Last updated: 2026-04-28Owner: SymbioTeK Pty Ltd
This page is the canonical list of sub-processors that receive personal information from MySafeSigns. We commit to notifying customers under signed Data Processing Agreement (DPA) of any change with at least 30 days' written notice. To subscribe to change notifications, email symbiotek@symbio-tek.com.
| Sub-processor | Country / region | Role | Data they receive | Their security page |
|---|---|---|---|---|
| Anthropic, PBC | United States | AI vision model (Claude) for sign detection | Captured sign photograph only — transmitted in API request body, not stored by SymbioTeK | trust.anthropic.com |
| Supabase, Inc. | Database: AWS Singapore (ap-southeast-1)Compute: AWS Sydney ( ap-southeast-2) |
Authentication, database, edge function runtime | Account email, hashed password, credit balance, immutable transaction log | supabase.com/security |
| Stripe Payments Australia Pty Ltd | Australia | Payment processing (credit purchases) | Card details, billing email, customer/session IDs | stripe.com/au/legal/pci-dss |
| Netlify, Inc. | Global edge CDN | Static asset delivery (HTML, JS, CSS, images) | HTTP request metadata only (URL path, IP, user-agent) | netlify.com/security |
Each of the sub-processors above maintains its own list of upstream infrastructure providers. The most consequential are:
ap-southeast-1 region is AWS Asia Pacific (Singapore); ap-southeast-2 is AWS Asia Pacific (Sydney).| Date | Change |
|---|---|
| 2026-04-28 | Initial publication. |
A customer DPA template is available at /security/MySafeSigns-DPA-Template-v1.md. The template references this sub-processor list. To execute a DPA, contact symbiotek@symbio-tek.com.