Loading…
Last updated: May 24, 2026 · Append-only · Notice channel for GDPR Art. 28(2) general written authorization
We use the third-party services ("subprocessors") listed in our Privacy Policy to deliver SpellRack. Whenever we add, remove, or move regions for a subprocessor, we log it here. The entries below are append-only — historical rows are never edited or deleted.
If you have a Data Processing Addendum with us and require advance notice of subprocessor changes, email [email protected] with the subject "Subprocessor notice subscription" and we will email you each change at least 30 days before it takes effect for new processors handling personal data.
| Date | Change | Processor | Region | Reason |
|---|---|---|---|---|
| 2026-05-24 | Region change | SpellRack-hosted scanner training corpus | Self-hosted on Hetzner VM (EU — Falkenstein, Germany) | Scanner training-corpus capture shipped 2026-05-24 (task #78). Not a new third-party subprocessor — captured data stays on our own servers — but listed here so EU/UK customers have a written record of the new processing activity in keeping with GDPR Art. 30 record-keeping. |
| 2026-05-24 | Region change | Anthropic — data-class expansion | USA (unchanged) | Collection-aware deck building shipped 2026-05-24 as a Premium feature. Required disclosure of the new data classes transmitted to an already-active subprocessor (Anthropic). |
| 2026-05-24 | Initial | Initial published baseline | — | First published version of the subprocessor changelog. Initial baseline captured during the 2026-05-24 compliance review. |
This is the authoritative list at the date above. The same set is mirrored in §4 of the Privacy Policy. Use this list when filling out vendor security review questionnaires.
| Processor | Region | Purpose | PII |
|---|---|---|---|
| Stripe | USA | Payment processing (cards, subscriptions, invoices, tax) | Yes |
| Anthropic | USA | AI Copilot inference. Receives conversation messages plus, for premium users, a collection-aware system-prompt block: top-100 owned cards, recent deck names + commanders, nearby LGS inventory snippet. Zero retention, no training on traffic. | Yes |
| Cloudflare | Global edge (US-routed control plane) | CDN, DNS, WAF, bot mitigation, email routing | Yes |
| Sentry | USA | Error and performance monitoring (90-day retention) | Yes |
| PostHog | USA (consent-gated in EU/UK) | Product analytics and session replay (12-month retention) | Yes |
| RevenueCat | USA | Mobile IAP attribution and entitlement sync (iOS / Android) | Yes |
| Resend | USA | Transactional email delivery (receipts, password resets, alerts) | Yes |
| Hetzner | Germany (EU — primary data residency) | Application hosting, database, object storage. EU/UK: this is where your data lives at rest. | Yes |
| Scryfall | USA | Card data and image CDN (public API, no PII transmitted) | No |
| EDHREC | USA | Commander synergy and recommendation data (public API, no PII) | No |
| TCGplayer (via Impact) | USA | Affiliate link tracking pixel on outbound clicks only | No |
| OpenStreetMap | Global, ODbL | Local game store directory data (read-only public data) | No |
| Discord | USA | OAuth sign-in (optional). Receives nothing we initiate. | Yes |
EU/UK customers: data at rest lives in Germany (Hetzner). Transfers to US subprocessors above happen under the EU-US Data Privacy Framework or Standard Contractual Clauses where required. See §9 of the Privacy Policy.
Questions about a subprocessor or this changelog: [email protected].