Sub-processors

Version: June 2026

Introduction

To provide the Blank service, Ambre LLC ("Blank") relies on a limited number of third-party providers ("sub-processors") that may process data on our behalf. This page describes those activities by category of function, their location and the safeguards governing data transfers, in accordance with Article 28 GDPR. The full named list of our sub-processors is provided to our clients and prospects on request, and in our data processing agreement (DPA).

Categories of sub-processors

Authentication and account management
Location : United States
Transfer safeguards : EU-U.S. Data Privacy Framework + EU Standard Contractual Clauses 2021/914

Deliverable generation (AI model, text)
Location : United States
Transfer safeguards : EU Standard Contractual Clauses 2021/914

Optical character recognition (PDF OCR)
Location : France (EU)
Transfer safeguards : Processing within the European Union — no transfer outside the EU

Temporary file storage
Location : European Union
Transfer safeguards : Storage in the EU — Standard Contractual Clauses + Data Privacy Framework for the entity

API and database hosting
Location : United States
Transfer safeguards : EU Standard Contractual Clauses 2021/914 + Data Privacy Framework

Web frontend hosting
Location : United States / global edge
Transfer safeguards : EU Standard Contractual Clauses 2021/914

Transactional email delivery
Location : United States
Transfer safeguards : EU Standard Contractual Clauses 2021/914

Our commitments

None of these providers is authorised to use your data to train or improve artificial intelligence models.
None sells or shares your data for commercial or advertising purposes.
Blank uses no third-party tracking or analytics tools.
The most sensitive document content is stored and processed within the European Union (file storage in the EU, OCR in France).
Each sub-processor is bound by a data processing agreement (DPA) imposing data protection obligations at least equivalent to ours.

International transfers

Where data is transferred outside the European Economic Area (in particular to the United States), such transfers are governed by appropriate safeguards under the GDPR: European Commission Standard Contractual Clauses (Decision 2021/914) and/or the EU-U.S. Data Privacy Framework where the provider is certified.

Sub-processor changes

We may update this list. Before adding or replacing a sub-processor that will process personal data, we inform our clients so they may object on legitimate grounds, in accordance with Article 28.2 GDPR and the data processing agreements entered into with them. The version date at the top of this page is updated on each change.

Contact

For any questions regarding our sub-processors or the processing of your data: contact@blnksolutions.com