Compliance
Subprocessors
We use the following third-party subprocessors to deliver the Loopion platform. Each processor is bound by a Data Processing Agreement.
| Subprocessor | Purpose | Location | Data Processed |
|---|---|---|---|
| OpenAI | AI transcription (speech-to-text with speaker diarisation) and action extraction | United States | Meeting audio, transcripts |
| Anthropic | AI processing (Claude models) for action extraction and self-healing | United States | Meeting transcripts |
| Supabase | Database hosting (PostgreSQL) for all application data | EU (Frankfurt, Ireland) | All application data |
| Vercel | Application hosting, edge functions, and deployment | Global (edge network) | Application traffic, session data |
| Microsoft Azure | Compute infrastructure (Container Apps), email delivery (Mail.Send), Service Bus | UK South / West Europe | Meeting audio (processing), email content |
| Microsoft Graph API | Calendar integration, Teams channel posting, meeting scheduling | Microsoft global infrastructure | Calendar events, Teams messages, meeting metadata |
| Google Calendar API | Calendar integration for Google Workspace users | United States | Calendar events |
Change Notifications
We will notify customers of any changes to our subprocessor list at least 30 days before the change takes effect. Notifications are sent via email to workspace administrators.
Safeguards
All subprocessors are subject to:
- Data Processing Agreements with GDPR-compliant terms
- Standard Contractual Clauses (SCCs) for transfers outside the EU/EEA
- Regular security assessments
- Encryption of data in transit and at rest
Questions
For questions about our subprocessors, contact privacy@loopion.ai.