Sub-processors
Last updated: 12 July 2026
1. Introduction
Markt AI Ltd (company number 16133663), registered in England & Wales with its registered office at 128 City Road, London EC1V 2NX (trading as Hook), uses a number of third-party providers ("sub-processors") to help us deliver, host, secure, and support the Hook service. This page explains, by category, the types of providers we use, what each category does, and where that processing generally takes place.
We do not publish the names of individual providers on this page. This is a deliberate policy choice to protect our operational and commercial position; it does not change our legal obligations to you, and it does not affect your rights under UK GDPR, EU GDPR, or our Data Processing Agreement (DPA).
A full list of named sub-processors is available to business customers under a non-disclosure agreement (NDA), on request to contact@askhook.com. Where we have signed a DPA with a customer, we will also notify that customer of material changes to sub-processors in accordance with the terms of that DPA.
2. How to read this list
Each category below states its purpose and the general region(s) in which that processing takes place. Where a provider processes personal data outside the UK or EU (in practice, this mainly means the United States), that transfer is safeguarded by the UK International Data Transfer Agreement (IDTA) and/or the EU Standard Contractual Clauses (SCCs), as applicable.
We review and, where necessary, update this list on an ongoing basis as our provider relationships change. This page reflects our current sub-processor categories.
3. Sub-processor categories
| Category | Purpose / function |
|---|---|
| Cloud hosting & infrastructure | Hosting the Hook application, databases, and file storage; running our backend infrastructure. UK/EU preferred where available; some processing in the United States under UK IDTA/EU SCCs. |
| Payment processing | Processing subscription payments, invoicing, and billing on our behalf. Global payment infrastructure; safeguarded transfers under UK IDTA/EU SCCs where processing occurs outside the UK/EU. |
| Product analytics & diagnostics | Understanding product usage, diagnosing errors, and improving the reliability and performance of the service. EU hosting used where available; some processing in the United States under UK IDTA/EU SCCs. |
| Customer support & communications | Operating our in-product support messenger, email communications, and customer service tools. UK/EU preferred where available; some processing in the United States under UK IDTA/EU SCCs. |
| Data-collection providers | Collecting publicly available social media content (for example posts and video metadata) on our behalf from third-party platforms, which we then analyse. Processing may occur in the UK, EU, or United States, safeguarded under UK IDTA/EU SCCs where applicable. |
| AI / machine-learning providers | Performing AI-driven analysis of collected content and powering the Hook assistant and scriptwriter features, under each provider's API terms. Primarily United States, safeguarded under UK IDTA/EU SCCs. These providers do not use customer content or scraped data to train their own general-purpose models where such an option is offered, and we select providers on that basis. |
| Search & indexing infrastructure | Powering the vector search and indexing that make analyses and workspace content retrievable within Hook. UK/EU preferred where available; some processing in the United States under UK IDTA/EU SCCs. |
4. Safeguards for international transfers
Where personal data is transferred outside the UK, we rely on one or more of the following safeguards, as appropriate to the provider and the data in question: the UK International Data Transfer Agreement (IDTA), the EU Standard Contractual Clauses (SCCs) read together with the UK Addendum, or an equivalent adequacy or safeguard mechanism recognised under UK GDPR.
We select providers that offer appropriate contractual and technical safeguards for the personal data they process on our behalf, and we engage all sub-processors under data-protection terms consistent with our obligations to you.
5. Requesting the named sub-processor list
Business customers who require the full named list of sub-processors — for example, to complete their own vendor risk assessment — may request it by emailing contact@askhook.com. We will provide the list under an NDA. A Data Processing Agreement is also available on request — see our Privacy Policy for more on how we handle personal data.
If you have concerns about a specific category of processing, or wish to object to the processing of your personal data, please see our Privacy Policy or contact contact@askhook.com.
6. Changes to this statement
We may update this statement from time to time as our sub-processor categories change. Business customers with a signed DPA will be notified of material changes in accordance with the terms of that DPA.
For any questions about this statement, contact our Data Protection Contact at contact@askhook.com.
7. Governing law
This page is governed by the laws of England and Wales, consistent with our Terms of Service.