   Data Access:
   Limited to contact details and system-generated alerts.

8. Sub-Processor Safeguards

   All Sub-Processors are contractually required to:

   • Process Personal Data only on documented instructions
   • Maintain confidentiality and security controls
   • Implement appropriate technical and organizational measures
   • Comply with GDPR, UK GDPR, and applicable U.S. privacy laws

9. International Transfers

   Where Personal Data is transferred outside the United States:

   • Transfers are limited and purpose-specific
   • Appropriate safeguards (such as Standard Contractual Clauses) are used where required

10. Updates to This Page (Live Notice)

    This Sub-Processor list may be updated from time to time.

    • The “Last Updated” date at the top of this page reflects the current version
    • Material changes will be posted here prior to taking effect where required by law
    • Continued use of Rad Web Hosting services constitutes acceptance of the updated list

    Customers may request the prior version of this list by contacting Rad Web Hosting.

11. Questions & Objections

    For questions regarding Sub-Processors or data protection practices:

    Rad Web Hosting
    📧 privacy@radwebhosting.com

    Where required by law, Customers may object to a new Sub-Processor by terminating the affected services if no reasonable alternative is available.