Trust Center
Sub-Processors
Rock and Welch LLC engages a limited set of trusted sub-processors to help us deliver, operate, and support our services. The list below identifies each sub-processor, its primary processing purpose, and the applicable service.
Last updated March 17, 2026
Sub-Processor List
We review our vendors based on the services they provide and the role they play in the delivery of our products and services. This page is updated as our sub-processor list changes.
| Entity Name | Purpose | Applicable Service | Security Measures |
|---|---|---|---|
| Stripe, Inc. | Payment processing for credit card and bank transfers. | All | Security overview |
| Amazon Web Services, Inc.AWS | Hosting, cloud computing, database, and monitoring services. | All | Compliance overview |
| DigitalOcean, LLC | Hosting, cloud computing and monitoring services. | Veriscan | Security overview |
| MongoDB, Inc.MongoDB Atlas | Hosted database services. | Veriscan | Technical measures |
| GitHub, Inc. | Hosted version control services. | All | Security overview |
| Microsoft CorporationOutlook / Microsoft 365 | Email and conferencing services. | All | Compliance overview |
| ActiveCampaign, LLCPostmark | Communications, email marketing and product notifications provider. | All | Security overview |
How We Use Sub-processors
These third-party sub-processors support core business functions such as infrastructure, payments, communications, and software delivery. They only process data as needed to perform the services we engage them to provide.
Unless otherwise noted, sub-processors listed as All Applicable Services may support any Rock and Welch LLC offering.
This page is updated when sub-processors are added, removed, or materially changed. Rock and Welch also reviews its sub-processors and the data they process at least annually to help ensure this list and related data processing agreements remain current.
For more information about Rock and Welch's security practices or if you have questions about this page, please contact us at contact@ofac-api.com.