Legal · Transparency
Subprocessors
Last updated: June 14, 2026
Onplana engages the third-party service providers below to operate the platform. This list satisfies the transparency requirement of GDPR Art. 28(2). For the full data-processing terms applicable to your organisation, refer to the Onplana Data Processing Agreement, which is part of your Master Services Agreement and authorises the list below.
Two categories: Core subprocessors are always engaged whenever Onplana operates; customer content flows through them by default. Optional / integration subprocessors are engaged only when a customer organisation explicitly enables that integration (e.g. connecting Google Drive, Box, or Microsoft Teams). No data flows to those vendors absent the connect step.
Material changes to this list, adding, removing, or changing the region of a subprocessor, will be notified in advance per the DPA. Subscribe to changes by emailing privacy@onplana.com with the subject subprocessor-notify.
Core subprocessors
| Subprocessor | Purpose | Data category | Region | DPA |
|---|---|---|---|---|
| Microsoft Azure | Application hosting (Container Apps), database (Postgres Flexible Server), cache (Redis), object storage (Blob), Key Vault, networking. | All customer content + account data | Azure West US (United States). Daily encrypted backups + 7-day point-in-time restore retained by Azure Postgres Flexible Server; no cross-region replica today. | DPA → |
| Stripe, Inc. | Billing, subscription management, payment processing. | Billing email, billing address, payment-method token (full card data never touches Onplana, collected directly by Stripe Elements). | United States (Stripe is the controller for payment-card data). | DPA → |
| Anthropic, PBC | Claude API, AI features (risk detection, plan generation, status reports, in-app chat). | Project text, task descriptions, and any free-text passed to AI tools. Per Anthropic policy, API inputs are not used for training and are not stored after the request completes. | United States. | DPA → |
| Microsoft Azure OpenAI Service | GPT-4 family, same AI features as Anthropic above. Per-deployment admin choice between Anthropic + Azure OpenAI. | Same as Anthropic. Azure OpenAI processes data inside the customer Azure tenant; no data is shared with OpenAI Inc. nor used for training. | Same Azure region as the hosting tenant. | DPA → |
| Sentry (Functional Software, Inc.) | Error monitoring (stack traces + request metadata on uncaught backend exceptions). | Stack traces, request method + path, IP address. Personal data is scrubbed via Sentry data-scrubber rules; payload bodies are not sent. | United States (default Sentry SaaS region). | DPA → |
| Azure Communication Services | Transactional email (invitations, password resets, notification digests, billing receipts). | Recipient email address + email content composed by Onplana on behalf of the customer. | Same Azure region as the hosting tenant. | DPA → |
| hCaptcha (Intuition Machines, Inc.) | Anti-bot challenge on sign-up + freebie marketing tool gates. | Browser fingerprint, IP address, challenge-solve token. Not linked to a user account. | Global edge. | DPA → |
Optional / integration subprocessors
Engaged only when a customer organisation has explicitly connected the corresponding integration via Settings → Integrations.
| Subprocessor | Purpose | Data category | Region | DPA |
|---|---|---|---|---|
| Google LLC | Google OAuth (consumer sign-in) + Google Workspace integration (Drive file-attach when an organisation explicitly connects Google Drive). | OAuth identity (email + verified flag + sub) at sign-in. With Drive connected: file metadata + content of files the user explicitly attaches. | Global (Google Cloud). | DPA → |
| Microsoft Corporation (consumer + Microsoft 365 / Teams) | Microsoft OAuth sign-in + Microsoft Teams notification integration (when an org installs the Teams app). | OAuth identity (email, verified flag, sub). Teams: channel + message content for connected channels. | Microsoft Cloud (region depends on tenant). | DPA → |
| Microsoft Clarity (Microsoft Corporation) | Product session analytics (heatmaps + masked session replay) inside the app on the FREE plan only, and only for users who opt in. Helps us see where the product trips people up and improve the free experience. | De-identified, masked interaction data: clicks, scrolls, navigation, and page layout. Text, form input values, people’s names, and file contents are masked and never captured. No personal-data identifier (email / name) is sent. | Global (Microsoft). | DPA → |
| Box, Inc. | Box file-attach integration (when an organisation explicitly connects Box). | OAuth tokens + metadata + file content of attached files only. | United States. | DPA → |
| Dropbox, Inc. | Dropbox file-attach integration (when an organisation explicitly connects Dropbox). | OAuth tokens + metadata + file content of attached files only. | United States. | DPA → |
Questions
See also Privacy Policy and Security. For data-residency, transfer mechanism (Standard Contractual Clauses), or DPIA questions, email privacy@onplana.com.