Sub-Processors - eustella

eustella Subprocessors

Last updated: 16.04.2026

When you use eustella, some of your data is processed not just by us, but by a small number of carefully selected third-party companies that help us run the app. Under EU data protection law (GDPR Art. 28), we are required to be transparent about who these companies are, what they do with your data, and why we chose them.

We call these companies subprocessors - they act on our instructions and are not allowed to use your data for their own purposes.

We believe you deserve a plain-language explanation, not just a legal table. So below, for each company, we tell you what they do, why we need them, and - where the company is based outside the EU - why there is genuinely no European alternative that can do the same job.

We update this list if we are adding or materially changing any subprocessor. If you want to be notified of changes, contact us at privacy@eustella.com

Our commitment to EU-first infrastructure

We are an Austrian company and we take EU data sovereignty seriously. Wherever a European alternative exists and is technically and operationally viable, we use it. Our core infrastructure - the servers that run eustella, store your data, and power the AI - is entirely hosted with European companies in Europe.

For a small number of services, no European company offers what we need. In those cases, we try to be as transparent as possible about why, and what legal safeguards are in place to protect your data. We actively monitor the market and commit to switching to a European provider the moment a credible one becomes available.

If you know of an EU-headquartered company that could replace any of the US-based providers listed below, please tell us. We genuinely want to hear it - email us at privacy@eustella.com

Our subprocessors

Cloud infrastructure - IONOS

Legal entity: IONOS SE, Germany | Data location: Germany (EU)

IONOS provides the servers and managed infrastructure that eustella runs on. All of your data that eustella stores lives on IONOS infrastructure in Germany.

We chose IONOS because they are a German company, fully subject to EU law, with no US parent or ownership structure that could trigger foreign government data access obligations. This was a deliberate choice over larger US-based cloud providers like AWS, Google Cloud, or Microsoft Azure - all of which, despite offering EU-based data centres, remain subject to US jurisdiction and laws like the US CLOUD Act.

Cloud infrastructure & AI workloads - Scaleway

Legal entity: Scaleway SAS, France | Data location: France (EU)

Scaleway provides supplementary cloud compute capacity for Eustella's backend services, as well as infrastructure for certain AI workloads.

Scaleway is a French company, part of the Iliad Group, and is fully EU-headquartered with no exposure to US jurisdiction. We use Scaleway alongside IONOS and Verda to keep both our general infrastructure and our AI processing within European hands, and to avoid over-dependence on any single vendor. All three are European by design.

API - OCR & Transcription - Mistral.ai

Legal entity: Mistral AI | Data location: France (EU)

Scaleway provides supplementary API to handle some of the file processing (OCR) and audio transcription.

Mistral is a French company, part of the Iliad Group, and is fully EU-headquartered with no exposure to US jurisdiction. We use Scaleway alongside IONOS and Verda to keep both our general infrastructure and our AI processing within European hands, and to avoid over-dependence on any single vendor. All three are European by design.

GPU compute - Verda

Legal entity: Verda Cloud Oy (formerly DataCrunch), Finland | Data location: Finland (EU)

Verda provides the GPU computing power needed to run AI model inference - the part of eustella that processes and responds to your inputs using AI.

Verda is a Finnish company and one of the very few European providers offering high-performance GPU infrastructure at the scale AI applications require. The AI compute market is almost entirely dominated by US providers (AWS, Google Cloud, Azure, CoreWeave). Verda was a deliberate choice to keep AI inference within EU jurisdiction. They hold ISO certification confirming their security and operational standards.

Android push notificatWions - Firebase Cloud Messaging (FCM)

Legal entity: Google LLC, USA | Data location: USA / EU (EU data residency where configured)
Transfer safeguard: Standard Contractual Clauses (EU SCCs 2021); Google LLC certified under the EU-US Data Privacy Framework

Firebase Cloud Messaging is the service that delivers notifications to your Android device - for example, when your AI companion sends you a message.

There is no EU alternative for this service, and this is not a business preference but a hard technical constraint. Google Play's rules require that all Android apps use FCM for push notifications. No third-party provider, European or otherwise, can deliver notifications directly to an Android device without going through FCM. Every Android app in the world is in the same position.

The data involved is minimal: only your device's registration token (a technical identifier, not your name or email address) and the content of the notification we send you.

If you choose to sign in to eustella using your Google account, Firebase Authentication handles that login process.

Google Login is Google's own identity service - authenticating a Google account requires going through Google's infrastructure, and no EU company can provide this. There is simply no such thing as a European version of Google Login. That said, this is entirely optional: you can always register with an email address and password instead, which avoids Google's involvement altogether.

The data involved when you use Google Login is your Google account ID, email address, display name, and profile picture URL.

iOS push notifications - Apple Push Notification service (APNs)

Legal entity: Apple Inc., USA | Data location: USA
Transfer safeguard: Standard Contractual Clauses (EU SCCs 2021); Apple Inc. certified under the EU-US Data Privacy Framework

APNs is the service that delivers notifications to your iPhone or iPad from eustella.

The situation here is identical to Android notifications above: Apple's App Store rules require all iOS apps to use APNs for push notifications. Apple controls the entire notification pipeline at the operating system level, and no EU provider can deliver a notification to an iPhone without Apple's involvement. This constraint applies to every app on your iPhone, without exception.

Apple acts purely as a delivery service. The data involved is only your device's push token (a technical identifier) and the notification content we send you.

Subscription management - RevenueCat

Legal entity: RevenueCat, Inc., USA | Data location: USA
Transfer safeguard: Standard Contractual Clauses (EU SCCs 2021); RevenueCat Inc. certified under the EU-US Data Privacy Framework

RevenueCat manages eustella's in-app subscription system - tracking whether you have an active subscription, validating your purchase with Apple or Google, and making sure the right features are unlocked for your account.

We looked carefully for a European alternative and could not find one. The market for mobile in-app subscription management is, as of April 2026, entirely dominated by US-incorporated companies. The two most credible alternatives we evaluated - Adapty (incorporated in Delaware, USA) and Qonversion (also US-incorporated) - are both subject to US jurisdiction. No EU-headquartered company currently offers the same combination of cross-platform receipt validation, entitlement management, and subscription analytics with a production-ready mobile SDK.

The data we send to RevenueCat is deliberately minimal: a pseudonymous user identifier (not your name or email), your device type, subscription status, and purchase receipt data from the App Store or Google Play. We do not send RevenueCat your name, email address, or payment card details.

In-app payments - Apple App Store & Google Play

Legal entities: Apple Inc., USA and Google LLC, USA | Data location: USA
Transfer safeguard: Standard Contractual Clauses (EU SCCs 2021); both certified under the EU-US Data Privacy Framework

When you purchase a subscription or any paid feature inside Eustella, the actual payment is processed by Apple (on iOS) or Google (on Android) - not by us directly.

There is no alternative for this. Apple and Google each operate a closed payment system on their respective platforms, and their App Store rules require that all in-app purchases go through their own payment infrastructure. This is not a choice we made - it is a platform requirement that applies to every app in the world. The only notable exception is Spotify, which after years of legal battles secured special regulatory treatment in the EU under the Digital Markets Act; standard apps, including Eustella, do not have this option.

This means that when you subscribe, Apple or Google receive your payment details, billing address, and transaction records directly. We never see your payment card details - they go straight to Apple or Google, who act as the merchant of record for the transaction and handle all payment data under their own privacy policies. What we receive back from Apple or Google (via RevenueCat) is only a receipt confirming that a valid purchase was made.

Web search - Linkup

Legal entity: Linkup Technologies SAS, France | Data location: France / EU
Transfer safeguard: None required - EU-headquartered company, data processed and stored within the EU

Linkup provides the real-time web search capability that allows eustella to access up-to-date information from the internet when answering your questions. We are particularly pleased to use Linkup because it is a French startup, fully incorporated and headquartered in France, with all data processed and stored within the EU. This means there are no cross-border data transfer concerns whatsoever. In a market where web search APIs are dominated by US companies - Google, Microsoft Bing, and others - Linkup is a rare example of a capable, production-ready EU alternative, and we chose it deliberately for that reason.

The data Linkup receives is limited to the search queries generated by the AI on your behalf. These queries are derived from your conversation but are processed without any persistent identifier linking them back to your account.

Product analytics - PostHog

Legal entity: PostHog Inc., USA | Data location: Frankfurt, Germany (EU)
Transfer safeguard: None required for data transfers - all data stays within the EEA
Residual risk: PostHog Inc. is a US-incorporated entity and therefore theoretically subject to US CLOUD Act requests, even for data stored in Frankfurt. This risk is documented and accepted - see explanation below.

PostHog helps us understand how the app is being used - which features people find useful, where things go wrong, and how to improve the experience.

PostHog is a US-headquartered company, but we specifically use their EU Cloud product, which means your data is processed and stored entirely on servers in Frankfurt, Germany and never leaves the EU. However, we want to be transparent: because PostHog Inc. is incorporated in the United States, it remains theoretically subject to US government data requests under the CLOUD Act - even for data held on EU soil. This is a known and documented residual risk.

We looked for a fully EU-headquartered alternative. The honest answer is that the mobile app analytics market has a significant gap: no EU-headquartered company currently offers the combination of mobile SDK quality, session analysis, feature flags, and event-level product analytics that a modern app requires. The closest EU options - such as self-hosted Matomo (open source, full sovereignty) or Pirsch Analytics (Germany) - are built primarily for websites, not mobile apps, and lack the mobile SDK depth and product analytics capabilities that PostHog provides. Self-hosting an equivalent stack would require substantial ongoing engineering effort.

We treat PostHog as an accepted pragmatic compromise: the data stays in Europe, the data involved is pseudonymous and does not include message content or identifiers linked to your real identity, and we continue to monitor the EU mobile analytics market for a fully sovereign alternative. If a good alternative emerges, we will migrate.

The data involved is pseudonymous: user identifiers, device type, in-app events (for example "opened a feature"), and feature flag states. No names, email addresses, or message content are included in analytics.

A note on US-based companies

We want to be honest with you: the mobile app industry was largely built on US infrastructure, and some services that make modern apps work - particularly push notifications and app store billing - are controlled by Apple and Google. This is not unique to eustella; it applies to every app on your phone.

Where we have had a genuine choice, we have chosen European providers. Where we have had no choice, we have put legal safeguards in place and minimised the data involved as much as possible.

We actively monitor the EU technology landscape and will replace any US-based provider the moment a credible European alternative exists. If you are aware of an EU-headquartered company that could replace any of the US-based providers on this list, please contact us at privacy@eustella.com - we will evaluate it seriously and get back to you.

What this list does not cover

This list covers companies that process data strictly on our behalf under our instructions. It does not cover the Apple App Store or Google Play Store (which operate as independent controllers under their own privacy policies when you download or make purchases), eustella's own staff and contractors, or the infrastructure sub-suppliers of the companies listed above.

Questions and contact

For questions about this list, to be notified of changes, or to suggest a European alternative to any provider listed here:

Privacy contact: privacy@eustella.com
Privacy Policy: https://eustella.com/services/privacy

This document is reviewed at least annually or upon any material change to our processor landscape.