Always invoked.
Foundational sub-processors that are part of every Amicus deployment. Listing one of these does not require feature opt-in — they are core to the service.
Every external service that may process customer data on our behalf — what it's for, when it's invoked, where it runs, and what we've committed to with each one. Updated whenever the list changes, with 30-day notice to existing customers.
Not every sub-processor touches every customer's data. We split this list into three tiers so you can see exactly which vendors are in your data flow today — and which ones become relevant only if you enable a specific feature.
Foundational sub-processors that are part of every Amicus deployment. Listing one of these does not require feature opt-in — they are core to the service.
Used only when a specific product feature, channel, or workflow is enabled (for example, voice synthesis, SMS notifications, or web research). If you don't enable the feature, the vendor never sees your data.
Sub-processors used to operate Amicus itself (billing, anti-fraud, observability of our platform). Listed for transparency even though they do not process your business data directly.
The large language and multimodal models Amicus calls to generate answers, summarize documents, and reason over your data. Every model provider listed below is contractually bound to not train on customer data, regardless of their default consumer terms.
| Sub-processor | Purpose | Activation | Processing region | Notes |
|---|---|---|---|---|
| Anthropic | Primary LLM (Claude family) — chat, reasoning, document Q&A | Always | US (us-east-1, us-west-2) Singapore (ap-southeast-1) via AWS Bedrock for SEA-resident tier |
Zero data retention via API. No training on customer data. Enterprise terms in place. |
| OpenAI | Alternate LLM (GPT family) and embeddings | Always | US (api.openai.com) Japan East via Azure OpenAI for AP-resident tier |
API data not used for training. 30-day abuse-monitoring retention by default; zero retention available on request. |
| Google (Vertex AI / Gemini) | Multimodal LLM (Gemini family), vision, structured extraction | Always | Singapore (asia-southeast1) default Jakarta (asia-southeast2) Bangkok (asia-southeast3) where available |
Vertex AI default = no training, no logging beyond serving. In-region inference. |
| Cohere | Specialized embeddings, classification, reranking | Conditional | US (us-east-1) EU (Frankfurt) |
Used only for retrieval pipelines that benefit from Cohere reranker. No training on customer data. |
| ElevenLabs | Voice synthesis (text-to-speech) | Conditional | US, EU | Enabled only for voice-enabled products. Enterprise tier — no training, configurable retention. |
| Azure Speech | Speech-to-text and TTS (alternate path) | Conditional | Southeast Asia (Singapore) Japan East |
Used when Microsoft voice path is preferred. No training on customer data per Azure terms. |
| FAL | Image generation models (Flux, SDXL, etc.) | Conditional | US, EU (multi-cloud GPU) | Enabled only for image-generation features. Generated outputs only; no customer document data sent. |
Where Amicus deploys application code, runs background jobs, and stores customer data at rest. The default tier runs in Singapore; Thailand-resident and Customer-VPC tiers are available on request.
| Sub-processor | Purpose | Activation | Processing region | Notes |
|---|---|---|---|---|
| Google Cloud Platform (GCP) | Compute (Cloud Run, Cloud Functions), object storage, KMS, networking | Always | Singapore (asia-southeast1) default Bangkok (asia-southeast3) for Thailand-resident tier |
Encryption at rest with customer-managed keys (BYOK) on enterprise tier. Customer-selectable region. |
| Firebase (Google) | Authentication, Firestore (app data), Cloud Storage (file uploads), Cloud Functions | Always | asia-southeast1 (Singapore) Bangkok available where supported |
Built on GCP. Same residency commitments as GCP. Auth tokens handled stateless. |
| Modal | Background compute jobs (long-running ML workloads, batch processing) | Conditional | US primary, EU available | Used for compute-heavy workflows. Job inputs ephemeral; deleted after execution. SOC 2 Type II. |
| RunPod | GPU compute for custom inference and fine-tuning | Conditional | Customer-selectable: Singapore, India, US, EU | Used only for customer-specific custom model jobs. Per-job container isolation. |
Where customer documents, embeddings, and analytics live. Tenant isolation is enforced at the database level — not by application logic alone.
| Sub-processor | Purpose | Activation | Processing region | Notes |
|---|---|---|---|---|
| Supabase | Postgres database, authentication, file storage (alternate to Firebase) | Conditional | Singapore (ap-southeast-1) Tokyo, Mumbai available |
Used when relational schema or row-level security is preferred. SOC 2 Type II. DPA aligned. |
| Upstash Redis | Caching, rate limiting, session storage, ephemeral state | Always | Singapore (ap-southeast-1) default | Cache TTL ≤ 24 hours. No persistent customer data. SOC 2 Type II. |
| Upstash Vector | Vector database for retrieval-augmented generation (RAG) | Always | Singapore (ap-southeast-1) default | Stores document embeddings, not raw documents. Per-tenant namespace isolation. Encrypted at rest. |
| TimescaleDB Cloud | Time-series analytics (event logs, usage metrics) | Conditional | Singapore (ap-southeast-1) Tokyo |
Enabled for Analytics Agent deployments. Hosted on AWS. SOC 2 Type II. |
| InfluxDB Cloud | High-frequency metrics ingestion (IoT, observability) | Conditional | AWS (no SEA region; closest is Sydney ap-southeast-2) | Used only for high-frequency metric workloads. Cross-border flow disclosed in customer DPA. Customer can opt out. |
| MotherDuck | DuckDB-based analytical workloads (advanced Analytics Agent) | Conditional | US East primary; EU available | Conditional on advanced analytics features. Cross-border flow disclosed; customer can opt out. |
| FalkorDB | Knowledge graph storage (entity resolution, graph queries) | Conditional | AWS multi-region (customer-selectable) | Used for graph-heavy workflows. Self-hosted option available for Customer-VPC tier. |
When Amicus needs to send mail, SMS, or in-app notifications to your users on your behalf — these are the carriers we use.
| Sub-processor | Purpose | Activation | Processing region | Notes |
|---|---|---|---|---|
| SendGrid (Twilio) | Transactional email (system notifications, password reset, alerts) | Always | US primary; EU available on enterprise tier | Recipient email + minimal context only. No customer documents. Cross-border flow disclosed in DPA. |
| Twilio | SMS, voice notifications, WhatsApp delivery | Conditional | Tokyo region for AP traffic | Enabled only for SMS/voice channels. Phone numbers + message content; minimal retention. |
Vendors invoked only by specific products or workflows. If you don't enable the corresponding feature, none of these touch your data.
| Sub-processor | Purpose | Activation | Processing region | Notes |
|---|---|---|---|---|
| Didit | Identity verification (KYC), document & biometric checks | Conditional | EU (Spain) | Enabled only for KYC-required workflows (FSI). Cross-border flow disclosed; customer must opt in. |
| Mapbox | Map tiles, geocoding (location-aware products) | Conditional | US primary; EU available | Coordinate lookups only. No identifiable user data sent. |
| Google Maps Platform | Alternate mapping/places API | Conditional | Google global (no specific data residency) | Used as alternate to Mapbox where Google Places is preferred. |
| Bright Data | Web scraping infrastructure (public web data only) | Conditional | Israel HQ; global proxy network | Enabled only for Social Research Agent. Public web data only — no customer data sent. |
| Massive | Alternate web data network (residential proxies) | Conditional | Global | Alternate to Bright Data. Public web data only. |
Vendors used to operate Amicus the company — billing, anti-fraud, and platform observability. Listed for transparency. These vendors do not have access to customer business content.
| Sub-processor | Purpose | Activation | Processing region | Notes |
|---|---|---|---|---|
| Stripe | Subscription billing, payment processing | Internal | Singapore (data residency available) | Billing contact + payment method only. No business content. PCI-DSS Level 1. |
| RevenueCat | Mobile subscription management (where Amicus apps are mobile-distributed) | Internal | US | App-store entitlement state only. No business content. |
| Google reCAPTCHA | Bot protection on public-facing forms | Internal | Google global | Visitor signal data only. No customer business content. |
| RudderStack | Product usage analytics pipeline (internal observability) | Internal | Singapore (data plane available) | Aggregated usage events for service improvement. Customer can opt out via DPA addendum. |
We publish every change to this list with at least 30 days' notice to existing customers. You can subscribe by email below — or watch this page directly.
First public release of the Amicus sub-processor list. Documents 22 vendors across 6 categories. Establishes the activation tier system (Always · Conditional · Internal).