HEADSDOWN TRUST
Subprocessors
HeadsDown uses service providers to operate the product. HeadsDown learns from outcomes, not your code. The named vendor inventory is under legal/security verification, so this public page uses conservative category-level disclosure until the reviewed list is ready.
Draft trust page
This trust page is counsel-ready draft content, not a final published policy. It must stay draft-labeled until legal, security, product, subprocessor, and cookie/analytics reviews are complete.
The privacy boundary described here applies to implemented metadata-only agent-run event and outcome-reporting surfaces, and to the routing-decision API boundary when it ships. Older or user-entered product surfaces may store text deliberately submitted through those surfaces.
Prior versions are archived manually in source control before publication changes, following `docs/legal/archive/README.md`.
- Draft version
- 0.1
- Effective date
- Pending counsel review
- Last updated
- May 2, 2026
Current list available on request
Until the legal-reviewed subprocessor table is published, customers and security reviewers can request the current list during partner or business onboarding. HeadsDown will not claim “no subprocessors” because the service depends on infrastructure, delivery, payment, monitoring, and notification providers.
| Category | Purpose | Data processed | Status |
|---|---|---|---|
| Hosting | Runs app, database, storage, and network infrastructure. | Account state, user rules, event metadata, operational logs. | Vendor verification pending for public list. |
| Transactional email | Delivers account, login, confirmation, and service emails. | Email address, message metadata, transactional email content. | Vendor verification pending for public list. |
| Payment processing | Processes subscriptions, invoices, taxes, and fraud checks where billing is enabled. | Billing identifiers, plan metadata, payment-provider records. HeadsDown does not directly store full card numbers. | Vendor verification pending for public list. |
| Error tracking | Captures operational failures so the team can fix reliability issues. | Scrubbed request/error metadata. Do not send prompts, code, paths, logs, or messages to HeadsDown. | Vendor verification pending for public list. |
| Push notification gateways | Delivers mobile notifications through platform push services. | Device tokens, notification metadata, delivery status. | Vendor verification pending for public list. |
What changes before a final vendor table
Before publication of a named list, legal and security review must verify each vendor, purpose, processing location, data category, notice process, and customer objection path. Until then, this page is intentionally conservative.