Sub-processors
Last updated: 2026-05-23
Zenit relies on the following data processors to operate the product. Each one only receives the personal data strictly necessary for the listed purpose, under a Data Processing Agreement that mirrors the Article 28 GDPR requirements. Processors marked as optional are only invoked when you actively use the corresponding feature.
| Provider | Purpose | Entity / Location |
|---|---|---|
| Microsoft Azure | Application hosting, PostgreSQL database, Azure OpenAI Service (LLM + embeddings), transactional email delivery, file storage. | Microsoft Ireland Operations Ltd. (EU) |
| LemonSqueezy | Payment processing, subscription billing, EU VAT and US sales tax compliance, invoicing. | Lemon Squeezy LLC. (United States) |
| Langfuse | LLM observability — agent prompts, latency, and token usage telemetry. EU-hosted instance. | Finto Technologies GmbH. (Germany) |
| Sentry | Frontend error reporting and stack traces. Only active after you accept analytics cookies; otherwise no data is sent. | Functional Software, Inc. (United States) |
| Cloudflare | DNS resolution, edge caching, DDoS protection, and TLS termination for the public site. | Cloudflare, Inc. (United States) |
| Sign-in via Google account. Optional — only invoked when you choose Google as the identity provider at signup. | Google LLC. (United States) / Google Ireland Ltd. (EU) | |
| Apple | Sign-in via Apple ID. Optional — only invoked when you choose Apple as the identity provider at signup. | Apple Inc. (United States) |
Changes to this list
We may add or replace sub-processors as the product evolves. Material changes will be notified by email at least 30 days in advance for users with an active account, giving you time to object before the new sub-processor begins handling your data.
Questions
Write to [email protected] for any concern about how a specific sub-processor handles your data, or to request the corresponding DPA documentation.