Subcontractor and Sub-processor List
Last Updated April 19, 2026
Akeyless uses third-party vendors, subcontractors, sub-processors or Akeyless’ affiliates, all as listed below (each “Subcontractor“) to conduct and perform its business operations and services.
Certain Subcontractors carry out data-processing activities that involve access to customer personal data (“Customer Data“), these Subcontractors are referred to as “Sub-processors” under applicable data protection laws. The Sub-processors process personal data on behalf of Akeyless’ customers, in accordance with customers’ instructions as communicated by Akeyless, and in strict compliance with the data processing agreement executed between Akeyless and the Sub-processor.
Akeyless evaluates Subcontractors’ security, privacy and confidentiality means on an annual basis. Akeyless requires its Subcontractors to maintain a written information security program, not less rigorous than Akeyless’ Security Program, available at https://www.akeyless.io/data-protection-measures/. Further, in the event of a security breach, Akeyless requires the Subcontractors to immediately inform Akeyless, and cooperate with Akeyless (and to the extent applicable, with Akeyless’ customers) to mitigate the breach. These Subcontractor contracts also include audit rights toward Akeyless, and to the extent applicable towards Akeyless’ customers.
Akeyless considers the locations in which the Subcontractors are established and where the data would be hosted, processed, accessed and transferred when onboarding a new Subcontractor. Akeyless requires any Subcontractor to notify Akeyless in the event the location has changed.
This list is updated from time to time, including the names and locations of the Subcontractors. Akeyless’ customers shall register below to the Subcontractor change notification to receive updates when Akeyless makes changes to the list below.
The following tables describe the legal entities engaged by Akeyless in the provision of the services.
| Entity Name | Is this vendor a Sub-processor as defined above? | LEI Number or Registration Number | HQ Country and Address | Country where data is stored | Nature of provided service | DPA | Sub-processor List |
| Google LLC, (Google Cloud, Google Work Space, Vertex API, Gemini). | Yes (GCP and Vertex) | 7ZW8QJWVPR4P1J1KQY45 | 1600 Amphitheatre Parkway Mountain View CA 94043, USA | United States and Europe | Hosting Gemini LLM | DPA | List |
| Microsoft Corporation (Azure) | Yes | INR2EJN1ERAN0W5ZP974 | One Microsoft Way, Redmond, WA 98052, USA | USA and Europe | Hosting | DPA (offline version) | List |
| Microsoft Corporation (Visual Code) | No | INR2EJN1ERAN0W5ZP974 | One Microsoft Way, Redmond, WA 98052, USA | USA and Europe | Debug, build code, development | ||
| Microsoft Corporation (OpenAI) | Yes | INR2EJN1ERAN0W5ZP974 | One Microsoft Way, Redmond, WA 98052, USA | USA and Europe | AI responses, insights, summaries. | DPA | List |
| Atlassian Pty Ltd. | No | 5493005ANNO41NYIM267 | Level 6, 341 George Street, Sydney, NSW 2000, Australia | United States and Europe | Project management | DPA | List |
| Anysphere, Inc. (dba “Cursor”) | No | NA | 2261 Market Street STE 86466, San Francisco, CA 94114 | United States | Software development and licensing (AI Coding generation tool). | DPA | List |
| Anthropic AI (Claude Code) | No | SPQZL8XDKGK7 | 548 Market Street, PMB 90375, San Francisco, CA 94104 | USA | Software development and licensing (AI Coding generation tool). | DPA | List |
| Slack Technologies Limited | No | 549300VIZRB02KN4IJ45 | Slack Technologies Limited, Salesforce Tower, 60 R801, North Dock, Dublin, Ireland | USA | Internal communication tool for Support | General DPA US DPA | List |
| OKTA Inc. | No | 549300N8J06I8MRHU620 | 3500 S DUPONT HWY, DOVER, 19901, United States of America | USA | Identity and access management (IAM) | DPA | List |
| JFROG LTD | No | 514130491 | 8187, 3 Hamachshev Street, Netanya, 4250465 Israel | Israel and USA | Security Management Services | DPA | List |
| HUBSPOT & CO LTD | No | INR2EJN1ERAN0W5ZP974 | United States of America, Delaware, RA000602 | USA | Provision of data | DPA | List |
| Splunk LLC | Yes | 549300XGDSGBP6UEI867 | 3098 Olsen Drive, San Jose, California 95128 | USA | Logging and Monitoring | DPA | List |
| DataDog Inc. | No | 549300F6JNO0KRPO1K63 | 620 8th Ave., 45th Fl., New York, NY 10018 | USA | Monitoring services | DPA | List |
| GitHub Inc. | No | 6354003LMZZAKOPXLX69 | 88 Colin P Kelly Jr St, San Francisco, CA 94107 | USA | Code hosting and software updates | DPA | List |
| Pylon Labs, Inc. | No | 5360508 | 188 KING STREETUNIT 502SAN FRANCISCO CA 94107 | USA | Customer Support ticketing | DPA | List |
| Amazon Web Services LLC | Yes | 549300B1UIM93TXPOD04 | 1200 12th Avenue South, Suite 1200, Seattle, WA 98144, USA | USA and Europe | Hosting | DPA | List |
| Twilio Inc. | No | 5493004W8TRGD63APX93 | 375 Beale Street, Suite 300, San Francisco, CA, 94105, U.S.A. | USA | Cloud communication platform | DPA | List |
| Priority Software Ltd. | No | 511124109 | 2 Amal Street, Rosh Haayin 4809202, Israel | Israel | Enterprise Resource Planning | Offline DPA |
Duration: For each Sub-processor, processing of personal data will be for the duration that the customer uses and continues to use the Service(s), and for the retention periods as set out in customer’s data processing agreement. Otherwise, for Subcontractors, Akeyless reserves the right to replace, amend and terminate any relationship and will request data deletion upon termination.