| Name | Purpose | Data accessed | Location | DPA link | Last updated |
|---|---|---|---|---|---|
| Clerk | User authentication | Email, name, password hash, session tokens | US | DPA | 2026-04-19 |
| Cloudflare | Bot protection (Turnstile) | IP address, user agent | Global | DPA | 2026-04-19 |
| GitHub | Source code hosting (internal only, not customer data) | Code | US | DPA | 2026-04-19 |
| Neon | Primary database | All application data | US (AWS us-east-2 primary) | DPA | 2026-04-19 |
| Resend | Transactional email | Recipient email addresses, message content | US | DPA | 2026-04-19 |
| Stripe | Payment processing | Merchant payout accounts, refund events | Global (US primary) | DPA | 2026-04-19 |
| Upstash | Rate limiting cache | Hashed IP addresses (ephemeral) | Global | DPA | 2026-04-19 |
| Vercel | Application hosting | HTTP logs, function invocations | Global (edge) | DPA | 2026-04-19 |
Subscribe to changes
We notify customers when sub-processors are added, removed, or materially changed. Subscribe to updates via our RSS feed.
For email notifications, contact privacy@axiru.com and we will add you to the change-notification list. The RSS feed is recommended for programmatic monitoring.
Questions?
If you have questions about our sub-processors or data processing practices, contact us at privacy@axiru.com.