// SUBPROCESSORS
Subprocessors
Last updated: 2026-04-28
FiftyCAL relies on a small set of third-party services to deliver the cloud surface. We list them here for transparency and DPA compliance.
| Provider | Purpose | Data handled | Region |
|---|---|---|---|
| Cloudflare | Hosting, edge compute, DNS, DDoS, R2 storage, D1 database, Workers, Email Routing | Account data, session tokens, aggregated stats, marketplace assets, license records | Global edge |
| Dodo Payments | Merchant of record — checkout, tax handling, license issuance webhook | Email, payment metadata (no card data), purchase amount | Global |
| Resend | Transactional email (verify, reset, friend invite, founder welcome) | Email address, message body, bounce/complaint events | US |
| PostHog | Product analytics — sign-up funnel, feature usage, opt-in by user | Anonymized event names + user_id (when signed in) | US |
| Sentry | Crash + error reporting; opt-in by user via Preferences → Advanced | Stack traces, app version, OS version, anonymized user_id | US |
| OpenAI | Whisper transcription (your client calls their API directly with your key, or our paid relay) | Audio file from a single session | US |
| Anthropic | Claude review pass for Hardscope bundles (your client, your key, or paid relay) | Bundle content of a single session | US |
| Google AI (Gemini) | Hardscope video summary (frames sent, transcript returned, video not retained) | Video frames from a single session | US |
| Apple (Sparkle) | App update distribution; Sparkle 2 fetches a signed appcast from our R2 bucket | App version pings | Cloudflare R2 (global) |
We notify registered accounts at least 30 days before adding or replacing a subprocessor where it changes the data handled.
Data Processing Addendum
Enterprise / GDPR controllers can request a signed DPA at dpo@fiftycal.app.