Third parties

Technical subprocessors

This is the intended private-beta provider boundary. The customer-specific signed DPA must name the actual configured providers, regions, runner host, and transfer safeguards before a portal is connected.

Last updated 18 July 2026 · private beta

Provider inventory

ProviderPurposeLocation / transfer
SupabaseDatabase and authenticationFrankfurt, EU
VercelApplication and API computeFrankfurt, EU; verify deployment
InngestBackground orchestrationEU environment
ScalewayIndependent encrypted dumpsParis, EU
SentryScrubbed error monitoringEU region
PostHogPlaceholder-only aggregate pageviewsEU Cloud
PlausibleCookie-free aggregate pageviewsEU Cloud
ResendOperational emailIreland dispatch; metadata may be stored in the US
GitHubSource, Actions control plane, and environment-secret deliveryGlobal control plane / potential US transfer; customer dumps use separate ephemeral EU compute

Payload limits

CRM property values are not intentionally sent to notification email, analytics, or GitHub-hosted compute. Sentry and analytics are scrubbed and limited as described in the signed security schedule. GitHub and the dedicated backup runner still form a credential/live-database trust boundary; workflow and environment changes require controlled review.

Changes

Private-beta subprocessor changes are communicated under the signed DPA. Questions or objections can be sent to hello@restor.eu.