Legal

Sub-processors

Last updated: 11 May 2026.

Wiredepth uses the third-party services listed below to operate the product. Each one processes a specific slice of customer data on our behalf, under contract with appropriate data-protection terms (DPAs in place where required). We do not sell, rent, or trade your data with anyone, including the vendors below - they only see what they need to do their job.

If we add a sub-processor, we update this page and email customers who have requested change notifications. Email [email protected] to be added to the notification list.

Active sub-processors

Public-data sources (not sub-processors)

For completeness: Wiredepth also queries several public databases as part of its monitoring work. These are NOT sub-processors because they do not process your data on our behalf - we make outbound queries to their public APIs:

• Public DNS resolvers for every DNS lookup
• RDAP services for domain registration data
• Certificate Transparency log providers for subdomain enumeration
• Mail blocklists (DNSBLs) for blacklist reputation. We query a curated set of high-signal lists and deliberately skip the noisier ones known to false-positive on shared cloud sender pools.
• HSTS Preload List for HSTS preload status
• Public web servers via direct HTTPS / SMTP probes for TLS, headers, and MTA-STS data
• Malware-distribution + active-threat IOC feeds for matching monitored hosts and resolved IPs against known-bad indicators
• IP-abuse confidence provider (Pro feature). We send the IPs that resolve from your monitored hosts; the provider returns a 0-100 confidence score. Daily quota guard auto-stops well within the published rate limit.
• Public CVE feedsfor matching newly- published high-severity CVEs against the technology stack we fingerprint from your monitored hosts' response headers (Server, X-Powered-By).
• Ransomware leak-site / cyberattack aggregator feeds (multiple sources, polled every 15 minutes) for matching extortion-site victim posts and public cyberattack reports against your monitored hosts and brand-watchlist keywords.
• Credential-breach corpus providerfor per-domain breach matching. We send the monitored domain's apex; the provider returns breach metadata. We deliberately discard the leaked email addresses themselves and only persist breach name + count.

These queries contain only the domain you asked us to scan - never your account email, billing details, or anything else that could identify you to those services. Specific provider names are commercial-confidential; if you require source disclosure for an audit or procurement evaluation, email [email protected] and we'll provide them under NDA.

Customer notifications

For B2B customers under contract that requires advance notice of sub-processor changes, we provide at least 30 days notice by email before adding a new sub-processor. You may object within 30 days; if we cannot resolve the objection, you may terminate your subscription with a pro-rated refund.

For customers without that contractual term (the default for Pro tier), we update this page when changes happen and announce material changes (e.g. moving regions, adding an LLM vendor) in the product changelog.

Data Processing Addendum

If your jurisdiction requires a signed Data Processing Addendum (DPA) - generally any EU/UK company under GDPR, or US healthcare / financial-services customers - email [email protected] and we will send our standard DPA for countersignature. We use the IAPP-published reference template with appropriate Standard Contractual Clauses for cross-border transfers.