Subprocessors & Infrastructure
Effective date: 15 June 2026
This Subprocessors & Infrastructure notice explains how IDEEVY uses third-party service providers and infrastructure resources to operate, secure, monitor, and deliver its identity document verification service.
“IDEEVY”, “we”, “us” and “our” refer to INTEGRITYTECH HK LIMITED. This notice applies to the IDEEVY service available through ideevy.com and related business services.
1. Scope
IDEEVY provides identity document verification services to business customers. In order to operate the Service, we may use third-party service providers, infrastructure resources, technical vendors, and other subprocessors that support the delivery, security, reliability, and maintenance of the Service.
This notice does not apply to optional, tailor-made, or separately agreed services unless expressly stated in the applicable agreement.
2. Use of Service Providers
IDEEVY may use service providers and subprocessors to perform limited functions on our behalf. These providers may support the Service by helping us host systems, store data, process document-related information, monitor performance, protect infrastructure, provide communications, support customers, or maintain operational reliability.
Service providers are used only where reasonably necessary to provide, secure, support, or improve the Service, or where required for legal, contractual, operational, or security purposes.
3. Categories of Service Providers
IDEEVY may use service providers in categories including, but not limited to:
- cloud hosting and infrastructure;
- secure data storage;
- database and backup infrastructure;
- logging, monitoring, and observability tools;
- security, abuse prevention, and incident response tools;
- document processing technology components;
- email, notification, and communication services;
- customer support and administrative tools;
- website analytics and performance measurement tools;
- billing, invoicing, and business operations tools;
- legal, compliance, accounting, and professional service providers.
These categories are provided for general transparency only. They do not represent a full public list of IDEEVY’s infrastructure, vendors, technical architecture, security tooling, or operational dependencies.
4. No Public Infrastructure Disclosure
For operational security reasons, IDEEVY does not publish any public information relating to its infrastructure providers, security providers, storage providers, monitoring tools, technical vendors, hosting architecture, internal systems, or security dependencies.
Public disclosure of such information may increase operational risk, expose sensitive system architecture, or assist malicious actors in targeting the Service. Accordingly, IDEEVY does not maintain a public subprocessor registry containing vendor names, infrastructure details, system locations, security tooling, or technical implementation information.
5. Information Available Upon Request
Relevant subprocessor and infrastructure information may be made available upon request to prospective or existing Business Customers who are actively evaluating or entering into a commercial relationship with IDEEVY.
Such information may be provided only where IDEEVY considers the request reasonable and appropriate, and may be subject to:
- a non-disclosure agreement;
- vendor review procedures;
- enterprise onboarding requirements;
- contractual confidentiality obligations;
- security review limitations;
- restrictions on onward disclosure.
IDEEVY may decline to disclose information that it considers commercially sensitive, security-sensitive, irrelevant to the customer relationship, or unnecessary for the requested review.
6. Safeguards
Where IDEEVY uses service providers or subprocessors that may process Customer Data or Verification Records, IDEEVY applies commercially reasonable contractual, technical, and organizational safeguards designed to protect such data.
These safeguards may include confidentiality obligations, access limitations, security requirements, data protection terms, restricted processing purposes, and other appropriate controls depending on the nature of the service provider and the data involved.
IDEEVY remains responsible for managing its service providers in accordance with its agreements with Business Customers and applicable data protection requirements.
7. International Processing
Where reasonably possible, IDEEVY aims to store and process verification data in the user’s country or region, or in a location consistent with the Business Customer’s configuration and applicable data protection requirements.
However, data may be processed or stored in other jurisdictions where IDEEVY, its infrastructure providers, service providers, or subprocessors operate. Where required, IDEEVY applies appropriate safeguards for such processing or transfers.
8. Changes to Service Providers
IDEEVY may update, replace, remove, or add service providers from time to time in order to maintain, secure, improve, or scale the Service.
Unless otherwise expressly agreed in an Order Form, Data Processing Addendum, or enterprise agreement, IDEEVY is not required to provide advance public notice of changes to its infrastructure providers or technical service providers.
Where specific notice, objection, or approval rights are agreed with a Business Customer, such rights will apply only as stated in the applicable written agreement.
9. Business Customer Requests
Business Customers who require subprocessor or infrastructure information for procurement, compliance, security review, or vendor onboarding may contact IDEEVY at legal@ideevy.com.
Requests should identify the Business Customer, the purpose of the request, the relevant review process, and whether a non-disclosure agreement is already in place.
10. Company Details
IDEEVY is operated by:
INTEGRITYTECH HK LIMITED
Company Registration Number: 3339122
Business Registration Number: 75921776
Registered Address: Room 905, Block 2, Cyberport, 100 Cyberport Road, Hong Kong