Sub-processors explained: what they are and why enterprise buyers ask for your list

In-depth analyses of real-world cyber incidents and emerging threat trends, authored exclusively by our analysts.

Joanna Larson
6 min read
4 July 2026

Somewhere in an enterprise security review, you will almost certainly be asked for your list of sub-processors. If you have never encountered the term before, it can sound obscure, but the concept behind it is simple, and understanding it properly is one of the more overlooked parts of being ready for enterprise procurement. This article explains what a sub-processor actually is, why buyers care enough to ask for a full list, and what an AI startup specifically needs to get right.

What a sub-processor actually is

Under UK and EU GDPR, when a company processes personal data, the roles involved have specific names. The company that decides why and how personal data is processed is the controller, usually your customer. The company processing that data on the controller's behalf is the processor, which in this relationship is you. A sub-processor is any third party that you, the processor, bring in to help process that data further on the controller's behalf.

In practice, this means almost every vendor and tool in your stack that touches customer data in some way is a sub-processor. Your cloud hosting provider is a sub-processor. Your email delivery service is a sub-processor. If your product uses an AI model provider such as OpenAI or Anthropic, that provider is a sub-processor. Your customer support tool, your analytics platform, your payment processor, if any of them see personal data flowing through your product, each one is a sub-processor in the chain.

Why this matters legally

Under GDPR, your customer, as the controller, remains accountable for what happens to their data even after it passes through your hands and into a sub-processor's. This is precisely why the regulation requires transparency about the chain. A controller cannot manage their own risk if they do not know who else is touching the data they are responsible for.

This creates two specific obligations for you as the processor. First, you generally need your customer's authorisation before engaging a new sub-processor, either through a general authorisation with notice of changes, or specific consent for each one, depending on how your Data Processing Agreement is written. Second, you need a proper data processing agreement in place with each sub-processor yourself, so that the same standard of protection flows all the way down the chain rather than stopping at you.

Why enterprise buyers specifically ask for the list

When a security team requests your sub-processor list, they are not being bureaucratic for its own sake. There are several genuine reasons behind the request, and understanding them helps you see why a vague or incomplete answer damages trust more than the question itself might suggest.

  • They need to assess their own risk. If one of your sub-processors is breached, their data may be exposed even though the breach happened somewhere in your supply chain rather than in your own systems. They cannot manage that risk if they do not know it exists.
  • They may have restrictions on where data can go. Some buyers, particularly in regulated sectors, have rules about which countries or regions their data can be processed in. A sub-processor based somewhere that conflicts with their requirements is a genuine blocker they need to catch early, not after signing.
  • They are checking for concentration risk. A buyer may want to understand how much of your operation depends on a small number of critical vendors, since a serious outage or failure at one of them could disrupt your service to them.
  • It is often a straightforward regulatory requirement on their side. Many buyers are themselves obligated to maintain records of their own processing activities, including the sub-processors of their vendors, so asking you is how they fulfil their own compliance obligation, not just an exercise of caution.

Seen this way, the request is not an obstacle put in your way. It is a buyer doing the due diligence that regulation and their own risk management genuinely require of them, and giving them a clear, accurate answer is one of the more straightforward ways to build confidence early in a relationship.

What this looks like for an AI startup specifically

AI products tend to have a longer and less obvious sub-processor chain than typical software, and this is where founders most often get caught out. Beyond the usual cloud hosting and infrastructure vendors, an AI product typically depends on one or more AI model providers, and possibly a separate vector database provider if you use retrieval augmented generation, plus any additional AI tools chained into your pipeline for things like embeddings or moderation.

Each of these is a sub-processor in exactly the same sense as your cloud host, and each one needs to appear on your list with the same rigour. A common mistake is listing the obvious infrastructure vendors carefully while overlooking the AI model provider, either because it does not feel like a conventional vendor relationship or because the integration happened quickly during early development and was never properly documented afterwards. A buyer's security team, especially one that understands AI risk, will notice the omission, and it raises exactly the kind of doubt about your overall rigour that a security review is designed to surface.

How to build and maintain your list properly

Getting this right does not require complex tooling, but it does require discipline, because the list is only useful if it is genuinely accurate and current.

  • List every third party that processes personal data on your behalf, including cloud infrastructure, AI model providers, analytics, customer support tools, email services, and payment processors.
  • For each one, note what data they can access, where they are based, and whether you have a data processing agreement in place with them.
  • Keep the list updated the moment you add or remove a vendor, rather than reconstructing it under pressure when a buyer asks.
  • Decide how you will notify customers of changes, since your own Data Processing Agreement likely commits you to informing them when your sub-processor list changes.
  • Consider publishing a simplified version publicly on your website, since more mature vendors increasingly do this proactively, which itself signals confidence and transparency to a buyer before they even have to ask.

The honest takeaway

A sub-processor list is not an obscure compliance artefact, it is a straightforward map of every third party that touches your customers' data, and enterprise buyers ask for it because they are genuinely accountable for that chain even after the data leaves their hands. For an AI startup, the list is usually longer than founders expect, because model providers and vector databases belong on it just as much as your cloud host does.

Build the list properly, keep it current, and be ready to hand it over the moment it is asked for. A complete, accurate answer here is a small thing that quietly signals you understand your own product's data flows, which is exactly the impression you want to leave with a buyer's security team.

Not sure your sub-processor list is complete?

Book a free review and we'll help you map your AI product's full data chain.

Tags
#Compliance
#Cybersecurity
#DPA
#Founder
#GDPR
#ISO 27001
#ISO 42001
#Procurement
#SOC
#SOC2
#Sub-processors
#United Kingdom

AI Security Insights

MCP security: the risks of the Model Context Protocol nobody's talking about yet

If your AI product uses the Model Context Protocol, or MCP, to connect your agents to tools and data sources, there is…

Read article

AI security glossary: 30 terms every founder should know before an enterprise review

Enterprise security reviews come packed with terminology that nobody explains before you need it. Founders often encoun…

Read article

What is a security.txt file and does your AI startup need one

If you have never heard of a security.txt file, you are not alone, and yet it is one of the smallest, cheapest pieces o…

Read article

Sub-processors explained: what they are and why enterprise buyers ask for your list

Somewhere in an enterprise security review, you will almost certainly be asked for your list of sub-processors. If you…

Read article

More insights, delivered monthly

Get the latest insights on AI security and compliance.