Subprocessors
Third-party providers that process personal information on Bailar's behalf, with role, data categories, and processing location.
Effective Date: May 25, 2026
This page lists the third parties (“subprocessors”) Bailar, Inc. engages to process personal information on its behalf. Each subprocessor is bound by a data processing agreement (or, where the vendor publishes one, by their standard DPA, which Bailar has accepted) that limits use of personal information to the purposes described and requires safeguards aligned with applicable law (including GDPR Article 28, Quebec Law 25 Article 18.3, PIPEDA Principle 4.1.3, and the LFPDPPP).
We update this list when we add or remove subprocessors. Where required by applicable law (including GDPR Article 28(2)), users in the EU/EEA, UK, and other relevant jurisdictions may be entitled to advance notice of subprocessor changes. To request notice or object to a specific subprocessor, contact our Privacy Officer at privacy@bailar.site.
For internal AI inference vendors (Section “AI Inference” below): Bailar contractually requires each vendor not to train its underlying foundation models on inputs Bailar sends on your behalf, and routes AI traffic only to vendors operating under United States, European Union, United Kingdom, or Canadian data-protection law.
Infrastructure and Platform
| Subprocessor | Role | Data Categories | Processing Location |
|---|---|---|---|
| Supabase Inc. privacy |
Primary database, authentication, file storage, realtime subscriptions | Account data, profile data, communications, photos and media, location data, derived data | United States (AWS us-east-2) |
| Vercel Inc. privacy |
Web hosting, edge runtime, web analytics | IP address, user agent, page views, performance telemetry | United States (global edge network) |
| Cloudflare, Inc. privacy |
DNS, R2 object storage, Workers (map and RPC cache) | IP address, request metadata, cached map tiles and RPC responses | Global edge network |
| Hetzner Online GmbH privacy |
VPS hosting for the harvested-email pipeline (DNS MX precheck, classifier, discovery) and backup orchestration | Public-source business email addresses; no end-user personal data | Germany (European Union) |
| 650 Industries, Inc. (Expo) privacy |
Expo Application Services (EAS) for mobile build, OTA update delivery, and Expo Push (push-notification fan-out to APNs and FCM) | Expo push token, device platform and OS version, OTA runtime version, build metadata | United States |
| GitHub, Inc. privacy |
Source-code hosting and continuous-integration (Actions); no end-user content | Internal commits, CI logs, build artifacts | United States |
Authentication
| Subprocessor | Role | Data Categories | Processing Location |
|---|---|---|---|
| Apple Inc. privacy |
Sign in with Apple; App Store distribution; APNs push delivery; ASA Search Ads attribution (when consented); HealthKit on-device (no server-side health data) | Apple Account identifier (relay-anonymized email where Hide-My-Email is used), name and email (when shared at sign-in), APNs device token | United States; global Apple infrastructure |
| Google LLC (including Firebase) privacy |
Google Sign In (via Firebase project bailar-460ab); FCM push delivery; Vertex AI (Gemini, grounded search) for content classification, ranking, moderation, and language tasks; Google Maps and Places (read-only usage; see also our public commitments on Google Places); Google Search Console; Google Analytics 4 (web only; cookie-consent gated); Health Connect on-device (no server-side health data) |
Account identifier, IP address, device identifiers, query content sent to Vertex AI, FCM registration token, web analytics events (cookie-consent gated) | United States; global Google infrastructure |
| Meta Platforms, Inc. privacy |
Facebook Login (OAuth) sign-in; receipt of the OAuth identity token plus any data the user explicitly authorizes at sign-in (typically name + email). Bailar does not currently use any Meta marketing pixel, Meta Audiences integration, or Meta Conversions API on the Service. | Facebook user identifier, name, email (when granted at sign-in) | United States; global Meta infrastructure |
Communications
| Subprocessor | Role | Data Categories | Processing Location |
|---|---|---|---|
| Resend, Inc. privacy |
Transactional and marketing email delivery | Email address, name, email content, delivery status | United States |
| Zoho Corporation privacy |
Business mailbox hosting (paul@bailar.site, support@bailar.site, privacy@bailar.site, legal@bailar.site, dmca@bailar.site, accessibility@bailar.site) | Inbound and outbound mail content; sender and recipient addresses | United States; India |
| Twilio Inc. privacy |
SMS one-time-passcode delivery for phone-based sign-in (Twilio Verify); transactional SMS lifecycle (event reminders, opt-in flows); WhatsApp Business messages for opted-in users; SMS download-link for App Store / Google Play handoffs | Phone number, message content, country of recipient, delivery and read status | United States; Twilio global infrastructure |
Payments
| Subprocessor | Role | Data Categories | Processing Location |
|---|---|---|---|
| Stripe, Inc. privacy |
Payment processing for marketplace transactions (event tickets, studio classes) under a destination-charge architecture; studio subscription billing (Pro / Elite); Stripe Connect host onboarding, KYC, and payouts; chargeback handling | Payment method, transaction amounts and metadata, billing address; card numbers tokenized by Stripe; for Hosts, Stripe-required KYC data (identity documents, beneficial-owner information) collected directly by Stripe | United States; Stripe global infrastructure |
| RevenueCat, Inc. privacy |
Mobile in-app subscription orchestration: receipt validation, entitlement state, and webhooks for Apple App Store and Google Play Billing (the “No Ads” tier and any future consumer subscriptions). Bailar never sees full card numbers; Apple and Google process the underlying payment. | App user ID (Bailar internal), platform receipts, entitlement state, subscription lifecycle events | United States |
| Apple Inc. (App Store Billing) terms |
In-app purchase processing for iOS subscriptions | Apple ID, payment method (held by Apple), transaction history | United States; global Apple infrastructure |
| Google LLC (Play Billing) terms |
In-app purchase processing for Android subscriptions | Google account, payment method (held by Google), transaction history | United States; global Google infrastructure |
Mercantile fulfillment (bailar.site/shop)
| Subprocessor | Role | Data Categories | Processing Location |
|---|---|---|---|
| Printful, Inc. privacy |
On-demand merchandise printing and drop-ship fulfillment for the /shop catalog | Customer name, ship-to address, ordered SKU, order metadata; payment is captured by Stripe before fulfillment is initiated | United States; European Union; global Printful fulfillment network |
Product analytics
| Subprocessor | Role | Data Categories | Processing Location |
|---|---|---|---|
| PostHog Inc. privacy |
Product analytics, funnel and conversion analysis, feature-flag delivery for the mobile app and bailar.site; loaded only after the user has accepted analytics cookies on the web, and behind a consent-gated initialization on mobile | Pseudonymous device or user identifier, event names, page paths, interaction metadata, in-app feature usage; no message content, no payment data | United States (us.posthog.com) |
Observability and Operations
| Subprocessor | Role | Data Categories | Processing Location |
|---|---|---|---|
| Functional Software, Inc. (Sentry) privacy |
Application error tracking and performance monitoring; feeds the internal autofix triage pipeline | Stack traces; user identifier in error contexts; IP address; device and OS metadata | United States |
| Slack Technologies, LLC privacy |
Internal alerting and observability channels (operational logs only; no end-user content posted) | Operational alerts, system logs | United States |
AI Inference
The vendors below run inference on data Bailar sends them at the moment of use. Bailar contractually requires each vendor (or, where the vendor publishes one, accepts the vendor’s standard enterprise data-processing terms or zero-retention API tier) not to retain or train its underlying foundation models on inputs Bailar sends on your behalf. Vertex AI is the default text provider; other vendors are invoked selectively or as fallbacks.
| Subprocessor | Role | Data Categories | Processing Location |
|---|---|---|---|
| Anthropic, PBC privacy |
Claude API for selective text generation, classification, and the internal autofix engineering loop | Content submitted to AI features (event copy, image moderation prompts, classification inputs) | United States |
| OpenAI, OpCo LLC privacy |
OpenAI API for selective AI features (Vertex AI is the default text provider) | Content submitted to AI features when OpenAI is invoked | United States |
| Groq, Inc. privacy |
Low-latency text and vision inference (Llama, Kimi-K2) for classification, ranking, and moderation tasks | Content sent to inference (event copy, classification inputs, moderation prompts) | United States |
| Cerebras Systems, Inc. privacy |
Text inference fallback in the routing chain when other providers are unavailable | Content sent to inference | United States |
| Perplexity AI, Inc. privacy |
Sonar grounded-search API for event and studio discovery; receives search queries (typically location and dance-style terms), not user PII | Search queries (no user identifier transmitted) | United States |
Content discovery and enrichment
| Subprocessor | Role | Data Categories | Processing Location |
|---|---|---|---|
| Apify Technologies s.r.o. privacy |
Apify Harvest for public social-handle discovery (Instagram, TikTok, Facebook); used by content scrapers to seed the public studio and event directory | Public social media handles, public profile metadata; no end-user account data | Czech Republic (European Union) |
| Brave Software, Inc. privacy |
Brave Search API for internal grounded-search tooling; receives search queries, not user PII | Search queries (no user identifier transmitted) | United States |
| Tavily AI, Inc. privacy |
Tavily research API for internal grounded-search tooling; receives research queries, not user PII | Research queries (no user identifier transmitted) | United States |
Operator content generation
The vendors below produce content (audio, imagery) that Bailar itself publishes — for example, voiceover for a Bailar-produced marketing video, or ad imagery for a Bailar-run Meta or TikTok campaign. They receive Bailar-supplied prompts and scripts, not user-supplied personal data. They are not GDPR Article 28 “processors” of end-user personal data, but we list them here for completeness and to align with the investor packet’s disclosure posture.
| Vendor | Role | Data Categories | Processing Location |
|---|---|---|---|
| ElevenLabs, Inc. privacy |
Text-to-speech voiceover generation for Bailar-produced marketing videos and audio prompts. Inputs are Bailar-authored scripts (no end-user content); outputs are audio Bailar publishes through its own channels. | Bailar-authored text input; generated audio output | United States |
| Ideogram AI, Inc. privacy |
AI image generation for Bailar-produced marketing creative (Meta ads, social-post imagery, brand assets). Inputs are Bailar-authored prompts (no end-user content); outputs are images Bailar publishes through its own channels. | Bailar-authored text prompts; generated image output | United States |
Vendors NOT listed above — and why
The investor packet’s Risk Factors section (§09) and Technology Maturity Appendix (§13) reference additional AI vendors that do not appear on this page. The omission is deliberate: those vendors are used only in Bailar’s internal consensus tooling, dev tooling, or back-office benchmarking pipelines, and they do not process end-user personal data, user content, or any data subject to GDPR Article 28, CCPA Service Provider obligations, or Quebec Law 25 Article 18.3.
Specifically: Mistral AI, xAI, Cohere, Z.ai, Alibaba Qwen, Moonshot Kimi, MiniMax, and Meta Llama (via Groq inference) are invoked by the multi-model consensus panel that helps Bailar’s team make brand, naming, copy, and legal-language decisions. These calls send only the question, supplied candidates or artifact, and a context primer authored by Bailar — never end-user personal data. If we later wire any of these vendors into a user-facing inference path, they will be added to the AI Inference section above and disclosed to users on at least thirty (30) days’ advance notice consistent with the general subprocessor-change policy on this page.
Updates to this list
Last reviewed: May 25, 2026. Bailar reserves the right to add or remove subprocessors as the Service evolves. Material additions or replacements will be reflected here, with advance notice provided to users where required by applicable law. Subscribe to subprocessor change notifications by emailing privacy@bailar.site with the subject line “Subprocessor notifications.”
Revision history:
- May 25, 2026 — Added Meta Platforms, Inc. (Facebook Login OAuth) under Authentication. Added ElevenLabs and Ideogram under Operator content generation. Added “Vendors NOT listed above” section clarifying the GDPR Article 28 boundary for internal consensus / dev-tooling AI vendors.
- May 24, 2026 — Removed Google AdMob row (no AdMob SDK is integrated in the Service; aligning this page with the actual code paths in production).