Subprocessors
Effective 2026-06-14
A “subprocessor” is any third party we engage to process customer data on our behalf. We list every one of them below, along with what they do, where they sit, and what categories of customer data they handle. This page is the canonical reference cited by our Privacy Policy and any signed Data Processing Agreement (DPA).
Notification of changes
We notify customers on Team and Enterprise plans at least 30 days before adding a new subprocessor that processes their data. Notifications go to the billing contact on file. Free, Pro, Pro+, and API Pro customers can subscribe to material changes by emailing [email protected]with “subprocessor updates” in the subject line.
Current subprocessors
| Subprocessor | Purpose | Data categories | Location |
|---|---|---|---|
| Supabase | Database, authentication, file storage | Account, profile, holdings, alert subscriptions, ledger rows | United States |
| Vercel | Hosting, edge network, build CI, performance analytics | Request logs, IP (transient), Core Web Vitals | United States |
| Stripe | Payment processing, subscription billing | Billing email, payment method tokens — card data never touches us | United States |
| Resend | Transactional email + magic-link delivery | Email address, message content for alerts and auth flows | United States |
| Anthropic | AI analyst — Claude API for /chat tool calls | User-typed messages + dataset rows fetched during the conversation. Anthropic does not train on this data per their commercial terms. | United States |
| PostHog | Product analytics — optional, user-consented | Anonymous user ID, page views, feature events. Disabled if you opt out of analytics cookies. | United States / EU |
| Telegram | Telegram bot — alert delivery only | Telegram chat ID + alert payload. We do not pull anything back from Telegram. | Global |
| Slack | Alert delivery to user-configured Slack workspace webhooks | Alert payload (subscribed entity, purchase data). Endpoint is provided by the user; we never contract with Slack on behalf of the user's workspace. | United States |
| Discord | Alert delivery to user-configured Discord channel webhooks | Alert payload (subscribed entity, purchase data). Endpoint is provided by the user; we never contract with Discord on behalf of the user's server. | United States |
| mempool.space | BTC watch-only wallet balance lookups (Personal Stack) | User-supplied watch-only BTC address (public on the blockchain). Queried outbound only. | Global CDN |
| blockstream.info | BTC watch-only wallet balance fallback (Personal Stack) | User-supplied watch-only BTC address (public on the blockchain). Queried outbound only. | Global CDN |
| Etherscan | ETH watch-only wallet balance lookups (Personal Stack) | User-supplied watch-only ETH address (public on the blockchain). Queried outbound only. | Global CDN |
| A-ADS | Free-tier advertising — privacy-focused cookieless ad units | No customer data sent; ad iframes load directly from the publisher domain. Free tier only; paid plans see no ads. | Global CDN |
| Coinzilla | Free-tier advertising | May set advertising cookies to measure ad performance. Free tier only, and only after you accept optional cookies; paid plans see no ads. | Global CDN |
| Bitmedia | Free-tier advertising | May set advertising cookies to measure ad performance. Free tier only, and only after you accept optional cookies; paid plans see no ads. | Global CDN |
| CoinGecko | Cryptocurrency market data | No customer data — outbound only | Global CDN |
| CryptoCompare | Historical cryptocurrency price data | No customer data — outbound only | Global CDN |
| Bitbo | Public corporate-treasury reference data | No customer data — outbound only | Global CDN |
| alternative.me | Fear & Greed Index data | No customer data — outbound only | Global CDN |
| Cloudflare | Turnstile bot-protection challenge on sign-in / sign-up | Transient bot-check session token. No persistent personal data; widget enforced at the Supabase Auth project level. | Global edge |
| ScrapingBee | Renders public third-party pages for data ingestion (ETF flows, sponsor / IR pages) | No customer data — outbound only. | United States |
| Polygon.io | US equity price data for market-cap figures | No customer data — outbound only (ticker queries). | United States |
Sub-subprocessors
Some subprocessors above use their own subprocessors (for example, Vercel uses AWS for compute and Cloudflare for parts of its edge network; Supabase uses AWS for managed Postgres). Each vendor publishes their own subprocessor list and notification policy; we treat their disclosures as authoritative for the downstream layer.
How we vet subprocessors
- Each new vendor is evaluated for security posture, data-residency story, and contractual willingness to sign a DPA before any production traffic reaches them.
- We sign a DPA (or equivalent contractual obligations) with every subprocessor that handles personally identifiable customer data.
- Outbound-only data sources (CoinGecko, CryptoCompare, Bitbo, alternative.me) do not receive customer data and are listed for transparency rather than as contractual subprocessors.
Questions
For DPA execution, security questionnaires, or escalations: [email protected]. For data-rights requests under GDPR / CCPA / CPRA: [email protected]. To report a suspected security issue at any subprocessor or our service: [email protected].