Cloudinary uses service-specific sub-processors to deliver its products and services. These service-specific sub-processors are authorized to process personal data to support the delivery of the Cloudinary services.
Cloudinary evaluates and performs due diligence on the information security practices and data protection compliance of its third-party sub-processors. All third-party sub-processors are required to adhere to all security controls and the protection of personal data, including safeguards to govern international transfers of data.
The sub-processor list is updated regularly. Please check back to this page for any updates. Any objection to the inclusion of a new sub-processor can be made per the process outlined in our Data Processing Agreement. For further information please see Cloudinary’s Data Processing Agreement.
Subprocessor
Purpose of Processing
Corporate Headquarters
Country Where Data is Stored
DPF Certified
AWS
Hosting Services
United States
US. EU and APAC environments are available for enterprise customers per need
![](data:image/svg+xml;utf8,<svg xmlns="http://www.w3.org/2000/svg" width="2732" height="816"><rect width="100%" height="100%"><animate attributeName="fill" values="rgba(153,153,153,0.5);rgba(153,153,153,0.1);rgba(153,153,153,0.5)" dur="2s" repeatCount="indefinite" /></rect></svg>)