Trust center
Everything you need to vouch for us.
Policies, security posture, sub-processors, and incidents. published openly so security teams don't need a sales call.
Security overview
Architecture, isolation, controls, incident response.
Open
Privacy policy
What we collect, how we use it, your rights.
Open
Data processing agreement
GDPR-compliant DPA covering processor obligations.
Open
GDPR
Data subject rights and our compliance posture.
Open
Acceptable use
What is and isn't allowed on the platform.
Open
Accessibility
Our WCAG 2.2 AA commitment.
Open
Sub-processors
Third parties that may process customer data on our behalf.
| Provider | Purpose | Location |
|---|---|---|
| Managed Postgres provider | Organization databases | EU (chosen per org) |
| Object storage provider | Media + assets | EU (chosen per org) |
| Mailgun | Transactional email | EU |
| Cloudflare | Edge / DNS / WAF | Global |
| GitHub | Source control + CI | Global |
| Sentry | Error tracking | EU |