Trust Center

Sub-processors

Last reviewed: 2026-05-25

A sub-processor is a third party that may process customer data in the course of providing Compliance Care. This page lists every such party, the region in which they operate for our account, the role they play, the class of data they may see, and the status of the contract that governs their use of that data.

Customers are notified of material additions or changes to this list by email at the tenant-admin address, no fewer than 30 days before the change takes effect (except where a change is required by law or to address a security risk, in which case notice is given as soon as practicable).

Current sub-processors

Sub-processorRegionRoleData classStatus
Anthropic (Claude API)United StatesAI inference for document triage, evidence mapping, and policy drafting.Document text and the specific clause being processed. Identifiers removed where not needed.DPA executed before any production AI feature is enabled. See AI handling.
SupabaseSydney (ap-southeast-2)Primary database (Postgres), authentication, file storage, Row-Level Security.All customer data.Production DPA on file.
Fly.ioSydney (syd)Compute for the authenticated Next.js app and supporting services.All customer data in transit and in working memory during request handling.Production DPA on file.
AWS — TextractSydney (ap-southeast-2)OCR on high-volume structured forms (when routed through that ingest path).Document content of the forms the customer routes through this path.AWS DPA on file.
AWS — S3 (with Object Lock)Sydney (ap-southeast-2)Nightly append-only mirror of the audit-event log. 7-year retention.Audit-event records. No raw participant content.AWS DPA on file.
StripeAustraliaSubscription billing, GST invoicing, AI-credit metering.Tenant billing contact, card last-4, GST invoice data. No participant data.Production DPA on file.
TwilioAustraliaSMS notifications.Recipient phone number; message text carries no participant PII.Production DPA on file.
Resend or Postmark (final selection pending)Australia preferredTransactional email.Recipient email; message text carries no participant PII.Provider selection and DPA execution scheduled before first transactional send. This row is updated when the choice is made.
DocuSign AU or AdobeSign AU (final selection pending)AustraliaE-signature on engagement letters and policies. Available from Month 8 of the operating plan (target 2027-01).Document text routed through the signature workflow.Provider selection and DPA execution scheduled before first signature request. AU residency confirmed before activation. This row is updated when the choice is made.
Sentry (or equivalent error monitoring)Sydney (ap-southeast-2) where available; otherwise scrubbed at the SDK layerApplication error and performance monitoring.Stack traces and request metadata only. PII fields are scrubbed at the SDK layer; no participant content is sent.DPA on file with whichever provider is selected.

Self-hosted on Fly Sydney (not a sub-processor)

These services run inside our Fly Sydney footprint and are listed here for completeness, even though they are not third-party processors:

How we choose a sub-processor

Every prospective sub-processor is assessed against, at minimum: the region of processing (AU preferred; exceptions named in this document); the published data-handling policy; whether they will sign a DPA acceptable to us; their security posture (ISO 27001 or SOC 2 reports requested); and breach-notification SLA.

A sub-processor is not enabled in production until the DPA is executed and the row above is updated.

Removed sub-processors

DateSub-processorReason
(none yet)

Change log

DateChange
2026-05-25Initial publication.

← Back to the Trust Center