Ganakys
Compliance · DPDP Act Section 8(2)

Sub-processors

These are the third-party service providers we rely on to operate the Ganakys platform. Each one receives a specific category of personal data for a specific purpose. We update this list whenever a sub-processor changes; the change is reflected in the policy version (2026-04-29-v1) and existing clients are notified by email at least 7 days before any new sub-processor begins processing their data.

Last updated: 29 April 2026

Hostinger International Ltd.

Email delivery (transactional and forms), DNS secondary

Privacy policy →
Data categories
  • Names
  • Email addresses
  • Email content
Region
EU (Lithuania) / India PoP

Razorpay Software Pvt. Ltd.

Payment processing (UPI, cards, netbanking, international cards)

Privacy policy →
Data categories
  • Names
  • Email addresses
  • Phone numbers
  • Payment instrument metadata (card last-4, UPI handle, bank ref)
  • Billing address
Region
India

Cloudflare, Inc.

DNS, TLS termination, DDoS protection, Web Application Firewall, admin SSO (Cloudflare Access)

Privacy policy →
Data categories
  • IP addresses
  • Request metadata (headers, paths, response codes)
  • Admin login email
Region
Global anycast (data residency: EU + IN edge)

Internet Security Research Group (Let's Encrypt)

TLS certificate issuance and renewal

Privacy policy →
Data categories
  • Domain names
Region
USA

GitHub, Inc. (a Microsoft subsidiary)

Source code hosting and CI

Privacy policy →
Data categories
  • No client personal data (code repositories only)
Region
USA

Questions or objections?

Write to our Grievance Officer at grievance@ganakys.com. You can also exercise your DPDP rights — including objection to a specific sub-processor where the law permits — from the client portal under My account → Privacy & rights.