Subprocessors

Stripe

Subscription billing and payment processing.

Data received: Billing contact (name, email), country, selected plan and billing interval, your organization or agency name and internal account identifiers attached as subscription metadata, payment method details entered directly into Stripe-hosted fields (LitAgent OS never stores card numbers), and subscription and trial state.

Stripe privacy policy

Railway

Backend application hosting, PostgreSQL database, and Redis.

Data received: All application data at rest — authors/clients, projects, submissions, deals, contract tracking, finance tracking records, and support tickets — plus queue and cache state.

Railway privacy policy

Vercel

Frontend hosting and Vercel Web Analytics.

Data received: Page requests and privacy-friendly, aggregated usage analytics.

Vercel privacy policy

Cloudflare R2

Object and file storage.

Data received: Uploaded files: manuscripts, contract documents, migration import files, support screenshots, and generated exports. Files live in private buckets, encrypted at rest, and are accessed through short-lived signed URLs.

Cloudflare R2 privacy policy

Resend

Transactional platform email delivery.

Data received: Recipient email addresses and message content for account and product notifications (invitations, password resets, account lifecycle notices).

Resend privacy policy

Google (Gmail API)

Customer-initiated submission email sending.

Data received: Only when you connect Gmail: the submission emails you compose (recipients, subject, body, attachments, and message-routing headers that link replies back to the originating submission), sent through your own Google account via the send-only gmail.send scope under the Google API Services User Data Policy, including its Limited Use requirements. LitAgent OS does not read, store, or index your mailbox.

Google (Gmail API) privacy policy

Google Workspace

Support mailbox hosting for support@litagentos.com.

Data received: Emails you send to support, and internal support ticket notification copies (ticket number, organization, severity, reporter contact).

Google Workspace privacy policy

Sentry

Error and performance monitoring.

Data received: Error reports and performance telemetry, including request metadata and account/organization identifiers needed to diagnose failures. Limited diagnostic context in error events (such as error messages and request details) may incidentally include fragments of customer content. Session replay is disabled.

Sentry privacy policy

Anthropic (Claude API)

AI-assisted migration analysis, the in-app support assistant, and support ticket analysis.

Data received: Uploaded migration file contents (a pre-flight step masks detected personal identifiers in structured fields; free-text fields, document bodies, PDFs, and images are sent in full), support chat messages and conversation history, screenshots you explicitly attach, the page you are viewing (URL and title), browser and device context (user agent, language, platform, and screen/viewport details), your role and timezone, recent client-side error messages, and support ticket text used for triage and same-organization duplicate detection.

Not sent: billing data, finance ledger entries, contract files, or e-sign envelopes. Anthropic does not train its models on API inputs under its default API terms. We do not currently offer a contractual data-residency commitment for AI processing unless separately agreed in writing.

Anthropic (Claude API) privacy policy

OpenAI (DALL-E)

Optional AI avatar image generation.

Data received: Only the avatar prompt text you type. No user identity, email, organization data, or uploaded files are sent.

OpenAI does not use API inputs to train its models under its default API terms. We do not currently offer a contractual data-residency commitment for AI processing unless separately agreed in writing.

OpenAI (DALL-E) privacy policy