Subprocessors
Third-party processors engaged in the delivery of the HTPBE service
Last updated: April 27, 2026
This page lists all subprocessors (third-party data processors) engaged by TMI Iurii Rogulia (“HTPBE”, “we”, “us”) in the delivery of the PDF authenticity checking service at htpbe.tech. It is maintained in accordance with GDPR Article 28(3)(d).
Two processing modes — different data flows
Web UI users only (free check). The user uploads a PDF file in the browser. The file is transferred directly from the browser to Cloudflare R2 via a presigned PUT URL, then the HTPBE server downloads and analyzes it in memory. The file is automatically deleted from R2 within 7 days; in practice deletion typically occurs within 24 hours of upload. Only metadata extracted during analysis and the verdict are stored persistently. Cloudflare R2 is engaged as a sub-processor exclusively in this mode.
API users only (URL-based). The API client sends an HTTP URL pointing to a PDF already hosted on their infrastructure. HTPBE fetches the file from that URL directly into server memory, performs the analysis, and immediately discards the file. No file content is written to any storage system. Cloudflare R2 is not involved. Only extracted metadata and the analysis verdict are stored.
In both modes, the textual and visual content of the PDF document is never read, stored, or transmitted to any subprocessorr. Analysis is limited to structural metadata: information dictionary fields, cross-reference tables, object layout, and digital signature structures.
Cloudflare R2
Temporary PDF file transit storage (Web UI only)
Data processed
PDF file binary. Stored transiently; deleted within 7 days. File content is never read or indexed — the object is fetched once by the HTPBE server for in-memory analysis and then expires.
Storage region
United States (global CDN edge nodes; PUT and GET operations are routed to the nearest edge)
Cloudflare R2 is not engaged for API-mode requests. API clients bear responsibility for their own file storage.
Turso
Database — stores analysis results, check metadata, and account data
Data processed
PDF metadata extracted during analysis (filename, creator, producer, dates, page count, verdict, detection markers). Registered user data: email address, name. API key hashes. Billing plan metadata. No PDF file content.
Storage region
United States
Axiom
Structured logging and observability
Data processed
Request logs: endpoint, HTTP status, response time, API key identifier (truncated), error traces. No PDF file content, no document metadata fields, no user email.
Storage region
United States
Vultr
Cloud infrastructure — virtual servers on which the application runs (orchestrated via Coolify)
Data processed
Application code, in-transit HTTP request/response payloads. No persistent personal data is stored on the infrastructure layer beyond what is processed in-flight.
Storage region
European Union
Stripe
Payment processing and subscription management
Data processed
Payment card data (Stripe-tokenized, never seen by HTPBE), billing address, subscription status, invoice history, Stripe customer ID. Stripe acts as an independent data controller for payment card data.
Storage region
United States
Resend
Transactional email delivery (magic-link authentication)
Data processed
Recipient email address, email subject and body (authentication link). No PDF content.
Storage region
United States
Google Analytics (GA4 Measurement Protocol)
Anonymous, cookieless usage analytics
Data processed
Anonymous session data: page URL, page title, randomly generated session identifier that resets on each new browser session. No personally identifiable information. No IP address forwarded to Google. No cookies set.
Storage region
United States
Data is sent server-side via the Measurement Protocol. The browser never contacts Google directly for analytics purposes.
Changes to this list
We will update this page at least 10 days before engaging a new subprocessorr. If you are an API customer with a Data Processing Agreement in place, we will notify you by email to the address associated with your account. You have the right to object to a new subprocessorr within 10 days of notification; if you do not object within that period, the change is deemed accepted. To object or request a list of subprocessorr changes, contact [email protected].
Data Processing Agreement
If you are an API customer processing personal data on behalf of your own clients, a Data Processing Agreement is available at htpbe.tech/legal/dpa. For Enterprise customers requiring a custom or countersigned DPA, contact [email protected].
Related documents