Subprocessors
Version 1.0. Effective May 16, 2026.
Ensealed uses the third parties below to operate the service. We give customers at least 14 days notice before adding or replacing a subprocessor that processes customer data. Notice is emailed to the workspace owner on file and re-stated on this page; check back here or watch your inbox.
| Vendor | Purpose | Data processed | Region |
|---|---|---|---|
| Cloudflare Inc. | CDN, Workers runtime, R2 storage, WAF, cookieless analytics | Network metadata, signed PDFs | Global |
| Supabase Inc. | Postgres database, auth, realtime presence | Account, workspace, document metadata, signer records | United States |
| Polar Software Inc. | Billing, tax (Merchant of Record) | Billing address, tax ID | United States, European Union |
| Resend Inc. | Transactional email delivery | Recipient email, message body | United States |
| Anthropic PBC | AI clause review (opt-in feature) | Document text submitted to the feature | United States |
| Functional Software Inc. (Sentry) | Error tracking | Stack traces, request metadata, PII scrubbed | United States |
| PostHog Inc. | Product analytics (opt-in) | Anonymized event data | United States |
| Better Stack | Uptime and incident alerting | Health pings, no customer data | European Union |
| HetrixTools LLC | Uptime monitoring (geographic diversity) | Health pings, no customer data | Global |
| Axiom Inc. | Application logs | Request logs, PII scrubbed | United States |
This list does not include vendors that do not access customer data (for example, our domain registrar or our local development tools).