Escendant Ltd
Last Updated: 02/10/2025
Status: Published
This public list names third parties that process Customer Data as our processors. Third-party controllers (for example, app stores and sign-in with Apple/Google) are not listed here and are described in our Privacy Notice.
Current Sub-Processors
| Sub-Processor (legal entity) | Purpose | Categories of personal data | Hosting/transfer regions | Transfer mechanism |
|---|---|---|---|---|
| Amazon Web Services, Inc. (AWS) | Infrastructure hosting; identity services | Account identifiers; usage metadata; stored content | UK (London, eu-west-2) | Not applicable (in-UK) |
| Anthropic PBC | Model inference | Text; audio/images | US; EU | SCCs + UK Addendum |
| AssemblyAI, Inc. | Voice transcription | Audio; derived text; account identifiers | EEA (Ireland); US | SCCs + UK Addendum for US |
| Cerebras Systems, Inc. | Model inference | Text; audio/images | US; Canada; EEA | SCCs + UK Addendum (US); Adequacy (Canada) |
| DeepInfra, Inc. | Model routing; inference | Text; audio/images | US | SCCs + UK Addendum |
| Features & Labels, Inc. (FAL) | Model hosting; voice cloning; avatar generation | Audio; images; text prompts; derived voice profiles | US | SCCs + UK Addendum |
| Fireworks AI, Inc. | Model inference; voice transcription | Text; audio/images | Global (primarily US/EU) | SCCs + UK Addendum |
| Google LLC (Firebase Analytics) | App analytics and crash reporting | App instance IDs; device identifiers; usage events; crash diagnostics; coarse location; truncated/anonymised IP | EEA; US | SCCs + UK Addendum (US) |
| Google LLC (Google Workspace) | Support email communications | Email content; account identifiers; support metadata | Global (primarily EEA/US) | SCCs + UK Addendum (US) |
| HubSpot, Inc. | Opt‑in mailing list and marketing communications management; website forms | Name; email address; phone number; subscription preferences; consent records | EEA (Germany) | Adequacy (EEA) |
| Groq, Inc. | Model inference; voice transcription | Text; audio/images | US; Canada; KSA; EEA (region depends on model selection) | SCCs + UK Addendum (US, KSA); Adequacy (Canada) |
| OpenAI, L.L.C. | Model inference | Text; audio/images | US; EU | SCCs + UK Addendum for non-UK/EEA processing |
| OpenRouter, Inc. | Model routing to third-party model providers | Text; audio/images | Various (depending on selected model) | Varies (generally SCCs + UK Addendum or adequacy, as applicable) |
| Together Computer, Inc. | Model inference | Text; audio/images | Global (primarily US/EU) | SCCs + UK Addendum |
| Zoho Corporation | Support chat | Chat content; account identifiers; support metadata | Global (incl. US/EU/India) | SCCs + UK Addendum |
Notes: – For AI providers, we configure settings to prevent the use of Customer Data for training wherever such controls are available, and we avoid providers where this cannot be disabled. – Model routing platforms (e.g., OpenRouter, DeepInfra) may engage additional model providers. The region used depends on the selected model and service configuration.
Sub-Processor Change Notifications
We will provide 30 days’ advance notice of any changes to our sub-processor list via:
- Email notification to registered users
- Website update at https://thehumanarchive.com/sub-processors
- Updated terms and conditions
We may make urgent substitutions on shorter notice where necessary for security, continuity, or to address an incident. In such cases we will notify you as soon as reasonably possible and honour applicable objection rights.
Customer Rights (applies to all users)
You have the right to:
- Object to the use of a new sub-processor on reasonable data-protection grounds
- Request termination or cancellation of the affected services if you object to sub-processor changes, in accordance with our Terms (including pro‑rata refunds for direct purchases; app store purchases subject to store policies)
- Receive information about sub-processor data processing activities
Contact
For questions about our sub-processors: privacy@escendant.ai
This list is maintained in compliance with UK GDPR Article 28 requirements