Legal
Subprocessor List
Last updated: May 7, 2026
Marcenta uses the following third-party subprocessors to help deliver the Service. A subprocessor is a third party that processes personal data on our behalf.
We may update this list from time to time as our infrastructure or providers change. For questions about subprocessors, contact legal@marcenta.ai.
| Subprocessor | Purpose | Data Processed | Location | Privacy Policy |
|---|---|---|---|---|
| Supabase | Database, authentication, storage, and application data infrastructure | Account data, workspace data, connected source data, application records, and authentication/session data | India (production region currently configured by Marcenta) | supabase.com/privacy |
| OpenAI | AI-assisted analysis, summaries, and product features | Prompts, metric summaries, report context, and structured inputs necessary for AI features | United States | openai.com/privacy |
| Vercel | Frontend hosting, edge delivery, and web application infrastructure | Website traffic data, request metadata, logs, cookies, and application delivery data | United States and other regions used by Vercel infrastructure | vercel.com/legal/privacy-policy |
| Railway | Backend hosting, application runtime, and job processing | Application traffic, logs, request metadata, and backend-processed service data | United States and other regions used by Railway infrastructure | railway.app/legal/privacy |
| Resend | Transactional and operational email delivery | Sender and recipient email addresses, message metadata, and email content required for delivery | United States | resend.com/legal/privacy-policy |
| Dodo Payments | Subscription billing, checkout, and customer billing portal | Billing customer identifiers, subscription metadata, plan information, and transaction-related records | United States and other regions used by the provider | www.dodopayments.com/privacy |
| Sentry | Error monitoring, incident investigation, and service diagnostics | Technical telemetry, error events, request metadata, and limited account identifiers included in diagnostic events | United States and other regions used by the provider | sentry.io/privacy/ |
We seek to maintain appropriate contractual protections with subprocessors where required, including data processing terms and confidentiality obligations appropriate to the services they provide.