Sub-processors
Last updated: May 2026
ClubAxis uses the following sub-processors to provide the platform to football and sports clubs. When your club uses ClubAxis, we process personal data on your behalf as a data processor; these organisations help us deliver hosting, email, and optional integrations.
1. Sub-processor list
Entries marked Optional apply only when a club enables that integration.
| Sub-processor | Purpose | Data processed | Location | Safeguards |
|---|---|---|---|---|
| DigitalOcean | Application and database hosting (infrastructure) | All platform data stored in production systems | United Kingdom / European Economic Area (production region as configured) | Provider information |
| DigitalOcean Spaces | Encrypted off-site backup storage | Database backup files | Same region as primary hosting where configured | Provider information |
| Mailgun (Sinch) | Transactional email (e.g. password reset, notifications) | Email addresses and message content required to deliver email | European Union (EU API region) where configured | Provider information |
| Let's Encrypt | TLS certificates for HTTPS | Domain names and certificate metadata (no member content) | United States (certificate authority operations) | Provider information |
| Meta (Facebook)Optional | Optional social posting when a club connects a Facebook Page | Content chosen for posting and tokens required to publish | United States / global (Meta infrastructure) | Provider information |
| X (Twitter)Optional | Optional social posting when a club connects an X account | Content chosen for posting and tokens required to publish | United States / global (X infrastructure) | Provider information |
2. Changes to sub-processors
We may add or replace sub-processors as the service evolves. Where we are required to do so under our agreement with your club, we will give at least 30 days' notice before a new sub-processor processes personal data, by updating this page and, where appropriate, notifying club administrators by email.
If you have concerns about a sub-processor or wish to object, contact privacy@clubaxis.co.uk. Objections and alternatives are handled in line with our Data Processing Agreement with your club.
3. International transfers
Where a sub-processor is located outside the United Kingdom, we use appropriate safeguards such as the UK International Data Transfer Agreement (IDTA) or UK Addendum to EU Standard Contractual Clauses, or rely on adequacy regulations where applicable. Details are set out in our DPA with club customers.