Subprocessors

Last updated 15 April 2026 · Version 1.0

GetAiVIS uses the following third-party service providers ("subprocessors") to deliver its AI visibility intelligence platform. Each is bound by its own contractual and legal obligations to protect the data entrusted to it. This page is kept current so customers and prospects can review our supply chain at any time.

We will notify active customers by email at least 30 days in advance of adding a new subprocessor that processes personal data, so you have the opportunity to object before the change takes effect.

AI engine providers

These providers execute the prompts that power GetAiVIS scans. We send them the query text and your brand name; we do not send your account email, billing data, or other profile information.

Subprocessor	Purpose	Data processed	Location
Anthropic, PBC	Claude AI engine scans	Prompt text, brand name	United States
OpenAI, L.L.C.	ChatGPT AI engine scans	Prompt text, brand name	United States
Google LLC	Gemini AI engine scans	Prompt text, brand name	United States / EU
Perplexity AI, Inc.	Perplexity AI engine scans	Prompt text, brand name	United States
xAI Corp.	Grok AI engine scans	Prompt text, brand name	United States
DeepSeek (Hangzhou DeepSeek AI Co., Ltd.)	DeepSeek AI engine scans	Prompt text, brand name	People's Republic of China

DeepSeek disclosure: DeepSeek is hosted in the People's Republic of China. Scan prompts sent to this engine leave the EU/UK/UAE. If this is a concern for your organisation, you may disable DeepSeek in your scan settings or contact us for a configuration that excludes it entirely.

Infrastructure & platform

Subprocessor	Purpose	Data processed	Location
Railway Corp.	Application hosting, managed PostgreSQL database	All account, scan, and billing data at rest	United States (primary)
Cloudflare, Inc.	DNS, TLS termination, DDoS protection	Request metadata, IP addresses	Global edge network

Billing & payments

Subprocessor	Purpose	Data processed	Location
Stripe Payments Europe, Ltd. / Stripe, Inc.	Payment processing, subscription billing, invoice storage	Billing email, card token (PCI-compliant), transaction history	Ireland / United States

GetAiVIS does not store full payment card numbers. Card data is handled directly by Stripe in their PCI-DSS-certified environment.

Email & communications

Subprocessor	Purpose	Data processed	Location
Resend, Inc.	Transactional email delivery (verification, receipts, scan reports)	Recipient email, message content	United States

Analytics & marketing (consent-gated)

These run only after you accept cookies on our consent banner. Reject cookies and none of the following receive any data about you.

Subprocessor	Purpose	Data processed	Location
Google LLC (Google Analytics 4)	Aggregated website usage analytics with IP anonymisation	Pseudonymous client ID, anonymised IP, page events	United States / EU
HubSpot, Inc.	Marketing attribution, newsletter, CRM	Form submissions, page visits, email interactions	United States / EU

International transfers

Several subprocessors are located outside the UAE, UK, and EEA. We rely on the following safeguards for international transfers of personal data:

EU Standard Contractual Clauses (2021) for EEA-origin data
UK International Data Transfer Agreement (IDTA) or the UK Addendum to the SCCs for UK-origin data
EU-US Data Privacy Framework certification for US vendors that participate
Adequacy decisions where available

Questions

To request a copy of our current subprocessor list, to object to a proposed new subprocessor, or to ask about specific safeguards, contact privacy@getaivis.ai.