How Authfyio processes personal data on your behalf, our DPA, sub-processors, and the uptime commitment for Enterprise customers.
Authfyio acts as a data processor for the end-user data you store with us; you are the controller. Our DPA incorporates the EU Standard Contractual Clauses (SCCs) and the UK International Data Transfer Addendum for transfers outside the EEA/UK.
The DPA is pre-signed and available to every workspace. Business and Enterprise customers can counter-sign a copy by emailing privacy@authfyio.comfrom the workspace owner's address.
We use a short list of infrastructure sub-processors, each bound by their own DPA:
We give 30 days' notice before adding a sub-processor — subscribe at privacy@authfyio.com.
Enterprise plans carry a 99.9% monthly uptime SLA with service credits for missed targets, plus a SIEM log sink for streaming audit events into your own monitoring. Live status and incident history are published at status.
For DPA execution or privacy questions, email privacy@authfyio.com.