Subprocessors
Last updated: June 3, 2026
Clipus uses the third-party providers below to operate the Service. Each may process customer data only as needed to deliver its function, under contractual data-protection obligations. This list is incorporated by reference into our Data Processing Addendum.
We will update this page before adding or replacing a subprocessor that processes customer data. To be notified of changes, email security@clipus.io.
| Subprocessor | Purpose | Data processed | Location |
|---|---|---|---|
| Supabase | Database, authentication, file storage | Account data, product/campaign data, captured evidence | United States |
| Vercel | Application hosting, edge network, serverless compute | Request data, application logs | United States / global edge |
| Cloudflare R2 | Video and asset object storage | Generated videos, screenshots, rendered assets | United States / global |
| Anthropic (Claude) | Script and marketing strategy generation | Captured product text, page metadata | United States |
| OpenAI | Subtitle transcription (Whisper) | Generated voiceover audio | United States |
| ElevenLabs | Voiceover and background music generation | Script text | United States |
| Stripe | Subscription billing and payments | Billing contact, payment metadata (card data is held by Stripe, not Clipus) | United States |
| Resend | Transactional and lifecycle email | Email address, message content | United States |
| Upstash | Rate limiting | IP address / account identifier (ephemeral) | United States / global |
| Inngest | Background pipeline orchestration | Job metadata (project and organization identifiers) | United States |
| PostHog | Product analytics | Usage events, pseudonymized identifiers | United States |
| Sentry | Application error monitoring | Error metadata, request context | United States |
| Chrome Web Store distribution and OAuth sign-in | OAuth profile email | United States |
See also our Security & Trust overview and Privacy Policy.