Subprocessors
Last updated: 2026-05-30
A subprocessor is a third party that Unshift LLC ("Unshift") engages to process personal data on behalf of our customers in the course of delivering the Services (the Unshift Studio and hosted websites). This page lists our current subprocessors and is incorporated by reference into our Privacy Policy and our Data Processing Addendum.
If you are a customer who requires advance notice of new subprocessors, subscribe to this page's changes at subprocessors@unshift.ai and we will email you at least 30 days before adding or replacing a subprocessor that processes Customer Personal Data.
Current subprocessors
| Vendor | Service used | Category | Customer personal data processed | Location of processing | Transfer mechanism |
|---|---|---|---|---|---|
| Supabase Inc. | Managed PostgreSQL, Auth, Storage, Realtime | Infrastructure / database | Account identifiers, project metadata, user-submitted content, session tokens | United States (AWS us-east-1) | EU SCCs + UK IDTA |
| Cloudflare, Inc. | CDN, Workers for Platforms, R2 object storage, DNS | Infrastructure / hosting | All data served to and from published sites; request logs (IP, user agent, URL) | Global edge; metadata in US | EU SCCs + UK IDTA |
| Stripe, Inc. | Payment processing, billing, tax, Customer Portal | Payments | Name, email, billing address, tax ID, card details (Stripe is PCI-DSS Level 1) | United States (global edge) | EU SCCs + UK IDTA |
| Amazon Web Services | SES (transactional email), S3 (legacy file storage) | Infrastructure / email | Recipient email addresses, email content, file contents | United States (us-east-1) | EU SCCs + UK IDTA |
| Functional Software, Inc. (Sentry) | Error and performance monitoring | Observability | Stack traces, user ID, IP address (scrubbed after collection), browser metadata | United States | EU SCCs + UK IDTA |
| Google LLC | Google Analytics 4 (GA4) on marketing site only | Analytics | IP address (anonymized), device identifiers, page views; loaded only after cookie consent | United States | EU SCCs + UK IDTA |
| PostHog, Inc. | Product analytics and session replay in the Studio (optional, separate opt-ins) | Analytics | Pseudonymous user ID, page views, interaction events, masked session replay (if separately opted in); loaded only after cookie consent | Germany (EU Cloud, Frankfurt) | EU SCCs + UK IDTA |
| GitHub, Inc. | Source-control integration for exported projects (when customer chooses to connect) | Developer tooling | Repository content created by the customer, GitHub username, access token | United States | EU SCCs + UK IDTA |
| Netlify, Inc. | Optional production hosting for exported projects (when customer chooses to connect) | Deployment | Site content, environment variables, deployment logs | United States | EU SCCs + UK IDTA |
Customer-initiated integrations (for example, connecting a customer's own AI provider over the Model Context Protocol, connecting a customer's own GitHub or Netlify account, or configuring a custom analytics provider in their site) add additional data flows that are outside the scope of Unshift's subprocessor obligations because the customer is controlling them directly. See "AI providers are not Unshift subprocessors" below.
How we select subprocessors
We require every subprocessor to:
- Execute a Data Processing Agreement (DPA) that includes the EU Standard Contractual Clauses (Module Three or Module Four as applicable) and the UK International Data Transfer Addendum where relevant.
- Maintain security certifications appropriate to the data they handle (SOC 2 Type II, ISO 27001, or equivalent).
- Notify us of security incidents affecting our tenant within a defined timeframe (24 to 72 hours depending on the vendor).
- Be contractually prohibited from using Customer Personal Data to train their own models, except as strictly necessary to provide the service we purchased.
AI providers are not Unshift subprocessors
Unshift uses a "bring your own AI" model. You connect your own AI assistant (for example, Claude or ChatGPT) to the Unshift Studio over the Model Context Protocol (MCP), authorized through OAuth. All AI reasoning runs inside your own AI application on your own provider account, under your own agreement with that provider.
As a result:
- Unshift does not send your prompts or your project content to any AI provider for model inference. Your conversation with your AI assistant stays between you and the provider you chose.
- Unshift does not operate large language models itself, does not hold an AI provider API key on your behalf, and has no AI-inference contract through which your data flows.
- Unshift's MCP server only performs deterministic, non-AI work that your assistant asks it to do (for example, reading a URL you provide, extracting a theme, assembling or editing blocks and pages, and deploying a site). It receives structured tool calls, not your model prompts.
Because the AI provider relationship is yours and you control it directly, your AI provider is not a subprocessor of Unshift, in the same way that your own GitHub or Netlify account is not. Your use of that provider is governed by the provider's own terms, privacy policy, and data-handling and training practices, which you should review. If you want to understand how prompts are retained or whether they are used for training, consult your provider's documentation and account settings.
How we notify you of changes
We maintain this page as the single source of truth. When we add, remove, or replace a subprocessor that processes Customer Personal Data, we:
- Update this page.
- Email customers on the notification list (subscribe at subprocessors@unshift.ai) at least 30 days in advance.
- If a customer objects to a new subprocessor on reasonable grounds related to data protection, we work with the customer to find an alternative. If no alternative is possible, the customer may terminate the affected part of the Services with a pro-rata refund.
In emergency cases (for example, a subprocessor suffers a material breach and we must replace them faster than 30 days allows), we notify as far in advance as practical and document the reason.
Historical changes
| Date | Change | Reason |
|---|---|---|
| 2026-04-20 | Initial publication of subprocessor list | Launch of Unshift Studio |
| 2026-05-30 | Removed OpenAI, L.L.C. and Anthropic PBC as subprocessors | Move to a bring-your-own-AI model: customers now connect their own AI provider over MCP, so Unshift no longer transmits customer data to an AI provider for inference |
Future additions, removals, and replacements will be appended here.
Contact
- Subprocessor questions or objections: privacy@unshift.ai
- Subscribe to subprocessor change notifications: subprocessors@unshift.ai
- Postal address: Unshift LLC, 1309 Coffeen Avenue STE 1200, Sheridan, Wyoming 82801, United States