Subprocessors
Last updated: 2026-06-08
To operate Connected we use the technical service providers below. We do not sell personal data and we do not use advertising networks. Each provider processes data only on our instructions under a data processing agreement.
Current subprocessors
Supabase
Purpose: Hosting, Postgres database, authentication, file storage
Data: Account, profile, content, uploads (avatars, post images/videos, attachments, logos)
Location: EU (Frankfurt)
Transfer mechanism: Within EEA
Didit
Purpose: Identity verification (KYC) and company verification (KYB)
Data: Identity document, biometric/liveness data, and verification result. Connected stores only a session reference + verdict; documents/biometrics are held by Didit (6-month retention)
Location: EU/EEA (confirm in DPA)
Transfer mechanism: SCCs where applicable; per Didit DPA
Vercel
Purpose: Application hosting / edge delivery
Data: Request metadata, server logs
Location: EU region + global edge
Transfer mechanism: SCCs where applicable
OpenAI
Purpose: AI features: search, company audit, moderation, topic classification, referral message generation
Data: The specific content needed for each feature (minimised)
Location: USA
Transfer mechanism: EU Standard Contractual Clauses; not used for model training under API terms
Resend
Purpose: Transactional email delivery
Data: Email address, message content
Location: USA
Transfer mechanism: EU Standard Contractual Clauses
Web Push services (browser vendors)
Purpose: Delivery of push notifications you opt into
Data: Push endpoint + keys, notification payload
Location: Global (per browser vendor)
Transfer mechanism: As provided by the browser vendor
Changes
We may add or replace subprocessors as the product evolves. Material changes will be reflected here. For questions contact hello@get-connected.network.