Sub-Processors Guidelines
Last updated on January 05, 2026
Guidelines for sub-processors:
All sub-processors must:
Maintain SOC 2 Type II certification or equivalent
Comply with GDPR requirements for EU data subjects
Provide data processing agreements (DPAs)
Support data deletion requests within 30 days
Encrypt data at rest (AES-256) and in transit (TLS 1.2+)
Not use customer data for model training or improvement
Current Sub-processors:
Supabase (Database, Auth, Storage) - SOC 2 Type II certified
Google Cloud (Gemini AI) - ISO 27001, SOC 2 certified
OpenAI (GPT models) - SOC 2 Type II certified
Resend (Email delivery) - SOC 2 compliant
Experience the Future of Training with AI from Skill Studio AI
Get hands-on with our advanced AI-driven features and see the difference for yourself. Start your free trial today.