Last updated: June 29, 2026
PN Player engages certain third-party service providers ("sub-processors") to assist in delivering the Services. These sub-processors process personal data on our behalf under written data processing agreements and are contractually required to implement appropriate technical and organizational measures in accordance with applicable data protection laws, including Article 28 of the GDPR, where applicable.
We take reasonable steps to ensure that each sub-processor provides sufficient guarantees to implement appropriate technical and organizational measures so that processing meets the requirements of applicable data protection law and ensures the protection of your rights.
| Vendor | Purpose | Location | Data Processed |
|---|---|---|---|
| Cloudflare | Content delivery network (CDN), serverless application hosting (Cloudflare Workers and Pages), object storage (Cloudflare R2), database (Cloudflare D1), DNS, DDoS protection, Web Application Firewall (WAF), and edge infrastructure | Global (multiple regions) | Customer account data, media files, application database records, IP addresses, request metadata, cached content, and application logs. |
| Amazon Web Services (AWS) | Cloud infrastructure, compute services, media processing, and backups | Global | Media files during processing, application logs, temporary processing data, and backup data. |
| Resend | Transactional email delivery | United States | Email addresses, verification emails, password reset emails, account notifications, and email metadata |
We may update this list from time to time as we add, remove, or replace sub-processors. For any material addition or replacement of a sub-processor that processes Customer Personal Data, we will provide at least 30 days' prior notice by updating this page or by notifying affected customers. This notice period may be shortened where required to address urgent security, legal, or operational requirements.
If you have concerns about a particular sub-processor or wish to object to the engagement of a new sub-processor, please contact our Privacy team at [email protected]. Customers may object to the appointment of a new sub-processor on reasonable data protection grounds by contacting us within the applicable notice period. We will evaluate the objection in good faith and, where appropriate, work with the Customer to identify a commercially reasonable solution.