Atlas LogicTrust Center

Sub-processors

Atlas Logic uses the third parties below to deliver our service. Each is bound by a Data Processing Agreement that requires the same data-protection obligations we owe our customers. We review every sub-processor at least annually and on material change, and we notify customers at least 30 days before adding a new sub-processor that materially affects how customer data is processed. Customers may object to a new sub-processor per DPA v2.

VerifiedLast updated:
NameCategoryPurposeData processedLocationTransfer mechanismCertifications
Microsoft AzureInfrastructure & AIPrimary cloud infrastructure — App Service, Static Web Apps, Cosmos DB for MongoDB, Blob Storage, Key Vault, Log Analytics, and AI Foundry (grok-4-mini base model) for compliance analysis, control recommendations, and risk generation
  • · All customer data categories
USA (primary, West US 2); EU available (West Europe)SCCs / DPF
  • ISO 27001
  • SOC 2 Type II
  • ISO 27017
  • ISO 27018

All AI processing occurs within Azure AI Foundry under Microsoft's enterprise data-protection commitments; Customer Data is contractually prohibited from being used to train foundation models.

Google OAuth 2.0AuthenticationIdentity provider, SSO authentication
  • · Name
  • · Email address
  • · OAuth token
USASCCs / DPF
  • ISO 27001
  • SOC 2 Type II
Microsoft Entra IDAuthenticationIdentity provider, SSO, MFA enforcement
  • · Name
  • · Email address
  • · MFA status
  • · OAuth token
USA / EUSCCs
  • ISO 27001
  • SOC 2 Type II
SendGrid (Twilio)Email DeliveryTransactional email — invitations, breach notifications, subscription alerts
  • · Email address
  • · Name
USASCCs
  • ISO 27001
  • SOC 2 Type II
StripePaymentsPayment processing, subscription billing, partner commission payouts
  • · Payment card data
  • · Billing address
USASCCs
  • PCI DSS Level 1
  • SOC 2 Type II
  • ISO 27001
GitHubCode IntegrationCode integration for evidence collection (Atlas Logic Enterprise plan)
  • · Repository metadata
  • · Commit history
  • · Code references
USASCCs
  • ISO 27001
  • SOC 2 Type II

How we monitor them

We track certification status and incident notifications for every sub-processor, and we re-verify their reports (SOC 2, ISO 27001) on renewal. Material changes flow through our internal change-management process before going into effect.

Request DPAs or reports

Customers under NDA can request signed Data Processing Agreements and the underlying attestation reports for any sub-processor listed above.

compliance@atlaslogic.io