Every third party that processes any customer data on our behalf. Updated whenever we add or remove one — we email customers 30 days in advance of any change.
| Provider | Purpose | Data category | Region |
|---|---|---|---|
| Supabase (US, Inc.) | Application database (Postgres) and authentication for the portal. | Account data, tenant configuration, incident metadata. | UAE / EU / AU regional shards |
| DigitalOcean LLC | Hosting for the collector API and event ingestion pipeline. | Security telemetry in transit and at rest. | SGP1 (UAE/APAC), FRA1 (EU), SYD1 (AU) |
| Vercel Inc. | Hosting for the customer portal frontend and marketing site. | No personal data — static assets only. | Global edge |
| Cloudflare Inc. | DNS, CDN, DDoS mitigation, WAF for all public endpoints. | Request metadata (IP, user-agent, URL). | Global edge |
| ClickHouse Inc. | Event analytics database for high-volume security telemetry. | Security events (normalised). | Same region as customer |
| Provider | Purpose | Data category | Region |
|---|---|---|---|
| Anthropic PBC | Frontier LLM powers AI Guardian — analyst-grade incident triage. | Incident metadata (process name, hash, user, MITRE technique). No file content. | US (with no-train commitment) |
| Abuse.ch (MalwareBazaar) | Hash-based threat intelligence feed for the detection cascade. | SHA256 hashes only (no PII). | CH |
| AT&T AlienVault OTX | IP / domain / URL threat-intel feed. | Network IoCs (no PII). | US |
| Provider | Purpose | Data category | Region |
|---|---|---|---|
| Resend, Inc. | Transactional email — incident alerts, billing, password reset. | Email address, display name, alert content. | US |
| Twilio Inc. | SMS and voice escalation for critical incidents. | Phone number, message content. | US (with regional routing) |
| Slack Technologies | Slack-native incident notifications (opt-in per tenant). | Channel mappings, incident summaries. | US |
| Provider | Purpose | Data category | Region |
|---|---|---|---|
| Stripe Payments Europe Ltd. | Card processing, subscription billing, invoicing. | Billing contact, tax info, payment tokens (no PAN). | IE (EU) for EU, US otherwise |
| WorkOS Inc. | SSO and SCIM provisioning for Enterprise customers. | Email, name, SSO assertions. | US |
| Provider | Purpose | Data category | Region |
|---|---|---|---|
| Plausible Insights OÜ | Privacy-respecting marketing-site analytics. No cross-site tracking, no fingerprinting. | Aggregated page views, referrer, country. | EE (EU) |
| Provider | Purpose | Data category | Region |
|---|---|---|---|
| GitHub, Inc. | Source-code hosting and CI/CD pipelines. | No customer data. Code only. | US |
| Linear Orbit, Inc. | Engineering ticket tracking. | Internal — customer data not stored here. | US |
| Sentry (Functional Software, Inc.) | Error tracking for the portal and collector. | Stack traces (scrubbed of PII). | US |
Region = where data is stored. Customer data residency follows the tenant's selected region (UAE / EU / AU). Some providers run globally; customer data is pinned to the selected region by configuration.
We notify customers in writing at least 30 days before adding a subprocessor that processes customer data. Subscribe to the notification list by emailing [email protected]. Removals are notified after the fact.
Questions about a specific subprocessor or a regional deployment? Email [email protected].