Last updated: June 18, 2026
This Sub-Processor Disclosure (“Disclosure”) sets out information about the third-party service providers engaged by BitCore AI Ltd (the “Company”, “we”) in connection with the services made available through gpu.ai (the “Platform”), including GPU compute infrastructure, AI inference, APIs, and related services (collectively, the “Services”). It is intended to provide transparency regarding the identity, role, and location of such providers in accordance with applicable data-protection law.
This Disclosure forms an integral part of our Privacy Policy and Data Processing Agreement and should be read in conjunction with them. Capitalised terms used but not defined here have the meaning given to them in the DPA or the Terms of Service.
To provide the Services we engage third-party providers to process personal data on our behalf or on behalf of our customers (“Sub-Processors”). These providers support functions such as infrastructure hosting, data storage, networking, monitoring, security, and operational support. We ensure that each Sub-Processor is bound by contractual obligations no less protective than those in our agreements with customers, including obligations of confidentiality, data protection, and security, and we remain responsible for their acts and omissions to the extent required by applicable law.
Our named first-party infrastructure Sub-Processors are:
In addition, we engage, by category, third-party providers of GPU compute and model-inference services to fulfil compute and inference requests on our behalf. Consistent with our privacy-by-design architecture, we disclose these by category and do not identify individual upstream providers on this page. An enterprise customer may request our detailed, NDA-gated Sub-Processor list.
Engaging Sub-Processors may involve transferring personal data to jurisdictions outside its country of origin. BitCore AI Ltd is established in the Dubai International Financial Centre (DIFC) and our primary application infrastructure is hosted in AWS region us-west-2 in the United States. Where we transfer personal data internationally, we do so under an appropriate legal transfer basis and implement appropriate safeguards — including standard contractual clauses, the UK International Data Transfer Addendum where applicable, or other legally recognised mechanisms — designed to provide an adequate level of protection.
Before engaging a Sub-Processor we undertake appropriate due diligence to assess its ability to meet applicable data-protection and security requirements, including its technical and organisational measures, security certifications, and data-handling practices. Each Sub-Processor is bound by a written agreement imposing data-protection, confidentiality, and security obligations consistent with our obligations to customers.
We may update our Sub-Processors from time to time to reflect changes in our operations, technology, or service delivery. For any material change — including the appointment of a new Sub-Processor that will have access to personal data — we will provide prior notice by updating this page or by other reasonable means. Where required by law or contract, we will give customers an opportunity to object on reasonable data-protection grounds, and we will work in good faith to address such concerns, including by implementing additional safeguards or, where commercially reasonable, offering alternatives.
For questions or requests relating to this Sub-Processor Disclosure, including requests for additional detail about specific Sub-Processors, contact us at support@gpu.ai.