Approval and onboarding
New sub-processors require an approved business purpose, security review, contract review, and documented data flow before customer data is processed.
Trust
Guidelines for sub-processors.
NatorOS uses sub-processors only when they help us operate, secure, support, or improve the service. These guidelines describe how we review those providers and keep processing aligned with customer commitments.
What counts as a sub-processor
A sub-processor is a third party that may process customer data on behalf of NatorOS to provide the service.
- 1
Service infrastructure
Hosting, storage, networking, observability, and security systems used to run NatorOS.
- 2
Product operations
Support, incident response, analytics, and administration tools used by authorized NatorOS personnel.
- 3
Model and automation providers
AI, workflow, and automation services used when a customer deployment or workflow requires them.
- 4
Not customer-authorized integrations
Tools a customer connects directly, such as Slack, Google Drive, GitHub, CRM, ERP, or ticketing systems, are governed by the customer's own authorization choices.
Review process
How we evaluate providers
Purpose
We identify why the provider is needed, what product surface depends on it, and whether a narrower alternative exists.
Data scope
We document the categories of customer data involved and keep access limited to what the provider needs for the approved purpose.
Security posture
We review controls such as encryption, access management, auditability, incident response, business continuity, and relevant assurance reports.
Contract terms
We require appropriate confidentiality, data-processing, security, deletion, and onward-transfer commitments before production use.
Operational fit
We assess reliability, supportability, data residency needs, customer requirements, and the ability to remove or replace the provider if needed.
Governed
Ongoing oversight
NatorOS periodically reviews active providers, monitors relevant security changes, and reassesses access when a product surface or customer commitment changes.
Customer communication
When a material sub-processor change affects customer data processing, NatorOS communicates through the customer's agreement, account channel, or support/privacy contact.
Data handling
Customer data is processed only for approved service purposes and is not used to train shared foundation models.
Need a current provider review?
Enterprise customers can request details about sub-processor usage for their deployment, including data-flow context and security-review materials where available.