zillo
Use casesInspirationComparePricing
Sign inStart selling
zillo
zillo

Stop missing revenue. Be selling in 5 minutes. Built in Sydney, launching across Australia and Aotearoa New Zealand.

Start selling →·Sign in

Sell

  • Products
  • Gift cards
  • Vouchers
  • Tickets
  • Experiences
  • Memberships
  • Bookings

Resources

  • Use cases
  • Inspiration
  • Compare
  • Glossary
  • AI shopping
  • Developers
  • Brand assets

Company

  • About
  • How it works
  • Pricing
  • Pro
  • Help

Legal

  • Terms of service
  • Privacy policy
  • Acceptable use
  • Cookies
  • Security
  • Sub-processors
  • Data processing

© 2026 Pocket Labs Pty Ltd (ABN 93 695 191 621). Sydney, NSW, Australia.

Available now in Australia and Aotearoa New Zealand. Payments held by Stripe.

Last updated 8 June 2026

Sub-processors

Zillo uses a small number of carefully selected third-party services to deliver the platform. This page lists every sub-processor that may process personal data on behalf of merchants, what they do, where they're located, and how to find their data-protection documentation.

This page is incorporated by reference into our Data Processing Addendumas Annex III. We review the list when we add or remove a vendor; if you'd like at least 30 days advance notice of changes — typically required by enterprise data-protection agreements — email privacy@zillo.appand we'll add you to the change-notice list.

Sub-processorCategoryPurposeRegionDocumentationLast reviewed
StripePaymentsCard processing, payouts to merchants, KYC, dispute handling, Connect onboarding, Terminal (POS).USA / Australia / EEADPAMay 2026
Amazon Web Services (AWS)Cloud infrastructureApplication hosting, edge delivery (CloudFront), transactional email (Amazon SES), DNS (Route 53), object storage (S3).Australia (ap-southeast-2)GDPR CenterJune 2026
SupabaseDatabase & authPostgres database, authentication, file storage. Runs on AWS infrastructure.Australia (ap-southeast-2, on AWS)DPAJune 2026
AnthropicAI servicesPowers the AI Builder, product inference, and support assistant. Prompts are not used to train models per our DPA.USADPAJune 2026
UnsplashStock imageryStock placeholder images suggested by the AI Builder during onboarding. No personal data shared.Canada / USAPrivacy policyJune 2026

International transfers

Zillo's production infrastructure runs in Australia (ap-southeast-2). Several sub-processors above operate in the USA or EEA. Where personal data is transferred internationally we rely on Standard Contractual Clauses (SCCs) and the adequacy decisions applicable to the relevant transfer corridors.

Customer support

Our support team is based in Australia. When you contact support, the conversation content is held in our own database (no third-party ticketing system) and processed by the staff member handling your case.

How we add or change sub-processors

Before onboarding a new sub-processor we review their certifications (SOC 2, ISO 27001, PCI DSS where relevant), their published security posture, and where they operate. A signed Data Processing Agreement is in place with every sub-processor on this list.

Questions

Email privacy@zillo.app for DPA copies, SCC addendums, or to be added to the change-notice list.