Sub-processors
Last updated: June 2, 2026
We rely on a small set of third-party services to run website-automation. Each is contractually bound to handle your data only on our instructions and to keep it secure (a Data Processing Agreement, where applicable under GDPR Article 28). This page lists every sub-processor and what we share with each.
If you need a copy of a DPA, or you want to object to a sub-processor on specific grounds, email tahakutays@gmail.com. We commit to a response within 30 days.
Current sub-processors
| Service | Purpose | Data shared | Region |
|---|---|---|---|
| Supabase | Database, authentication, file storage | Email, profile metadata, generated site content, product/order rows, hashed IP | EU (Frankfurt) |
| Vercel | Application hosting + custom domain CDN | Request logs, IP, user-agent, deployed code | Global (edge), primary US |
| Anthropic | AI site generation (Claude) | Your generation prompt and the structured SiteSpec response | US |
| Stripe | Subscription billing + Stripe Connect for sellers | Email, billing address, card details (collected by Stripe directly), subscription metadata | Global, primary US/Ireland |
| Resend | Transactional email (magic-link sign-in, receipts) | Recipient email, message content | US |
| Unsplash | Photo search for generated sites | Search query (derived from the AI prompt); no user identifiers sent | Canada / US |
| Pollinations | AI image generation fallback when Unsplash has no result | Image prompt (no user identifiers) | Global |
International transfers
Some of the providers above process data outside the EU/EEA. Where that's the case we rely on the European Commission's Standard Contractual Clauses (SCCs) built into each provider's DPA, plus supplementary safeguards (encryption in transit and at rest, access controls).
Changes
If we add, replace, or remove a sub-processor we update this page and email account holders at least 14 days in advance. You can object to a new sub-processor by contacting us; if we can't resolve the objection you may cancel your subscription and we will refund any unused prepaid period.