Transparency
Last updated: May 2026
Cisora uses the following third-party sub-processors to deliver our services. Each sub-processor is bound by data protection obligations no less protective than those in our Data Processing Addendum. We review and update this list as our infrastructure changes.
| Sub-processor | Purpose | Location | Data shared |
|---|---|---|---|
| Amazon Web Services (AWS) | Infrastructure, RDS, ECS, Secrets Manager | ap-south-1 (Mumbai), us-east-1 | Event data, agent telemetry |
| Resend | Transactional email | United States | User email addresses |
| Stripe | Billing and payments | United States | Name, email, payment info |
| Anthropic | AI model inference (via Cisora gateway) | United States | Prompts when gateway is used |
| OpenAI | AI model inference (via Cisora gateway) | United States | Prompts when gateway is used |
| Vercel | CDN, edge functions | Global | Request metadata |
| Cloudflare | DNS, DDoS protection | Global | IP addresses |
| HuggingFace | ML inference for injection detection | United States | Prompt text samples |
Purpose: Infrastructure, RDS, ECS, Secrets Manager
Location: ap-south-1 (Mumbai), us-east-1
Data shared: Event data, agent telemetry
Purpose: Transactional email
Location: United States
Data shared: User email addresses
Purpose: Billing and payments
Location: United States
Data shared: Name, email, payment info
Purpose: AI model inference (via Cisora gateway)
Location: United States
Data shared: Prompts when gateway is used
Purpose: AI model inference (via Cisora gateway)
Location: United States
Data shared: Prompts when gateway is used
Purpose: CDN, edge functions
Location: Global
Data shared: Request metadata
Purpose: DNS, DDoS protection
Location: Global
Data shared: IP addresses
Purpose: ML inference for injection detection
Location: United States
Data shared: Prompt text samples
Need a signed Data Processing Addendum that covers these sub-processors?
Review DPA →