We require each subprocessor to maintain appropriate security and to process data only on our instructions. We update this list before adding a subprocessor that processes Customer Content; enterprise customers can subscribe to change notifications via privacy@laplace.ai.
| Provider | Purpose | Data | Region |
|---|---|---|---|
| Stripe | Payments & subscription billing | Billing contact, payment metadata | US / global |
| Cloudflare R2 / AWS S3 | Object storage for datasets, models, artifacts | Customer Content | Configurable |
| Managed Postgres (Render/Neon) | Application database | Account, project & usage metadata | US / EU |
| Modal | GPU compute for training/inference jobs | Customer Content during job execution | US |
| RunPod | Optional GPU compute provider | Customer Content during job execution | US / global |
| Sentry | Error monitoring & diagnostics | Error events, request path, user email | US / EU |
| Anthropic | Optional LLM-assisted goal planning | Prompt text you submit for planning | US |
| OpenAI | Optional embeddings for search | Text submitted for embedding | US |
| Google / GitHub OAuth | Sign-in (if you choose OAuth) | Email, name, OAuth identifier | US / global |
| GitHub | Optional code/notebook export integration | Exported artifacts you initiate | US / global |
| Render / Vercel / Cloudflare | Application hosting & CDN | Request/log metadata | US / global |
Optional providers
Anthropic, OpenAI, RunPod, GitHub, and the OAuth providers are engaged only when you enable the corresponding feature (LLM-assisted planning, semantic search, a specific GPU provider, code export, or OAuth sign-in). If a feature is disabled, no data flows to that provider.