A complete list of every third-party service that processes customer data on our behalf. Each subprocessor is contractually bound to protect customer data. We update this list within 30 days of any material change.
Cadence uses the third-party services listed below ("Subprocessors") to operate the platform. Each Subprocessor is contractually bound to protect customer data. We update this list within 30 days of any change. To receive advance notice of changes, email subscribe@renovaagentinc.com.
| Subprocessor | Purpose | Data processed | Location |
|---|---|---|---|
| Vercel, Inc. | Hosting and web infrastructure | All customer-facing requests; static and serverless functions | United States |
| Supabase, Inc. | Managed Postgres database | All customer data at rest | United States |
| Stripe, Inc. | Payment processing | Subscription billing details; payment card tokenization | United States |
| Twilio, Inc. | SMS delivery | Outbound SMS content and recipient phone numbers | United States |
| Resend | Transactional and automated email delivery | Outbound email content and recipient addresses | United States |
| Anthropic, PBC | AI inference (Claude API) | Email and lead text submitted to AI features. Not used to train Anthropic models. | United States |
| Google LLC | OAuth sign-in (Google), Google Sheets integration (when enabled) | Email address; integration-specific data when enabled | United States |
| Microsoft Corporation | OAuth sign-in (Microsoft / Outlook), Excel integration (when enabled) | Email address; integration-specific data when enabled | United States |
| Sentry | Error monitoring | Stack traces and request metadata; never customer data fields | United States |
| Cloudflare, Inc. | Edge networking and DNS (via Vercel/Netlify routing) | Request metadata | United States |
| Netlify, Inc. | Domain and DNS for renovaagentinc.com | Public DNS records | United States |
Before engaging any new subprocessor that processes customer data, we review their publicly available security posture (SOC 2 report under NDA where available, Privacy Policy, incident history). Subprocessors processing customer data must offer a Data Processing Agreement (DPA). Each subprocessor is reviewed annually for continued service, current attestation status, and any publicly reported security incidents.
If you have questions about how a specific subprocessor handles your data, including requests for that subprocessor's SOC 2 report or Data Processing Agreement, email privacy@renovaagentinc.com.
Email subscribe@renovaagentinc.com to be added to our subprocessor change notification list.