Processor Register

Vendors & Subprocessors

This page is the public-facing processor and infrastructure register for the covered repository surfaces. It is designed to show which vendors are structurally part of the stack, which ones are optional, and how their processor role, contract posture, and governance fit into the privacy and security program.

Status labels on this page are intentionally conservative. Optional providers should remain optional until they are configured, contract-reviewed, and covered by the right legal and technical controls.
Live legal baseline0 sectionsRights routing activeDocs-ready presentation
Last updated May 31, 2026
Page structure
Hero briefing
Scope, applicability, and status markers
Live surface
Interactive controls, forms, or datasets below
Support docs
Related policies, packs, and trust materials
Related docs
Docs Center
Core policies and rights flows
Privacy Request Center
Access, delete, export
Regulatory Packs
Counsel and diligence view
Vendor Register
Processor and DPA posture
Recommended use

This is the best place to fill the space: not decorative noise, but a useful orientation layer. It gives readers page structure, supporting docs, and a quick sense of what to do next before they reach the live form, pack, or data surface below.

Recommended filler pattern
  • Quick actions or entry points
  • Support response timing or scope note
  • Cross-links to the most relevant trust materials
Open primary docOpen support path
Listed vendors
7
Always active
2
Active if configured
2
Migration-only
0
Documented contract posture
3
Internal contract tracking
1
Pending before activation
2

This register is intended to reflect the third-party processors, infrastructure providers, and optional subprocessors that appear in the covered repository or deployment baseline. Optional providers remain marked as such until configured and contract-reviewed.

If a future analytics, advertising, or wallet-routing provider is added, it should be declared here, mapped to the relevant consent or legal workflow, and reviewed before activation.

Active baselineNecessary service providerhigh riskInfrastructure provider

Vercel

Vercel-hosted deployment stack

Hosts the public site, Lucid web disclosures, admin routes, and deployment artifacts for the covered repository.

Review cadence
Quarterly
Contract posture
DPA or equivalent processor terms in place
Contractual or regional safeguards tracked
Customer-safe contract posture documented
Covered scopes
Corporate site
Lucid web surfaces
Admin routes
Data categories
Technical request data
runtime logs
build artifacts
security telemetry
Systems and transfer notes
Next.js public app
API routes
deployment pipeline
Cross-border hosting and log access should be covered by the infrastructure DPA, retention review, and deployment governance.
Core hosting provider for the covered web stack.
May handle request metadata, server-side logs, and deployment artifacts as part of runtime delivery.
Customer-safe contract and review evidence
Infrastructure provider is tracked in the processor register with quarterly reassessment.
Hosting, retention, and transfer posture are reviewed as part of the production governance baseline.
Active baselineNecessary service providerhigh riskProcessor

Neon

Neon-managed serverless Postgres

Stores repository-backed application records such as users, orders, privacy requests, audit logs, consent records, and supporting operational entities.

Review cadence
Quarterly
Contract posture
DPA or equivalent processor terms in place
Contractual or regional safeguards tracked
Customer-safe contract posture documented
Covered scopes
Corporate site
Lucid support and legal workflows
Admin systems
Data categories
Account data
order data
privacy-request records
audit logs
consent records
Systems and transfer notes
Primary data layer
admin workflows
privacy operations
Primary datastore location, backup posture, and transfer safeguards should stay aligned with the production-region choice and DPA posture.
Used as the primary serverless Postgres datastore for covered repository data.
Holds business and compliance records required to operate the service.
Customer-safe contract and review evidence
Primary data processor is tracked with regional deployment and backup review notes.
Contract and transfer posture are reviewed as part of quarterly datastore governance.
Optional / not enabledNot consent-gatedmedium riskProcessor

Legacy BaserDB migration source

Legacy migration source

Used only to verify or migrate historical records from the previous storage stack into the current primary datastore.

Review cadence
Migration closeout
Contract posture
Internal migration-only exception
Migration-only closeout path
Migration closeout only
Covered scopes
Migration and verification only
Data categories
Legacy account data
legacy consent records
legacy audit and privacy-request records
Systems and transfer notes
Migration tooling
Should be retired after migration verification is complete and should not remain a long-term write path.
Included for transparency where legacy records still need migration verification.
Not intended as the long-term primary datastore.
Customer-safe contract and review evidence
Legacy source remains tracked only for migration closeout and should not remain a steady-state production path.
Active if configuredNecessary service providermedium riskProcessor

Cloudinary

Cloudinary media infrastructure

Handles product-image uploads and GT release asset publishing when admin upload or release workflows are used.

Review cadence
Quarterly
Contract posture
DPA or equivalent processor terms in place
Contractual or regional safeguards tracked
Customer-safe contract posture documented
Covered scopes
Corporate media surfaces
GT release workflows
Data categories
Uploaded media
release bundles
file metadata
admin upload activity
Systems and transfer notes
Admin upload API
GT release pipeline
Should be reviewed for retention, public asset exposure, and contractual protections before production use.
Used only for admin-managed uploads and release assets, not for routine browser tracking.
Customer-safe contract and review evidence
If enabled, media hosting remains part of the reviewed processor baseline rather than the optional browser tracking layer.
Active if configuredNecessary service providerhigh riskProcessor

Configured SMTP provider

Transactional email delivery provider

Sends welcome emails, OTP messages, privacy-request confirmations, and other transactional communications.

Review cadence
Quarterly
Contract posture
DPA or equivalent processor terms in place
Contractual or regional safeguards tracked
Tracked in internal contract register
Covered scopes
Corporate site
Privacy Request Center
Admin communications
Data categories
Email addresses
message content
delivery metadata
support or request context
Systems and transfer notes
OTP delivery
welcome email
newsletter and privacy communications
Exact provider identity, DPA posture, and message-retention terms should be maintained in the internal contract register.
Used for transactional product and rights-request email delivery when configured.
The exact mail provider may vary by environment or contract lifecycle.
Customer-safe contract and review evidence
Transactional email remains contract-reviewed before activation, with provider identity tracked in the internal contract register.
Optional / not enabledNecessary service providerhigh riskPlatform provider

Meta WhatsApp Business Platform

Meta-hosted messaging platform

Supports WhatsApp-based customer or order messaging when the Meta provider is enabled.

Review cadence
Quarterly
Contract posture
Contract review required before activation
Transfer safeguard review required before activation
Pending before activation
Covered scopes
Order and customer messaging
Data categories
Phone numbers
message content
order-related communication metadata
Systems and transfer notes
WhatsApp notification workflow
Should be treated as a platform messaging processor with transfer review, platform-terms review, and data-minimization controls before activation.
Optional channel for transactional messaging only.
Not used for marketing automation unless a separate reviewed program is introduced.
Customer-safe contract and review evidence
Platform messaging remains optional and must stay behind legal, transfer, and retention review before activation.
Optional / not enabledNot consent-gatedhigh riskSubprocessor

Configured security log sink

External monitoring or webhook receiver

Receives forwarded structured audit events when external security-log forwarding is enabled.

Review cadence
Quarterly
Contract posture
Contract review required before activation
Transfer safeguard review required before activation
Pending before activation
Covered scopes
Security monitoring and incident response
Data categories
Audit-log metadata
actor identifiers
event metadata
security telemetry
Systems and transfer notes
Audit forwarding pipeline
Any enabled sink should be reviewed for access controls, retention, incident-response compatibility, and jurisdictional transfer posture.
Used only if central security-log forwarding is enabled.
Not part of the public marketing stack or optional analytics path.
Customer-safe contract and review evidence
External security-log forwarding remains optional and must stay behind documented retention, access, and transfer review before activation.