Third-party services that process Reclaim Protocol data, their purpose, and where the data lives.
We use the following third-party services to operate Reclaim Protocol. Each subprocessor is contractually bound to the same data protection standards we uphold, and we maintain an up-to-date record of what data each one processes, where it is located, and their own compliance posture.
| Subprocessor | Purpose | Data Processed | Location | Compliance | Trust Page |
|---|---|---|---|---|---|
aws Amazon Web Services | Cloud infrastructure (compute, storage, databases) | Session metadataProof dataEncrypted logsTEE (Nitro Enclave) | IN — ap-south-1, EU — eu-north-1 | SOC 2ISO 27001GDPRHIPAA | Trust Page |
Google Cloud Platform | TEE confidential compute (TEE_T) | TEE attestation data | US — us-central1 | SOC 2ISO 27001GDPR | Trust Page |
Firebase (Google) | Admin authentication (Google OAuth) | Admin emailOAuth tokens | US | SOC 2ISO 27001GDPR | Trust Page |
A Anthropic | AI analysis for PII, security, and whitepaper checks | Source code snippetsSession log samples (PII audit only) | US | SOC 2 | Trust Page |
GitHub | Source code hosting and Dependabot supply-chain alerts | Source codeDependency vulnerability alerts | US | SOC 2ISO 27001GDPR | Trust Page |
Vercel | Hosting for the Trust Portal and developer portal | HTTP request logsBuild artifacts | US / Global edge | SOC 2ISO 27001GDPR | Trust Page |
# Slack | Internal alert notifications (admin only) | Alert summaries (no end-user data) | US | SOC 2ISO 27001GDPR | Trust Page |
Cloud infrastructure (compute, storage, databases)
Data Processed
TEE confidential compute (TEE_T)
Data Processed
Admin authentication (Google OAuth)
Data Processed
AI analysis for PII, security, and whitepaper checks
Data Processed
Source code hosting and Dependabot supply-chain alerts
Data Processed
Hosting for the Trust Portal and developer portal
Data Processed
Internal alert notifications (admin only)
Data Processed