Data Processing Subprocessors
Transparency about the third-party services we use to provide our AI education platform. We carefully vet all subprocessors to ensure they meet our high standards for security and privacy.
Know where your data is processed
We keep this list up to date and will notify you of material changes.
| Name | Purpose | Location | Website |
|---|---|---|---|
| Amazon Web Services (AWS) | Primary cloud hosting, data storage, and computing services for our AI platform | United States, Europe (Frankfurt) | aws.amazon.com |
| Google Cloud Platform | Machine learning model training, natural language processing, and AI inference services | United States, Europe | cloud.google.com |
| Stripe | Processing subscription payments and managing billing for institutional customers | United States, Europe | stripe.com |
| SendGrid | Transactional emails, notifications, and marketing communications | United States | sendgrid.com |
| Intercom | Customer support chat, help documentation, and user communication | United States, Europe (Dublin) | intercom.com |
| Mixpanel | Product analytics, user behavior tracking, and performance monitoring | United States | mixpanel.com |
| Sentry | Application error tracking, performance monitoring, and debugging | United States | sentry.io |
| Cloudflare | Content delivery network, DDoS protection, and web security services | Global network | cloudflare.com |
Our Data Protection Principles
We apply strict standards to all our subprocessors to ensure your data is protected and processed in compliance with privacy regulations.
Data Minimization
We only share the minimum data necessary for each subprocessor to provide their specific service.
Purpose Limitation
Subprocessors can only use data for the specific purposes outlined in our agreements with them.
Security Requirements
All subprocessors must meet our strict security standards and maintain appropriate certifications.
Contractual Obligations
Every subprocessor is bound by comprehensive data processing agreements that ensure GDPR compliance.
Regular Audits
We regularly review and audit our subprocessors to ensure ongoing compliance with privacy requirements.
Incident Response
All subprocessors must notify us immediately of any security incidents or data breaches.
Stay Informed About Changes
We're committed to transparency. We'll notify you of any changes to our subprocessors or data processing practices.
How We Notify You:
- Email notifications for significant changes
- Updates to this page with change dates
- In-app notifications for major updates
- 30-day advance notice for new subprocessors
Your Rights:
- Object to new subprocessors
- Request data processing details
- Access your data processing records
- Contact our Data Protection Officer