Back to Legal Center

Authorized Subprocessors

Review the verified list of third-party sub-processors and tools authorized to handle operational system payloads at CK Catalyst.

Last updated: June 4, 2026

1. Transparency & System Subprocessors

To maintain high-speed workflow automations, secure database infrastructure, and content edge-delivery for your technical solutions, CK Catalyst interfaces with third-party technical Subprocessors. These specialized entities handle client data payloads strictly within our documented project limits and under the direct mandate of our master Data Processing Agreement (DPA).

2. Our Core Infrastructure Subprocessor Registry

We route and maintain automated data flows across the following audited platforms to power your active Business Cells™:

  • Supabase Inc. (USA) — Core relational database architecture, client identity verification, and object asset storage.
  • n8n Inc. / Make.com (Celonis SE) / Zapier Inc. — Pipeline orchestration engines, cloud background workers, and API integration mapping tools.
  • Vercel Inc. (USA) — Serverless application hosting and secure user interface delivery.
  • Cloudflare Inc. (USA) — Domain Name System (DNS) security controls, active DDoS mitigation, and global content delivery networking (CDN).

3. Directory Revisions & Updates

As our engineering stack scales and our solutions evolve, we periodically modify our platform infrastructure partners to optimize cell processing performance. Changes to our vendor roster will be updated directly within this centralized directory page.

Document FAQ

Quick, non-legalese answers to common operational questions.

To scale your workflows efficiently, we leverage specialized cloud infrastructure. This includes robust hosting engines (Vercel), modern relational databases (Supabase), and highly reliable pipeline processing managers (n8n).

No. These infrastructure providers act strictly as raw data pipelines and encrypted storage vaults. They operate under clear, enterprise-grade data protection parameters that prevent them from accessing, analyzing, or utilizing your information for any secondary purposes.

Yes. Every core subprocessor in our tech stack undergoes regular independent security evaluations and maintains verified global compliance standards, such as SOC 2 Type II mappings, ISO 27001 certifications, and strict GDPR alignment frameworks.

The primary data centers and server networks utilized by our core providers are located in secure facilities within Canada and the United States, utilizing highly protective physical security layouts.

Any adjustments to our core platform providers are documented directly in this centralized directory. For major architectural infrastructure transitions, we issue notifications ahead of time to ensure your internal engineering or compliance teams are fully aware.

PreviousNext