Sub-processors
Last reviewed: 16 May 2026
PanLuma engages the third parties below to operate the platform. Each is bound by a Data Processing Agreement (DPA) and uses appropriate technical and organisational measures to protect customer data.
This list is reviewed annually and updated whenever a sub-processor is added, replaced, or removed. The authoritative, version-controlled source is docs/security/policies/07-sub-processor-list.md in our repository.
Material additions are communicated to customers in advance per their DPA.
Always-on sub-processors (required for platform operation)
| Sub-processor | Purpose | Region |
|---|---|---|
| Amazon Web Services | Hosting infrastructure: application, database, cache, object storage, CDN/WAF, secrets, logs, DNS. | us-east-1 (N. Virginia) |
| Anthropic (Claude) | LLM provider for in-app AI assistants, AI agents, AI Chat, AI evaluation, and coding tasks. Does not train on API customer data. | United States, EU SCCs |
| Twilio / SendGrid | Transactional email (notifications, password resets, customer-portal invites, support replies). | United States, EU SCCs |
| MaxMind (GeoLite2) | IP-to-geolocation lookup via a local database. No live API calls. | Local processing only |
User-initiated integrations
These sub-processors receive customer data only when a customer explicitly connects the integration. Disconnecting revokes the grant.
| Sub-processor | Purpose | Region |
|---|---|---|
| Gmail, Drive, Sheets, Docs, Calendar, Maps, Google SSO. | United States, EU SCCs | |
| Microsoft | Microsoft SSO, Outlook Mail, Outlook Calendar, OneDrive, Excel. | Multi-region, EU SCCs |
| Notion | Notion workspace access for the connecting user. | United States, EU SCCs |
| OpenAI | Alternative LLM provider — only when the tenant supplies their own API key. | United States, EU SCCs |
| Google Gemini API | Alternative LLM provider — only when the tenant supplies their own API key. | United States, EU SCCs |
Supporting sub-processors
| Sub-processor | Purpose | Region |
|---|---|---|
| PostHog | Product analytics for the application (opt-out available per tenant). | EU (Frankfurt) |
| Plausible | Privacy-first, cookie-free analytics for the marketing site only. | EU (Germany) |
| Serper.dev | Web search service used by AI agents. | United States, EU SCCs |
| OpenRouter | AI model pricing reference data. No customer data sent. | United States |
| Simli | Avatar video generation for the avatar feature. | United States, EU SCCs |
| Deepgram | Speech-to-text for avatar / voice features. | United States, EU SCCs |
| Cartesia | Text-to-speech for avatar / voice features. | United States, EU SCCs |
| E2B | Code-execution sandboxes for the coding module and certain agent tools. | United States, EU SCCs |
| Yahoo Finance | Public financial data. No customer data sent. | United States |
| GitHub | Source-code hosting for PanLuma’s own engineering. No customer data flows at runtime. | United States, EU SCCs |
Pending sub-processors (not yet active)
The integrations below are configured as coming_soon in our catalogue. They do not currently process customer data and will be promoted to the user-initiated list when they go live: Slack, GitHub (as a user-facing integration), Jira, Salesforce, HubSpot, Stripe, QuickBooks, Zendesk.
Questions
For sub-processor questions or to request our customer DPA, email privacy@panluma.ai.