Sub-processors
Last Updated: April 19, 2026
A sub-processor is a third party that Clarus uses to help deliver the Service and that may process personal data on our behalf. Clarus is operated by Sumo Creations, LLC (the "controller") and the vendors listed below are contractually bound to handle your data only for the purposes we set.
This page is the authoritative list. It is referenced from our Privacy Policy and will be updated before any new sub-processor that handles user content or PII is added. Material changes are announced at least 30 days in advance, per Section 11 of the Privacy Policy, giving you the opportunity to delete your account before the change takes effect.
Core infrastructure
| Vendor | Purpose | Data processed | Hosting region | DPA / terms |
|---|---|---|---|---|
| Convex | Backend database and application runtime | All user content (encrypted at rest with AES-256-GCM), account records, session tokens | United States | convex.dev/legal/dpa |
| Vercel | Frontend hosting, serverless functions, edge delivery | Request logs, static assets, rendered server responses | United States | vercel.com/legal/dpa |
| Google Cloud Platform | Container hosting for the D2 diagram render service (us-east4) | Temporarily processed diagram source; no persistent content storage | United States | cloud.google.com/terms/data-processing-addendum |
AI providers
| Vendor | Purpose | Data processed | Retention | DPA / terms |
|---|---|---|---|---|
| Anthropic | Claude models power writing, review, outline, and research features | Content from the specific AI-feature request (selection, surrounding context, prompts) | 30 days on the default commercial API; not used for training | anthropic.com/legal/commercial-terms |
| Google (Gemini API) | Gemini models power search-grounded research and link lookups | Query strings + limited context from the request | Default Gemini API retention; not used for training on the paid tier | ai.google.dev/gemini-api/terms |
Clarus is currently on each AI provider's default commercial API tier. We are not yet on Anthropic's Zero Data Retention tier or Google's equivalent enterprise tier. See §3 of the Privacy Policy for the current commitment and the planned upgrade path.
Transactional and operational services
| Vendor | Purpose | Data processed | Hosting region | DPA / terms |
|---|---|---|---|---|
| Resend | Delivery of sign-in magic-link emails and account notifications | Recipient email address, one-time sign-in URLs, email body | United States | resend.com/legal/dpa |
| Polar.sh | Subscription billing and metered AI credit usage | Billing name, email, payment method tokens (Stripe under the hood), subscription status | European Union | polar.sh/legal/privacy |
| Plausible Analytics | Cookieless pageview and CTA conversion measurement on the marketing site and the signed-in application | Aggregated, privacy-preserving pageview events; no cookies, no localStorage, no personal identifiers | European Union (Germany) | plausible.io/dpa |
Authentication identity providers (customer-initiated)
When you sign in with an OAuth provider, you authenticate directly with them; Clarus only receives the minimum identity details needed to create or match your account.
| Vendor | When it applies | Data Clarus receives |
|---|---|---|
| GitHub | When you click "Sign in with GitHub" | GitHub user ID, primary email (if granted), display name, profile picture URL |
| When you click "Sign in with Google" | Google subject ID, email, display name, profile picture URL |
Magic-link sign-in (via Resend above) is also available and does not rely on a third-party identity provider.
What is not on this list
- Google Analytics — Clarus does not use Google Analytics. If that changes, this page and the Privacy Policy will be updated at least 30 days in advance.
- Sentry (error monitoring) — Clarus does not currently use Sentry. We may add it for error tracking in the future; if so, this page will be updated and the Privacy Policy will disclose the scope (error data only, not session replay) before it is enabled.
- Advertising, retargeting, or attribution pixels — Clarus uses none.
- Session replay or heatmap tools — Clarus uses none.
- OpenAI and Fireworks AI — these were listed in earlier drafts of our policy; no user content is currently routed to them. If that changes, this page will list them before any content is sent.
Change notice
Material additions to this list trigger a 30-day advance notice under Section 11 of the Privacy Policy. Minor edits (typo fixes, contact address updates, or jurisdiction clarifications) are made in place with an updated "Last Updated" date at the top of this page.
If you have questions about sub-processors or want a detailed data-processing agreement for a specific vendor relationship, contact us at support@clarus.page.