Skip to main content

FrootAI — AmpliFAI your AI Ecosystem Get Started

Back to Trust Center

Sub-processors

These are the third parties that process personal data on FrootAI's behalf to deliver the service. We give customers at least 30 days' notice before adding a new sub-processor, per our DPA §6.

Last updated: 2026-06-21

Cloudflare

EU residency

Hosting, CDN, edge compute, D1/R2/KV storage, Zero Trust admin access.

Data:
Request metadata, IP addresses, stored application data (D1/R2/KV).
Region:
Global (EU jurisdiction available)
Vendor DPA

Clerk

EU residency

User authentication, sessions, and organization management.

Data:
Email, name, IdP subject id, org membership, session metadata.
Region:
US / EU
Vendor DPA

Plausible Analytics

EU residency

Cookieless, privacy-first web analytics.

Data:
Aggregate page views, referrers, low-cardinality event tags (no PII).
Region:
EU (Germany / Netherlands)
Vendor DPA

Postmark

Transactional email delivery (sign-up, billing, security notices).

Data:
Recipient email address, message content.
Region:
US
Vendor DPA

Stripe

Payments, subscriptions, and invoice billing.

Data:
Billing contact email + name, payment metadata (card data tokenized by Stripe).
Region:
EU / US
Vendor DPA

WorkOS

EU residency

Enterprise SAML SSO + SCIM directory-sync federation broker.

Data:
Email, name, IdP subject id, directory group membership.
Region:
US / EU
Vendor DPA

FrootAI itself is the data processor for B2B customers (who are controllers). Enterprise customers may elect EU-only data residency, in which case only the EU-residency-capable sub-processors above are used. See the DPA and data protection pages.