Proyecta ("we," "us," or "our") engages the following third-party service providers ("subprocessors") to process personal data on our behalf in connection with providing the Services. This list supplements our Privacy Policy and Terms of Service.
1. Updates to This List
We may update this list from time to time as our infrastructure changes. The "Last updated" date below reflects the most recent change. Customers with active enterprise agreements will receive subprocessor change notices as specified in their Data Processing Addendum.
If you have concerns about a particular subprocessor, contact privacy@proyecta.dev and we will work with you in good faith to address them.
2. Hosting and Infrastructure
| Subprocessor | Purpose | Data Processed | Location |
|---|---|---|---|
| Google LLC (Google Cloud Platform) | Cloud hosting, storage, compute, managed databases (including Memorystore for Redis), Vertex AI image generation | All customer Content, account data, runtime environments | United States |
| Cloudflare, Inc. | Content delivery, DDoS protection, WAF, DNS | Request metadata, IP addresses, headers | Global edge network |
| Convex, Inc. | Backend-as-a-service for customer-built applications (auto-provisioned per prototype) | Customer application data created within Proyecta-built apps | United States |
3. AI and Machine Learning
| Subprocessor | Purpose | Data Processed | Location |
|---|---|---|---|
| Anthropic, PBC | Large language model inference (Claude) | Prompts, code, conversation context, file contents | United States |
| OpenAI OpCo, LLC (a subsidiary of OpenAI Group PBC) | Large language model inference | Prompts, code, conversation context | United States |
| Google LLC (Gemini API, Vertex AI) | Language model inference, image generation (Imagen) | Prompts, code, image-generation requests | United States |
| Deepgram, Inc. | Speech-to-text transcription | Voice audio submitted to voice features | United States |
| Eleven Labs Inc. | Text-to-speech synthesis | Text submitted for voice synthesis | United States |
| AlphaAI Technologies Inc. (d/b/a Tavily) | Website content extraction for business-context ingestion | URLs submitted by customers and the resulting scraped content | United States |
4. Communications and Customer Support
| Subprocessor | Purpose | Data Processed | Location |
|---|---|---|---|
| SendGrid, Inc. (a Twilio company) | Transactional email delivery (welcome, password reset, invitations, notifications) | Recipient name, email address, message content | United States |
| J2 Martech Corp. (d/b/a Kickbox) | Email address validation at signup | Email addresses submitted during account registration | United States |
| Intercom, Inc. | In-app messaging and customer support | Customer name, email address, support conversations, attachments, IP address | United States |
| Zendesk, Inc. | Customer support ticketing | Customer name, email address, support conversations, attachments | United States |
5. Analytics, Monitoring and Fraud Prevention
| Subprocessor | Purpose | Data Processed | Location |
|---|---|---|---|
| Twilio Inc. (Segment) | Customer data platform — routing of analytics events | Event payloads, user identifiers, IP addresses | United States |
| PostHog, Inc. | Product analytics and session replay | User identifiers, behavioral events, session recordings, IP addresses | United States |
| Functional Software, Inc. (Sentry) | Application error monitoring and performance tracing | Stack traces, user identifiers, IP addresses, request payloads when an error occurs | United States |
| IPinfo Inc. | IP geolocation enrichment | IP addresses | United States |
| Castle Intelligence, Inc. | Device fingerprinting and fraud-risk scoring on sensitive actions (signup, login, message, install, checkout) | Device fingerprints, IP addresses, user agent, behavioral signals, user identifiers when authenticated | United States |
6. Payments and Billing
| Subprocessor | Purpose | Data Processed | Location |
|---|---|---|---|
| Paddle.com Market Limited | Merchant of record — payment processing, billing, tax collection and remittance, chargebacks | Customer name, billing address, email, payment instrument metadata (Paddle does not share full card numbers with us), country, tax identifiers | United Kingdom |
7. Integrations You Authorize
When you connect a third-party service to your account (such as GitHub, Slack, Notion, Linear, or Figma), we receive the data scopes you authorize. These services act as independent controllers of the data within their own systems and are governed by their own terms and privacy policies — they are not subprocessors of Proyecta. We integrate with:
- GitHub, Inc. (source repositories, pull requests, CI metadata)
- Slack Technologies, LLC (bot integration where you install our app)
- Notion Labs, Inc.
- Linear Orbit, Inc.
- Figma, Inc.
- Atlassian Pty Ltd (where applicable)
You may revoke access to any of these integrations at any time through the respective service's settings.
8. Contact
Questions about this list or our use of subprocessors:
- Privacy: privacy@proyecta.dev
- Legal: legal@proyecta.dev