Sub-processors
Last updated:
DDSEMail relies on a short list of named sub-processors to operate. Each provider is contractually required to protect your data and is engaged only for a specific, named purpose. We do not share data with advertising networks. New sub-processors go through a privacy and security review before onboarding.
Current sub-processors
| Provider | Purpose | Data category | Region |
|---|---|---|---|
| Cloudflare, Inc. | Hosting, edge network, KV session storage, Email Routing & Email Sending | All site traffic, encrypted sessions, raw email envelope and body | Global edge |
| Neon, Inc. | Primary application database (Postgres) | Account, practice, alias, and audit-log records | {{TODO: confirm Neon region for this project}} |
| Upstash, Inc. | Rate limiting and ephemeral cache (Redis) | IPs, request counters, short-lived keys | {{TODO: confirm Upstash region}} |
| Resend, Inc. | Transactional email delivery (verification, password reset, alerts, relay fallback) | Recipient address, headers, message content | US |
| Amazon Web Services, Inc. (AWS Bedrock) | Backbone for AI-assisted triage, summaries, and draft replies, using Anthropic Claude | Email content submitted by the user to AI features | {{TODO: confirm AWS region for Bedrock}} |
| Anthropic, PBC | Large language model provider underlying Bedrock-hosted Claude | Email content submitted by the user to AI features | US (via AWS Bedrock) |
Sub-processors covered by the BAA
Where DDSEMail signs a Business Associate Agreement with you, only sub-processors that have a corresponding BAA with us are used for PHI-bearing workloads. The protected alias relay feature is intentionally non-PHI and falls outside the BAA — see BAA overview.
How we add or change sub-processors
- New sub-processors must pass a privacy/security review and contractually agree to equivalent data-protection obligations.
- For BAA-covered customers, material changes are announced in advance via the channels in your order form.
- Vendor health (regional outages, breach disclosures, compliance attestations) is monitored continuously.
Questions or objections
If you have questions about a specific sub-processor or wish to object to a new one, contact {{TODO: privacy contact email}}.