This page lists the third-party service providers ("Subprocessors") that ElasticD3M, LLC engages to deliver the Aegis AI™ Services. The Data Processing Addendum governs how Subprocessors handle Personal Data. We give Customer at least thirty (30) days' advance notice of any new Subprocessor that will process Customer Personal Data, with a right to object.
Trade-compliance note. All listed Subprocessors are U.S.-domiciled or are bound by Standard Contractual Clauses with comparable trade-compliance covenants. None are organized in or operated from an OFAC-embargoed jurisdiction. ElasticD3M, LLC reviews Subprocessor sanctions status at onboarding and at least annually.
Active Subprocessors
| Subprocessor | Purpose | Data Scope | Location |
|---|---|---|---|
| Stripe, Inc. | Payment processing for the Multi-Framework Readiness Snapshot and monthly subscriptions; consent collection and OFAC certification at checkout. | Billing identity, payment method (Stripe stores card data; we receive only metadata). | United States (Delaware). stripe.com/privacy |
| Cloudflare, Inc. | Hosting, CDN, DNS, WAF, bot management, and Cloudflare Web Analytics for ai4ciso.ai. No cookies on the analytics product. | Technical metadata (IP, user-agent, request paths); no Customer Data payload. | United States (global edge). cloudflare.com/privacypolicy |
| Amazon Web Services, Inc. | Cloud infrastructure for storage (S3), key management (KMS), scan execution, and document rendering. | Customer Data (configuration metadata, deliverables), identity / contact information. | United States (us-east-1, us-west-2). aws.amazon.com/privacy |
| Resend, Inc. | Transactional email delivery (welcome emails, deliverable notifications, support replies, board-narrative attachments). | Identity / contact information, email message contents. | United States. resend.com/legal/privacy-policy |
| Anthropic, PBC | Large-language-model inference for AI-driven document generation (Claude API) underpinning control narratives, evidence-binder summaries, board narratives. | Configuration metadata and intake responses passed as model input; outputs are deliverable contents (control narratives, risk-register entries, POA&M items, board narrative drafts). | United States. Per Anthropic's commercial terms, model inputs are not used to train models and outputs are not retained beyond inference except as required for security and abuse detection (30-day rolling retention). anthropic.com/legal/privacy |
| Sentry (Functional Software, Inc.) | Application-error telemetry and performance monitoring for the production backend. | Stack traces, request metadata, scrubbed parameters; no Customer Data payload by configuration. | United States. sentry.io/privacy |
| Railway Corp. | Application hosting and deployment for the backend services that orchestrate scans, deliverable rendering, and webhook handling. | Customer Data in transit and at rest within the application boundary. | United States (multi-region). railway.com/legal/privacy |
| PostgreSQL Managed Database (AWS RDS) | Managed relational database service for customer, subscription, deliverable-cycle, and audit-log state. | Identity / contact information, account metadata, deliverable references, audit-log records. | United States (us-east-1, us-west-2). Backups encrypted with AWS KMS. |
How We Manage Subprocessors
- Due diligence at onboarding: Each Subprocessor is evaluated for security posture, applicable compliance certifications (SOC 2 Type II, ISO 27001, PCI-DSS where applicable), and contractual commitments substantially equivalent to those in our DPA. Sanctions and denied-party screening is run at onboarding.
- Annual review: Active Subprocessors are reviewed at least annually for continued compliance, updated certifications, and material changes in ownership or jurisdiction.
- Contractual flow-down: Each Subprocessor is bound by data-protection obligations no less protective than those in our DPA with Customer, including SCCs / UK IDTA where personal data crosses jurisdictional boundaries.
- Change notice: Customer receives at least thirty (30) days' advance notice of any new Subprocessor that will process Customer Personal Data, via update to this page and email to the primary account contact.
Right to Object
If Customer objects to a new Subprocessor, Customer may notify ElasticD3M, LLC in writing within thirty (30) days of the notice. The parties will work in good faith to resolve the objection (for example, by configuring the Services to avoid the new Subprocessor for Customer's account). If the parties cannot resolve the objection, Customer may terminate the affected portion of the Services and receive a pro-rata refund of any unused prepaid fees.
Contact
Subprocessor questions or objections: [email protected]
Last Updated: May 12, 2026 · Version: 2.0