On this page
Plain-English summary
- A sub-processor is a third-party company we use to deliver SEO Genius (hosting, databases, email, error tracking, AI calls, SEO data).
- Each sub-processor only receives the data it needs for its specific job.
- We use a Data Processing Agreement (DPA) with each sub-processor that handles personal information. Execution status per vendor is listed in the table below and is being completed before public publish.
- When we add or change a sub-processor, we update this page and email active accounts at least 30 days before material changes take effect.
- You can subscribe to change alerts at the bottom of this page.
1. What is a sub-processor?
A sub-processor is a third party we use to deliver the Service. Each sub-processor only receives the data needed for its function. We use Data Processing Agreements with sub-processors that handle personal information.
We treat sub-processor selection as a privacy decision, not just a procurement decision. Before adding a new vendor that will touch user data, we review:
- What data they will receive
- Where they store it (data residency)
- Whether they have a signed DPA available
- Their security certifications (SOC 2, ISO 27001) where applicable
- Their own sub-processor chain (sub-sub-processors)
2. Current sub-processor list
The table below lists every third party that processes user data on our behalf as of the "Last updated" date above.
Reading the table:
- Vendor: the company name and link to their privacy resources.
- Purpose: what role they play in delivering the Service.
- Data shared: what categories of user data flow to them.
- Data residency: where the data is stored (primary region).
- DPA status: whether we have an executed Data Processing Agreement on file. Any row marked "execution pending" is being completed before public publish; we do not claim execution until it is true.
2.1 Core infrastructure sub-processors
| Vendor | Purpose | Data shared | Data residency | DPA status |
|---|---|---|---|---|
| Supabase (privacy, DPA) | Primary database, authentication, file storage | All tenant data: account profile, connected sites, crawl artifacts, issues, actions, outcomes, memory records, embeddings | United States ([verify region selection, likely us-east-1]) | DPA available; execution pending verification |
| Vercel (privacy, DPA) | Web application hosting and edge runtime | HTTP request data, IP addresses at request time, function execution logs | United States ([verify region]) | DPA available; execution pending verification |
| Cloudflare (conditional, privacy, DPA) | DNS, CDN, WAF, IP geolocation for signup gate | IP addresses, request metadata, country code header | United States and global edge network | Added when activated; DPA available |
2.2 Billing and authentication
| Vendor | Purpose | Data shared | Data residency | DPA status |
|---|---|---|---|---|
| Stripe (privacy, DPA) | Subscription billing, payment processing, invoice management | Name, email, billing address, payment method tokens (we never see card numbers), Stripe customer ID, plan tier, invoice history | United States | DPA auto-incorporated into Stripe Services Agreement |
2.3 Communications
| Vendor | Purpose | Data shared | Data residency | DPA status |
|---|---|---|---|---|
| Resend (privacy, DPA, sub-processors) | Transactional email delivery (OTP, password reset, billing receipts, security alerts) | Recipient email address, recipient name (if provided), email subject, email body, delivery events (sent, delivered, bounced, opened, clicked) | United States | DPA available; execution pending verification |
| Dittofeed (self-hosted; project site) | Marketing email orchestration (drip campaigns, broadcasts) | Recipient email address, subscription state, behavior events, message templates | Self-hosted on our own Supabase / Vercel infrastructure | Self-hosted, no third-party data sharing beyond the underlying infrastructure already listed |
2.4 Observability
| Vendor | Purpose | Data shared | Data residency | DPA status |
|---|---|---|---|---|
| Sentry (privacy, DPA) | Application error tracking, performance monitoring, alerting | User ID, error context, stack traces, route names, breadcrumb events, browser metadata, IP address ([verify PII scrubbing config]) | United States | DPA available; execution pending verification |
2.5 AI and language models
| Vendor | Purpose | Data shared | Data residency | DPA status |
|---|---|---|---|---|
| Anthropic (privacy, DPA via Privacy Center) | Large language model calls (Claude) for niche detection, issue analysis, recommendation generation | Per-call prompts including crawl text excerpts, page URLs, prompt template, response | United States | DPA auto-incorporated into Commercial Terms. Anthropic does not train on Commercial API prompts by default. [Zero Data Retention not asserted unless and until a ZDR agreement is signed.] |
| OpenRouter (privacy, terms, Trust Portal) | Routing layer for embedding model calls | Per-call text payloads sent for embedding (page text, keyword strings, issue descriptions) | United States ([verify provider routing]) | DPA available via Trust Portal; execution pending verification |
2.6 SEO data providers
| Vendor | Purpose | Data shared | Data residency | DPA status |
|---|---|---|---|---|
| DataForSEO (privacy, terms with DPA incorporated) | SERP results, keyword data, ranking data, backlink data | Domain names, keyword queries, location and language parameters | United States and EU per query routing | DPA incorporated into Terms of Service |
| Screaming Frog SEO Spider (self-hosted runner; vendor site) | Site crawling (HTML, headers, meta, internal links) | Website HTML and metadata for sites the user has connected | Self-hosted on our own infrastructure | Self-hosted, no third-party data sharing. License agreement covers the software itself. |
| BrightLocal (conditional, privacy) | Citation tracking, local SEO data, Google Business Profile audits | Business name, address, phone, website URL, category data | United States and United Kingdom | Added when activated; DPA availability pending verification |
2.7 User-connected Google APIs
| Vendor | Purpose | Data shared | Data residency | DPA status |
|---|---|---|---|---|
| Google APIs (Search Console, Analytics 4, Business Profile) (privacy, Google API Services User Data Policy) | User-connected analytics. The User authorizes us via OAuth to read data from their Google accounts. | OAuth refresh tokens (encrypted at rest), returned data from each API: GSC queries / pages / clicks / impressions / positions; GA4 sessions / users / events / conversions; GBP listing details, posts, reviews, photos | United States and global Google infrastructure | OAuth consent + Google API Services User Data Policy govern the relationship. We use Google data only for the user-facing features the User authorized. |
3. Sub-processor changes
3.1 Notification commitment
When we add or change a sub-processor, we will update this page within 7 days of the change taking effect. For material changes, we will email active accounts at least 30 days before the change takes effect.
A material change is any of the following:
- A new vendor that receives a new category of personal information not previously disclosed.
- A change in data residency that moves user data to a new country or region.
- A vendor replacement that materially changes the privacy posture (for example, swapping a SOC 2-attested vendor for one that is not).
Non-material changes (for example, a sub-processor that a current vendor uses changes, but our data flow does not change) will be updated on this page without a separate email.
3.2 Right to object
If you object to a new sub-processor for a material reason, contact us at the address in section 5 before the change takes effect. We will work with you in good faith. If we cannot resolve your objection, your remedy is to cancel your subscription before the change takes effect; we will pro-rate any unused portion of an annual plan per our refund policy.
3.3 Sub-processor selection criteria
We evaluate every prospective sub-processor against the following criteria before adding them:
- DPA availability: the vendor must offer a Data Processing Agreement.
- Security posture: SOC 2 Type 2, ISO 27001, or equivalent independent attestation preferred.
- Data residency: primary storage in the United States preferred during beta.
- Sub-processor chain: the vendor must publish its own sub-processor list.
- Incident history: material unresolved breach history is disqualifying.
4. Subscribe to sub-processor changes
To receive an email when we update this page, contact privacy-updates@rizedigital.io or use the form at [signup form URL, to be added at first publication].
You can unsubscribe from sub-processor change alerts at any time. Unsubscribing does not affect transactional emails (billing, security, account) you receive as a User.
5. Contact
Privacy questions, sub-processor objections, and DPA requests:
Email: privacy@rizedigital.io Mail: Rize Digital, [LEGAL MAILING ADDRESS: pending]
We respond to all privacy and sub-processor inquiries within 5 business days.
Open verifications (before public publish)
[date of first publication], fill on go-live- Supabase region selection (likely us-east-1)
- Vercel primary region
- Supabase, Vercel, Resend, Sentry, OpenRouter DPA execution status (sign + confirm)
- OpenRouter embedding provider routing region
- BrightLocal DPA availability (request via support if not published)
- Sentry PII-scrubbing config confirmation
privacy-updates@rizedigital.iomailbox provisioned and monitored- Sub-processor-change signup form URL
- Legal mailing address
END OF v1 INTERIM. Adopted for beta per N18. Counsel ratification deferred to post-scale.