Subprocessors
Last updated: April 14, 2026
This list reflects the architecture of the DocTranslate monorepo. Your production deployment may omit optional providers (Meta, specific OAuth vendors). Keep this page in sync when you add vendors or change regions.
| Subprocessor | Purpose | Typical data | Region notes | DPA / terms |
|---|---|---|---|---|
| Cloudflare | Workers API, D1 database, R2 object storage, Queues, observability logs; optional Web Analytics, Zaraz, Turnstile, and Images when you enable them | Account PDFs, job metadata, sessions, audit rows, queue payloads; optional analytics beacons or challenge telemetry when configured | Per your Cloudflare account and bucket configuration | www.cloudflare.com/cloudflare-customer-dpa/ |
| Stripe | Payments and credit checkout | Billing contact, customer id, checkout metadata (no full PAN stored by us) | Per Stripe entity and settings | stripe.com/legal/dpa |
| Pusher (Channels) | Private realtime document status to the signed-in browser | User id, document ids, status payloads | Per Pusher cluster (for example eu) | pusher.com/legal/dpa |
| Translation HTTP service | Downloads originals via presigned URLs, uploads translations, calls completion webhook | PDF bytes during processing; document ids; short-lived presigned URLs in requests | Where you deploy (for example Cloud Run or Modal region) | Your agreement with the host and any upstream model provider |
| Upstream model providers | Machine translation inside the translation service (when configured) | Content extracted from PDFs per provider API policy | Per provider and enterprise settings | Provider data processing terms (OpenAI, Anthropic, etc.) |
| Meta (optional) | Browser Meta Pixel and Conversions API purchase attribution when environment variables are set and marketing consent is granted | Hashed email, hashed stable user id, purchase value metadata; client events when Pixel loads | Meta infrastructure | www.facebook.com/legal/terms/dataprocessing |
| Microsoft (optional) | Microsoft Clarity session analytics and/or Microsoft Advertising Universal Event Tracking when you enable them and consent matches | Device and usage signals per Microsoft policies; ad identifiers when UET is enabled | Microsoft global infrastructure | www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA |
| LinkedIn (optional) | LinkedIn Insight Tag for B2B ads measurement when enabled and marketing consent is granted | IP-derived signals and page metadata per LinkedIn tag documentation | LinkedIn (Microsoft) infrastructure | legal.linkedin.com/dpa |
| Adobe (optional) | Adobe Experience Platform Web SDK (alloy) for analytics or personalization when you enable it and marketing consent is granted | Identifiers and on-page events per your Adobe datastream configuration | Per Adobe Experience Edge routing | www.adobe.com/privacy/eu-dpa.html |
| Social ad platforms (optional) | TikTok, Pinterest, Snap, or X (Twitter) pixels when enabled via environment variables and marketing consent | Ad and conversion identifiers per each vendor’s pixel documentation | Vendor-defined | Each vendor’s business terms (enable only the vendors you contract with) |
| OAuth identity providers | Social sign-in when you enable a provider in the API environment | Profile identifiers per provider; tokens stored by Melody Auth | Provider-defined | Each provider’s terms (Google, Microsoft, GitHub, …) |
Privacy policy · Cookie notice · Data handling FAQ · Security