Legal

Subprocessors

Xeler engages the third-party subprocessors below to deliver the service. Each is bound by a GDPR-compliant Data Processing Agreement (Art. 28). Where data is transferred outside the EU/EEA, Standard Contractual Clauses (SCCs) apply. Integrations marked as connected on demand only process data after you explicitly authorize them.

Last updated: June 1, 2026

Subprocessor	Purpose	Data processed	Location	DPA
Neon	Primary database hosting	All application data (encrypted at rest)	EU (Frankfurt)	DPA
Vercel	Application hosting, edge network, file (Blob) storage	HTTP requests, served content, uploaded files	EU / Global (SCCs)	DPA
Stripe	Payment and subscription processing	Billing details, payment metadata	EU / US (SCCs)	DPA
Resend	Transactional email delivery	Email addresses, message content	EU / US (SCCs)	DPA
Upstash	Redis cache (rate limiting, sessions)	Ephemeral cache and counters	EU (Ireland)	DPA
Google (Workspace APIs)	Slides / Drive export for strategy presentations via OAuth (connected on demand)	Profile email, the presentation documents you choose to export	EU / US (SCCs)	DPA

NeonDPA

Primary database hosting

All application data (encrypted at rest) · EU (Frankfurt)

VercelDPA

Application hosting, edge network, file (Blob) storage

HTTP requests, served content, uploaded files · EU / Global (SCCs)

StripeDPA

Payment and subscription processing

Billing details, payment metadata · EU / US (SCCs)

ResendDPA

Transactional email delivery

Email addresses, message content · EU / US (SCCs)

UpstashDPA

Redis cache (rate limiting, sessions)

Ephemeral cache and counters · EU (Ireland)

Google (Workspace APIs)DPA

Slides / Drive export for strategy presentations via OAuth (connected on demand)

Profile email, the presentation documents you choose to export · EU / US (SCCs)

We will update this page before adding or replacing a subprocessor. To be notified of changes, or for any question about our processing, contact us at support@rawww.online.