SLA with service credits
Read the SLA
An SLA with numbers and service credits, a downloadable DPA, the subprocessor list, data location and live service status. Everything procurement, your advisors or your DPO need to review — no forms, no NDA.
The six documents and resources a B2B due diligence usually takes weeks to extract from a vendor. Here they are, published.
Read the SLA
View the DPA
See the list
See details
Open the status page
Read the page
No transport-document vendor in Spain publishes its SLA. This is ours, with definitions and compensation. No hidden fine print: the fine print is right here, published.
In force from launch
| Service | Monthly objective | What it measures |
|---|---|---|
| Public inspection download (URL/QR) | 99.9% | Monthly availability of the service answering each document’s public URL. |
| Public API and web panel | 99.5% | Monthly availability of the v1 API and the self-service web application. |
Monthly availability is the percentage of minutes in the calendar month during which the service responds correctly, measured by independent external monitoring from several geographic locations. Results are published on thestatus page, incident by incident.
The following does not count as downtime: scheduled maintenance announced at least 48 hours in advance on the status page (always outside Spanish business hours and never affecting the inspection download), failures of the customer's network or systems, use contrary to theterms of service, and force majeure.
If we close a month below the objective, we compensate with a service credit on that month's spend (plan fee or, for prepaid bundles, its equivalent in document credits):
Claim by email within 30 days of month end, stating the affected dates; we verify against our monitoring and apply the credit to your next invoice or credit balance. The service credit is the exclusive remedy for SLA breaches.
The providers that process data on our behalf. This list is the same one annexed to the DPA: there are no two versions.
| Subprocessor | Service | Data processed | Location | Safeguards |
|---|---|---|---|---|
| Cloudflare, Inc. | Delivery network (edge/CDN), public inspection download service and PDF storage (R2) | Transport document PDFs and technical access logs | Global network; data storage configured in the EU | DPA with Standard Contractual Clauses (SCCs) and EU-U.S. Data Privacy Framework certification |
| Supabase, Inc. (sobre AWS) | Database and panel user authentication | Account data, master data (customers, vehicles, drivers) and document data | EU region (AWS data centre in the European Union) | DPA with SCCs; data remains in the selected EU region |
| Stripe, Inc. | Payment processing and billing | Billing and payment data (card data is handled by Stripe only) | EU / USA | DPA with SCCs and EU-U.S. Data Privacy Framework certification |
| Resend, Inc. | Transactional email delivery (driver links, alerts, notifications) | Recipient email addresses and notification content | USA / EU | DPA with SCCs |
Any addition or replacement is published here and emailed to account administratorsat least 30 days in advance. The contractual detail (safeguards, right to object) is in theDPA.
Where your data lives, without ambiguity.
Who to write to and what you can hold us to.
89daysuntil 5 October 2026
Start with 10 free documents and keep this page for your compliance file.