Subprocessors
Last updated: June 1, 2026
SLDocs uses the third-party service providers listed below to deliver the service. We publish this list to give our users — individual customers and the law firms we serve — full visibility into who processes their data and on what terms.
Document content protection. Every document uploaded to SLDocs is encrypted with a per-document AES-256-GCM key that is itself wrapped by a tenant-scoped Google Cloud KMS key. The "Sees" column below shows what each provider can actually access: most providers see only ciphertext or metadata, never plaintext document content. Where a provider must briefly see plaintext (fax delivery, virus scanning), the plaintext is held only in memory or in a short-lived temporary object that is deleted immediately after use.
| Provider | Purpose | Sees | Region |
|---|---|---|---|
| Vercel Application hosting & edge compute | Hosts the SLDocs application, terminates TLS, routes requests, runs server-side code. Data processed: All HTTP request data (IP addresses, headers, request paths, form submissions in transit). | plaintext (transient) | United States (Global edge) |
| Neon PostgreSQL database | Stores account records, document metadata, audit logs, billing records, and other structured data. Data processed: User names, email addresses, hashed passwords, document filenames and metadata, recipient/trusted-contact records, billing records, audit log entries. | no document content | United States |
| Cloudflare R2 Encrypted object storage | Stores user-uploaded documents as encrypted ciphertext blobs. Data processed: AES-256-GCM-encrypted document ciphertext, KMS-wrapped data encryption keys (DEKs). No plaintext document content; the decryption keys are wrapped by Google Cloud KMS and never sent to R2. | ciphertext only | United States (Global) |
| Google Cloud KMS Encryption key management | Wraps and unwraps the per-document data encryption keys (DEKs) that protect document ciphertext. Operates the envelope-encryption layer. Data processed: KMS-wrapped DEK blobs. The plaintext DEKs exist only in process memory during a single decryption operation and are zeroed afterward. | no document content | United States (configurable per tenant) |
| Resend Transactional email | Sends authentication emails (verification, password reset, two-factor codes), invite emails, notification emails, and other transactional messages. Data processed: Recipient email addresses, user names, message subjects and bodies, delivery metadata. | no document content | United States |
| Stripe Payments | Processes B2C subscription payments, B2B firm billing, and one-time add-on purchases. Hosts the checkout flow and customer billing portal. Data processed: Customer name, email, billing address, card / payment-method tokens. SLDocs never stores card numbers — Stripe handles them under PCI DSS. | no document content | United States (Global) |
| Telnyx Fax delivery | Delivers documents by fax via Programmable Fax when a user purchases the fax-delivery add-on. Data processed: Sender / recipient fax numbers and the document content being faxed. Plaintext document content is decrypted server-side, uploaded to a short-lived presigned URL (1-hour expiry, deleted after delivery), and provided to Telnyx. | plaintext (transient) | United States |
| Cloudmersive Virus scanning | Scans uploaded documents for malware before they are released into the user's vault. Documents are decrypted server-side and submitted to Cloudmersive for scanning; the plaintext is discarded after the scan returns a verdict. Data processed: Document content (plaintext, transient) and scan result. | plaintext (transient) | United States |
| Sentry Server-side error monitoring | Captures unhandled server-side errors and exceptions from SLDocs application servers to help diagnose and fix bugs. SLDocs uses Sentry server-side only — no Sentry browser SDK is loaded, no cookies are set, and no client-side telemetry is collected. Data processed: Server stack traces, error messages, the URL path and HTTP method of the failing request, and a small set of request headers. We do not send document content, encryption keys, full request bodies, or user PII to Sentry (sendDefaultPii is disabled). User IDs may appear in error context where strictly needed to reproduce an issue. | no document content | United States |
Adding or changing subprocessors
We will update this page whenever we add, remove, or materially change a subprocessor, and we will email subscribers below at least 30 days before any change takes effect — long enough for an enterprise customer to object or terminate.
Sub-subprocessors
The providers listed above may themselves rely on their own infrastructure providers (cloud regions, CDNs, etc.). We assess each subprocessor for adequate security and contractual controls before onboarding them, but we do not publish the full subprocessor tree of every vendor — refer to each provider's own subprocessors page, linked from their privacy policy above.
Contact
Questions about this list, or to request a copy of our Data Processing Addendum (DPA)? Email info@sldocs.com.