Subprocessor List

Last Updated: January 30, 2026

This list identifies the third-party subprocessors that MatterGuard engages to process personal data on behalf of our customers. All subprocessors are bound by data processing agreements that meet or exceed PDPA requirements.

Current Subprocessors

SubprocessorLocationPurposeData Processed
Amazon Web Services (AWS)Singapore (ap-southeast-1)Cloud infrastructure, data storage, and computing servicesAll customer data (encrypted)
TiDB CloudSingaporeDatabase hosting and managementStructured application data
OpenSanctionsGermany / EUSanctions and PEP screening dataNames and identifiers for screening (no storage)
SendGrid (Twilio)United StatesTransactional email deliveryEmail addresses, notification content
CloudflareGlobal (nearest edge)CDN, DDoS protection, WAFRequest metadata, IP addresses

Notification of Changes

We will notify customers of any intended changes to subprocessors at least 30 days before the change takes effect. Notifications will be sent to the designated contact email for each customer account.

Customers may object to the use of a new subprocessor by contacting us within 14 days of receiving notification. If we cannot address the objection, the customer may terminate the affected services.

Subprocessor Requirements

All subprocessors engaged by MatterGuard must:

  • Enter into a written data processing agreement
  • Implement appropriate technical and organizational security measures
  • Process personal data only for the specified purposes
  • Maintain confidentiality of all personal data
  • Assist with data subject requests and breach notifications
  • Delete or return personal data upon termination

Contact

For questions about our subprocessors or to receive notifications of changes:

MatterGuard Pte. Ltd.

Email: [email protected]

© 2026 MatterGuard Pte. Ltd.. All rights reserved.

Document Version: 1.0 | Last Updated: January 30, 2026