This document is a draft pending legal review. Last updated: April 17, 2026.
Sub-processors
Last updated: April 17, 2026
This page lists the third-party service providers (“Sub-processors”) that AlphaSmith, Inc. [TBD: counsel input] engages to process personal data on behalf of customers and users. It supplements our Data Processing Addendum and is referenced by our Privacy Policy. Last updated: April 17, 2026.
Current sub-processors
| Provider | Purpose | Data categories | Location | Transfer mechanism |
|---|---|---|---|---|
| Stripe, Inc. | Subscription billing and payment processing | Billing contact, payment-card data (tokenized), subscription identifiers | United States | EU SCCs / UK IDTA where applicable |
| Twilio SendGrid, Inc. | Transactional and marketing email delivery | Email address, message content, delivery metadata | United States | EU SCCs / UK IDTA where applicable |
| Anthropic, PBC | AI model inference for daily briefings and natural-language screener translation | Prompt content (tickers, query strings), no personally identifying data by design | United States | EU SCCs / UK IDTA where applicable |
| InMotion Hosting, Inc. | Application hosting, database, and email relay | All categories in transit and at rest | United States | EU SCCs / UK IDTA where applicable |
| RunPod, Inc. | Compute, analytics, and machine-learning inference hosting | Analytical records (tickers, derived analytics) | United States | EU SCCs / UK IDTA where applicable |
| Market-data vendors | Pricing, fundamental, and options data; see the Data Processing Addendum for the current roster | No customer personal data; vendor-provided market data only | United States and other OECD jurisdictions | Covered by vendor data-processing agreements |
Advance notification of changes
We provide at least 30 days’ advance notice of any new or replacement sub-processor used for regulated personal-data processing. To subscribe to these change notifications, email privacy@alphasmith.ai with “Subscribe sub-processor updates” in the subject line. You may object to a new sub-processor on reasonable data-protection grounds; we will work with you in good faith to address the concern before the sub-processor is engaged for your data.
Sub-processor obligations
Each sub-processor is subject to a written contract imposing data-protection obligations substantially equivalent to those in our Data Processing Addendum. Where a sub-processor receives personal data from the EEA, UK, or Switzerland, appropriate transfer mechanisms are in place (including the European Commission’s Standard Contractual Clauses and the UK International Data Transfer Addendum) together with supplementary measures as warranted under our assessment of the recipient jurisdiction.
Contact
Questions about our sub-processors or our data-transfer mechanisms should be directed to privacy@alphasmith.ai.
Questions about this document? Contact legal@alphasmith.ai. For a full list of policies, see all legal documents.