Legal
Subprocessors
Last updated July 1, 2026
Effective date: July 1, 2026
This page lists the subprocessors that SimpleNewsletter365 uses to process personal data on behalf of customers, as referenced in our Data Processing Addendum. We keep this list current and provide notice of changes.
Subprocessors we use
| Subprocessor | Purpose | Data processed | Location |
|---|---|---|---|
| Microsoft Azure (Azure SQL, Azure Blob Storage, Azure Key Vault) | Application hosting, database, image asset storage, and encryption key management | All account and audience data, encrypted token key rings, image assets | West Europe (Netherlands) |
| Microsoft Graph and Microsoft Entra | Authentication and sending newsletters through the customer’s own Microsoft 365 mailbox | Sign-in identity, mailbox grant metadata, outbound newsletter content and recipients in transit | Microsoft global |
| Paddle | Subscription billing and payment processing as merchant of record | Account holder billing identity, plan, and transaction metadata | Global (United Kingdom and United States) |
| Lettermint | Transactional email delivery for signup confirmations and system notifications | Recipient email address and transactional message content | European Economic Area (Netherlands) |
| Approximated | Reverse proxy that serves customer custom link and public-page domains | Custom domain names, DNS configuration, and inbound request metadata for proxied pages | United States |
Important note on the sending path
SimpleNewsletter365 does not operate a shared email-sending service. Your newsletters are sent from your own Microsoft 365 mailbox through Microsoft Graph. Microsoft, as the operator of your tenant, processes the message and recipient data in the normal course of delivering your mail, under your agreement with Microsoft.
Changes
We will update this page and, where required, notify customers before adding a new subprocessor that processes their personal data. To receive change notifications, contact [email protected].