Sub-Processors
Last updated: April 24, 2026
Third parties Dentospire engages to deliver the Service. Each sub-processor processes personal data on Clinic's behalf under a data processing agreement no less protective than Dentospire's DPA.
Core Infrastructure
| Sub-processor | Purpose | Location | Safeguards |
|---|
| Neon | Primary Postgres database (clinic + patient records) | India (Mumbai, ap-south-1) | DPA with SCCs; data physically in India |
| Vercel | Application hosting, edge compute, serverless functions | USA primary + global CDN edge | DPA with SCCs + UK IDTA |
| Vercel Blob | File storage for X-rays, documents, profile images | USA | DPA with SCCs + UK IDTA (part of Vercel DPA) |
| Cloudflare R2 | Encrypted backup storage (payload pre-encrypted AES-256-GCM) | Global (region-configurable) | DPA with SCCs |
Authentication and Communications
| Sub-processor | Purpose | Location | Safeguards |
|---|
| Clerk | User authentication (email, OAuth, 2FA) | USA | DPA with SCCs + UK IDTA |
| Resend | Transactional email (notifications, OTPs) | USA / EU | DPA with SCCs |
| WhatsApp Cloud API (Meta) | Patient messaging and appointment reminders | Global (Meta infrastructure) | DPA with SCCs |
| Vomyra | IVR and outbound voice calls | India | DPA — domestic processing |
AI Processing
| Sub-processor | Purpose | Location | Safeguards |
|---|
| Anthropic (Claude) | X-ray analysis, voice-to-SOAP, DARA assistant, content generation | USA | DPA with SCCs + UK IDTA; zero-retention mode engaged where available |
| Google (Gemini) | Supplementary AI processing for summaries and image analysis | USA / EU | DPA with SCCs |
| Groq | Low-latency AI inference for assistive features | USA | DPA with SCCs |
| Azure Speech | Voice-to-SOAP clinical dictation | Global Azure regions | Microsoft DPA with SCCs |
| ElevenLabs | Text-to-speech for the in-app support assistant | USA / EU | DPA with SCCs |
Backup Layers (Encrypted Before Upload)
All backup payloads are AES-256-GCM encrypted before leaving Dentospire infrastructure. Sub-processors at this tier cannot read backup contents.
| Sub-processor | Purpose | Location | Safeguards |
|---|
| Google Drive (Google LLC) | Encrypted backup tier L4 (full archive) | Global | DPA with SCCs; payload pre-encrypted — Google cannot read |
| MEGA | Encrypted backup tier L2/L3 (selective mirror) | EU (Luxembourg / Netherlands) + NZ | EU-based; payload pre-encrypted |
Operations and Monitoring
| Sub-processor | Purpose | Location | Safeguards |
|---|
| Sentry | Error and performance monitoring (no patient PII) | USA / EU | DPA with SCCs |
| PostHog | Product analytics on aggregated, non-PII usage | USA / EU | DPA with SCCs |
| Google Analytics | Website analytics (only with cookie consent) | USA / EU | Google DPA with SCCs |
Payments
| Sub-processor | Purpose | Location | Safeguards |
|---|
| Razorpay | Payment gateway — India clinic subscription billing | India | DPA — domestic processing |
Data We Do Not Send to Sub-Processors
- Raw X-ray training data, AI validation logs: stored only in primary DB. Never exported to Google Drive, MEGA, or shared AI pipelines.
- RAG knowledge chunks / documents: stored only in primary DB.
- Agent logs, AI usage logs: local-only; never sent to third-party backup providers.
Changes
New sub-processors are published here with 30 days' notice. Clinics may object on reasonable data-protection grounds — contact privacy@dentospire.com. If agreement cannot be reached, the Clinic may terminate the Service without penalty.
To subscribe to sub-processor change notifications, email privacy@dentospire.com with subject "SUB-PROCESSOR NOTIFY".