Sub-processors
Last updated: May 2026
OKTee relies on selected technical providers to host, secure, synchronize, monitor and improve its services.
These sub-processors are used only for the provision of OKTee services, including OKTee Ops, OKTee Marketing, OKTee Logistics and future Finance modules.
OKTee does not sell customer data, does not share Amazon data for advertising purposes, and does not authorize any sub-processor to use processed data for its own commercial purposes.
The sub-processors listed below may process certain technical data, customer data, catalog data, Amazon Vendor Central or Seller Central data, or data strictly necessary for the operation of the modules activated by the customer.
General principle
OKTee limits the data shared with its sub-processors to what is strictly necessary.
Each sub-processor is used for a specific purpose: hosting, database management, technical orchestration, synchronization, monitoring, AI-assisted analysis or collection of public product page signals.
When data is transferred outside the European Union, OKTee ensures that appropriate contractual safeguards are in place, including Standard Contractual Clauses where required.
List of sub-processors
| Provider | Purpose | Type of data | Main location | Safeguards |
|---|---|---|---|---|
| Neon, Inc. | Hosting of the PostgreSQL database used by OKTee. | Customer data, organization data, usage data, data from Amazon SP-API, catalog data, order data, operational data and data required for the operation of the platform. | European Union, Germany, where the customer configuration allows it. | DPA or applicable contractual terms. Provider certifications according to available documentation. |
| Railway Corp. | Execution of workers, synchronizations, automated processing and server-side tasks. | Technical data, synchronization data, order data, catalog data, Amazon data required for automated processing, ERP or customer API data when the relevant module is enabled. | European Union, where the deployment configuration allows it. | Standard Contractual Clauses applicable in case of transfer outside the EU. Provider certifications according to available documentation. |
| Vercel Inc. | Hosting and delivery of the OKTee web interface. | Technical browsing data, display data and data required for the operation of the user interface. | Global infrastructure with possible transfers outside the European Union. | Standard Contractual Clauses applicable in case of transfer outside the EU. |
| Inngest Inc. | Workflow orchestration, asynchronous task triggering and technical execution tracking. | Technical metadata, application events, task identifiers and information required to orchestrate processing operations. | Cloud infrastructure with possible transfers outside the European Union. | Standard Contractual Clauses applicable in case of transfer outside the EU. |
| Sentry Inc. | Application monitoring, error detection, technical diagnostics and service stability improvement. | Technical logs, application errors, execution traces and diagnostic information. OKTee applies sensitive data filtering where possible to limit the exposure of personal or confidential data. | United States, with appropriate contractual safeguards where required. | Standard Contractual Clauses applicable in case of transfer outside the EU. Sensitive data filtering where possible. |
| OpenAI, L.L.C. | AI-assisted analysis for certain OKTee Marketing features, only when these features are enabled by the customer. | Product data, catalog content, titles, descriptions, bullet points, product page information, quality signals or elements strictly necessary for AI analysis. | United States, with appropriate contractual safeguards where required. | Standard Contractual Clauses applicable in case of transfer outside the EU. Use limited to OKTee features enabled by the customer. |
| Rainforest API | Technical collection of public Amazon product page signals for OKTee Marketing monitoring. | Public product page data, ASINs, titles, visible content, public images, prices, availability, offer signals, Buy Box or Featured Offer where available, and other public elements required to monitor product pages. | Provider infrastructure, with possible transfers outside the European Union. | Provider contractual safeguards. OKTee prioritizes official Amazon APIs whenever the required data is available through them. |
| Amazon Web Services | Complementary cloud services, hosting, storage, infrastructure or technical services depending on OKTee operational needs. | Technical data, files, logs, backups or data required for certain infrastructure services, depending on the modules used. | European Union where the configuration allows it, with possible transfers outside the European Union depending on the services used. | AWS certifications and contractual safeguards depending on the services used. |
| Instatus | Publication of the OKTee status page and communication about service availability. | Technical data related to the status page, public incident information and, where applicable, email addresses of users subscribed to status notifications. | Provider infrastructure, with possible transfers outside the European Union. | Instatus does not process customer Amazon data. |
Amazon data
As part of its integration with Amazon SP-API, OKTee may process certain data from Amazon Vendor Central or Seller Central, only when the customer has explicitly authorized access to its account.
Depending on the modules enabled and the permissions granted, this data may include:
- order data;
- order statuses;
- order acknowledgements and order responses;
- shipment data;
- inventory and availability data;
- catalog data;
- pricing and offer data;
- Brand Analytics data, when available and authorized;
- financial data, invoices, payments, deductions, discrepancies, shortages or chargebacks, when the corresponding access rights are granted.
OKTee limits access to this data to the customer’s authorized users and to authorized OKTee team members when necessary to provide, maintain or secure the service.
Data from customer systems
OKTee may also retrieve complementary data from customer-authorized systems.
To date, this mainly concerns the customer’s product catalog, retrieved from the customer ERP through the OKTee API or through the customer’s API. This catalog is used to match Amazon purchase orders with the customer’s internal product references, stock rules, logistics rules and automation settings used in OKTee Command Center.
For future Finance modules, OKTee may retrieve other customer-owned data, such as ERP, accounting, invoicing, payment, deduction or financial reconciliation data, only when the relevant module is enabled and authorized by the customer.
Security and confidentiality
OKTee applies security measures designed to protect the data processed by the platform, including:
- role-based access control;
- access limited to authorized users;
- encryption of data in transit;
- encryption of sensitive data at rest where necessary;
- logging of important actions;
- application monitoring;
- logical separation of customer data;
- limitation of data shared with sub-processors;
- incident management procedures;
- possible revocation of Amazon access by the customer.
Credentials, secrets, access tokens and technical keys are stored securely and are not hard-coded in the application code.
Transfers outside the European Union
Some sub-processors may process data outside the European Union. In such cases, OKTee ensures that transfers are covered by appropriate safeguards, including Standard Contractual Clauses of the European Commission where required.
Notification of changes
OKTee may update the list of its sub-processors when new providers are added, replaced or removed.
In the event of a significant change that may affect the processing of customer data, OKTee will update this page and may inform the affected customers according to the terms set out in its contracts, Data Processing Addendum or Terms of Service.
OKTee does not sell Amazon data, does not share it for advertising purposes and does not use it outside the services authorized by the customer.
Contact
For any question regarding sub-processors, security or data processing, you can contact OKTee at:
See also: Privacy Policy · Security · DPA · Amazon Integration
Signed DPA