Subprocessors & third-party services
Last Updated: May 2026
PhotoHeirloom uses trusted third-party service providers (subprocessors) to help deliver our service. This page lists all subprocessors that process your personal data, what data they handle, and where they operate. All subprocessors are contractually bound to protect your data and comply with GDPR and other privacy regulations.
Clerk (Authentication)
Purpose: User authentication, account management, and session security
Data Processed: Email addresses, names, authentication tokens, login history
Data Location: United States (AWS infrastructure)
Privacy Policy: clerk.com/privacy
Cloudflare (R2 Storage & CDN)
Purpose: Photo and video object storage, content delivery via CDN
Data Processed: Photos, videos, thumbnails, generated AI outputs, file metadata
Data Location: European Union (EU region buckets)
Privacy Policy: cloudflare.com/privacypolicy
Hetzner Online (Application Hosting)
Purpose: Compute infrastructure running the application servers
Data Processed: All application traffic and runtime data (in transit / at rest on disk)
Data Location: European Union (Germany / Finland data centers)
Privacy Policy: hetzner.com/legal/privacy-policy
Inngest (Background Jobs)
Purpose: Schedules and runs background jobs (AI processing, sync tasks)
Data Processed: Job payloads, which may include user IDs, photo IDs, and processing parameters
Data Location: United States (data transferred under Standard Contractual Clauses)
Privacy Policy: inngest.com/privacy
GlitchTip (Error Tracking)
Purpose: Captures application errors and stack traces for debugging
Data Processed: Error messages, stack traces, request URLs, user IDs (no photo content)
Data Location: Managed service (app.glitchtip.com)
Privacy Policy: glitchtip.com/privacy
Supabase (Database)
Purpose: PostgreSQL database for family tree data, photos metadata, and user relationships
Data Processed: Family tree data (names, dates, relationships), photo metadata, user preferences
Data Location: United States (AWS us-west-1)
Privacy Policy: supabase.com/privacy
Replicate (AI Processing)
Purpose: AI-powered photo restoration and video generation
Data Processed: Photos you choose to restore or animate (processed temporarily, not stored permanently)
Data Location: United States
Privacy Policy: replicate.com/privacy
Google (Maps & Contacts APIs)
Purpose: Location autocomplete (Maps API) and optional contact import (Contacts API)
Data Processed: Location queries (Maps), Contact names and emails (Contacts - not stored on our servers)
Data Location: Global (Google Cloud Platform)
Privacy Policy: policies.google.com/privacy
Paddle (Payment Processing)
Purpose: Payment processing, subscription management, and billing
Data Processed: Payment information, billing details, transaction history (we do not store credit card numbers)
Data Location: United Kingdom & United States
Privacy Policy: paddle.com/legal/privacy
Data protection & compliance
All our subprocessors have been carefully selected based on their compliance with data protection regulations:
- GDPR Compliance: All subprocessors are GDPR-compliant and adhere to strict data protection standards
- Data Processing Agreements: We have signed Data Processing Agreements (DPAs) with all subprocessors that handle personal data
- Security Standards: Subprocessors use industry-standard encryption (TLS/SSL for data in transit, AES-256 for data at rest)
- Regular Audits: We regularly review our subprocessors' security practices and compliance status
Updates to this list
We may add, remove, or replace subprocessors as our service evolves. When we make significant changes (e.g., adding a new subprocessor that handles personal data), we will update this page and notify users via email if required by law. The 'Last Updated' date at the top reflects when this list was last modified.
Questions about subprocessors?
If you have questions about our subprocessors or how your data is processed, please contact us at [email protected].