Legal
Sub-processors
Last updated: 2026-05-10. Review this list at least quarterly. Material additions are announced via product changelog + email at least 30 days before activation.
| Sub-processor | Purpose | Data categories | Region (primary) |
|---|---|---|---|
| DigitalOcean | Compute hosting (single-region droplet), DNS | All Customer Personal Data + crawled content at rest on the host volume | NYC (US-East) |
| DigitalOcean Spaces (S3-compatible) | Object storage for generated PDF reports and report exports | Generated reports + share-link assets | NYC |
| Stripe | Payments + invoicing (only used when STRIPE_PROVIDER=stripe) | Billing contact, payment method, invoices, customer ID | US (with EU dual residency where applicable) |
| OpenAI | LLM (analysis enrichment, when LLM_PROVIDER=openai) | Crawled page content + analysis prompts | US |
| Anthropic | LLM (analysis enrichment, when LLM_PROVIDER=anthropic) | Crawled page content + analysis prompts | US |
| Sentry | Error tracking (only when SENTRY_DSN is configured and you opt in via the cookie banner) | Error stack traces, request metadata (emails masked, tokens redacted) | US (EU available) |
| GitHub | Source code hosting + CI/CD (no Customer data) | No Customer Personal Data | US |
How we evaluate a sub-processor before adding
- Security review — SOC 2 Type II or equivalent, TLS posture, data residency.
- Legal review — DPA in place with SCCs/IDTA where applicable.
- Business continuity — at least one viable replacement identified.
- Customer notice — minimum 30 days announcement before processing activation.
Email [email protected] to subscribe to sub-processor change notifications via a dedicated list.