Loading ChongCheck
Preparing the next page and checking session context.
Preparing the next page and checking session context.
This document lists the third parties ("Subprocessors") that ChongCheck OÜ uses to deliver the Service. Each Subprocessor processes personal data on our behalf under a signed Data Processing Agreement (DPA) and, where applicable, Standard Contractual Clauses (SCCs).
We publish this list as part of our transparency commitment and update it on at least 30 days' notice before adding or materially changing a Subprocessor that processes personal data.
Email privacy-updates@chongcheck.app with the subject "Subscribe subprocessors" to receive an email each time this list is updated. Alternatively, monitor the version history at chongcheck.app/legal/subprocessors/versions or the RSS feed at chongcheck.app/legal/subprocessors.rss.
| Subprocessor | Role | Data processed | Location | Transfer mechanism |
|---|---|---|---|---|
| Cloudflare, Inc. | CDN, DDoS protection, R2 object storage (user uploads, research corpus) | All data (transit + storage) | US, EU, RU edges | SCCs |
| MongoDB, Inc. (Atlas) | Managed primary database for accounts, pets, cases, transactions, audit log | Account, pet, case, billing data (encrypted at rest) | EU (Frankfurt) for EU users; US for non-EU | SCCs |
| Fly.io, Inc. | Application hosting for backend services | All transit data | EU (Frankfurt), US (Ashburn) | SCCs |
| Vercel, Inc. | Frontend hosting (Next.js) | Account session, page views | Multi-region edge | SCCs |
| Subprocessor | Role | Data processed | Retention | Transfer mechanism |
|---|---|---|---|---|
| Anthropic PBC (Claude) | LLM inference (Chief Diagnostician, specialists, Pass-2 PII strip) | Redacted, pseudonymized prompt content | Zero-retention API | SCCs, zero-retention DPA |
| OpenAI, L.L.C. (GPT-5, GPT-4o, Whisper) | LLM inference (Adversary, OCR, STT) | Redacted prompt content | 30-day API retention; zero-retention for enterprise tier | SCCs |
| Google LLC (Gemini) | LLM inference (Cross-Validator) | Redacted prompt content | Per Google Cloud DPA | SCCs |
| Groq, Inc. | Low-latency open-weights inference | Redacted prompt content | Zero-retention API | SCCs |
AI model providers do not train their own models on data submitted via ChongCheck. We use zero-retention or short-retention endpoints with explicit no-training clauses in DPAs.
| Subprocessor | Role | Data processed | Transfer mechanism |
|---|---|---|---|
| Heleket Ltd. | Payment processing (cards, USDT, BTC), tokenization, fraud screening | Card token, transaction history, billing address | SCCs; PCI-DSS Level 1 |
| Stripe, Inc. (where enabled by region) | Alternative payment processing | Same as above | SCCs; PCI-DSS Level 1 |
| Subprocessor | Role | Data processed | Transfer mechanism |
|---|---|---|---|
| Postmark (Wildbit, LLC) | Transactional email (receipts, security alerts, outcome wizard nudges) | Email, name, message content | SCCs |
| Twilio, Inc. (where SMS enabled) | SMS for emergency alerts only | Phone number, message content | SCCs |
| Apple Push Notification service | Push notifications (iOS) | Push token, notification content | Apple DPA |
| Firebase Cloud Messaging (Google) | Push notifications (Android) | Push token, notification content | SCCs |
| Subprocessor | Role | Data processed | Configuration |
|---|---|---|---|
| PostHog Inc. | Product analytics | Pseudonymized user ID, event names + properties (PII-scrubbed) | EU-hosted instance, IP-masking enabled |
| Sentry (Functional Software, Inc.) | Error monitoring, performance tracing | Pseudonymized user ID, error stack, redacted request context | EU-hosted, PII-scrubbing rules enabled |
| Datadog (where enabled) | Backend infrastructure metrics | Service metrics, host metrics, no personal data | SCCs |
| Subprocessor | Role | Data processed | Transfer mechanism |
|---|---|---|---|
| Plain.com (or similar — TBD) | Customer support inbox, conversation history | Email, name, support messages and attachments | SCCs |
| Notion | Internal knowledge base (no user data) | None | SCCs |
| Subprocessor | Role | Data processed | Retention |
|---|---|---|---|
| Veriff OÜ (where enabled) | KYC for veterinary professionals | Government-issued ID, professional licence | 30 days after verification |
| Persona (where alternative) | Same as above | Same | 30 days |
| Subprocessor | Role | Data processed |
|---|---|---|
| OneTrust or Termly (TBD) | Cookie consent management | Consent records (hashed user identifier, preferences, timestamp) |
| Vanta (where enabled) | SOC 2 / GDPR compliance automation | Account metadata, audit trail aggregates |
Because ChongCheck processes personal data of Russian Federation residents, primary storage of accounts of RU users is mirrored in Yandex Cloud (Moscow region) to comply with 152-FZ data-residency requirements. Cross-border processing for AI inference is conducted under separate explicit consent at signup.
| Subprocessor (RU-specific) | Role | Data processed | Compliance |
|---|---|---|---|
| Yandex.Cloud | Primary storage of RU-resident accounts | Account, pet, case, billing data | 152-FZ Article 18(5) data-residency |
The following entities receive only aggregated, k-anonymous data under separate Data Processing Agreements and Non-Disclosure Agreements. They are not Subprocessors because they do not receive personal data.
| Partner type | Data received | Frequency |
|---|---|---|
| Pharmaceutical research partners | k-anonymous aggregated statistics (n ≥ 5, rising to 10 by partner DPA) | Quarterly |
| Academic research institutions | k-anonymous aggregated statistics; row-level only under separate DPIA and re-consent | Per study |
See the AI Training & Research Data Notice for the explicit rules.
We list previously used Subprocessors below for full transparency. Data has been deleted or returned per contract.
(No removals yet — list will populate as the Service evolves.)
For transfers outside the EEA / UK / Switzerland / Russia, we rely on:
Each Subprocessor is selected against:
We review Subprocessor compliance annually and upon any material incident.
If you object to a new Subprocessor on reasonable grounds (e.g., a specific compliance concern), email privacy@chongcheck.app within the 30-day notice period. We will:
privacy@chongcheck.appdpo@chongcheck.appprivacy-updates@chongcheck.appThis document is a draft pending review by qualified counsel. The list will be expanded and finalized at production launch; vendor names marked "(TBD)" or "where enabled" indicate pending selection or regional availability.