How to read this page

Each entry below lists the subprocessor name, what we use it for, the categories of data that flow to it, the region where it operates for our account, and a link out to that vendor's privacy or data-processing terms. None of these vendors receive customer Content (the spec sections, submittal packages, and generated reports) unless explicitly labeled below. The rule of thumb across our stack: document content stays in Cloudflare storage and is forwarded to Anthropic only for the duration of a review; everything else (payments, customer relationship management, transactional email, contact-form metadata) sees only contact details, account, and payment records.

Change notification. Active customers are notified through their account or by email before we add a new subprocessor that handles personal data or customer Content. If you object to a planned change, contact us through the contact form with subject "subprocessors" before the effective date and we will work through it with you.

Anthropic

  • Purpose. Large Language Model (LLM) backend that compares the spec section and submittal package and returns the deviation findings that become your report. This is the only place document content is opened on our behalf.
  • Data categories. Customer Content (the spec section text and submittal package text) for the duration of a review only. No account, contact, billing, or analytics data flows to Anthropic.
  • Region. United States, via Anthropic's commercial Application Programming Interface (API).
  • Training posture. As of the date this page was last reviewed, Anthropic states that content submitted through its commercial API is not used to train foundation models. Vendor terms can change; we update this page and the Privacy Policy if Anthropic's published position changes materially.
  • Terms and privacy. Anthropic commercial terms . Anthropic privacy policy

Cloudflare

  • Purpose. Hosting and infrastructure: serves the Site (deviationcheck.com), runs the Application Programming Interface (API) at api.deviationcheck.com, stores customer files in a Cloudflare-hosted object store under a per-account prefix, and provides Cloudflare Turnstile bot protection on the Contact form.
  • Data categories. Customer Content (spec, submittal, and reports) at rest in object storage; account and order metadata; Internet Protocol (IP) addresses and request metadata at the network level for security and content delivery; short-lived Turnstile signals on the Contact form for bot detection.
  • Region. United States. Object storage is configured to a US region; the Site and API are served through Cloudflare's global edge with the origin and durable storage in the United States.
  • Terms and privacy. Cloudflare Data Processing Addendum . Cloudflare privacy policy

Stripe

  • Purpose. Payment processing for per-submittal purchases, subscriptions, invoices, and checkout. Stripe handles the card-data half of the transaction; Deviation Check never sees or stores your full card number.
  • Data categories. Billing contact details, billing email, transaction metadata (amount, currency, tier purchased), and tokenized payment-method references. No customer Content (spec, submittal, or generated reports) flows to Stripe.
  • Region. United States, with Stripe's standard global processing for the card networks.
  • Terms and privacy. Stripe Data Processing Agreement . Stripe privacy policy

HubSpot

  • Purpose. Customer Relationship Management (CRM) system. Holds Contact-form submissions and the resulting contact and deal records so we can reply to inquiries, scope engagements, and track ongoing customer relationships.
  • Data categories. First name, last name, work email, optional company, inquiry subject, your message, and the associated deal record. No customer Content (spec, submittal, or generated reports) flows to HubSpot.
  • Region. United States, on HubSpot's US-region instance for our account.
  • Terms and privacy. HubSpot Data Processing Agreement . HubSpot privacy policy

Resend

  • Purpose. Transactional email delivery for order confirmations, report-ready notifications, contact-form replies, and other outbound mail from a verified Deviation Check sub-domain.
  • Data categories. Recipient email address, subject line, message body, send and delivery timestamps, and basic deliverability signals (bounces, complaints). No customer Content (spec, submittal, or generated reports) is included in email bodies; emails contain account references and links into the Site.
  • Region. United States.
  • Terms and privacy. Resend Data Processing Agreement . Resend privacy policy

Plausible Analytics

  • Purpose. Aggregate web analytics on the public marketing site (deviationcheck.com): pageviews per URL and a small number of named conversion events (for example, /upload clicks, /contact submissions, sample-report views). Cookieless and privacy-preserving by design. The intake API (api.deviationcheck.com), the account-area UI, the spec and submittal documents customers upload, and the generated deviation reports are not instrumented with Plausible.
  • Data categories. Page URL (path; query parameters discarded except marketing campaign tags such as utm_source), HTTP referrer, browser and version, operating system, device class, country-region-city derived from the Internet Protocol address. The Internet Protocol address itself is not stored. A daily-rotating salted hash is used in place of cookies; the salt rotates every 24 hours, preventing cross-day visitor identification. No customer Content (spec, submittal, or generated reports). No contact details. No payment information.
  • Region. European Union. Plausible Insights OÜ is incorporated in Estonia; servers are owned and operated by European infrastructure providers within the EU.
  • Subprocessor classification. Plausible processes only public marketing-site visitor data and is not a subprocessor of customer Content. The thirty-day pre-notification commitment in the change-notification callout above applies to subprocessors that process personal information customers provide to us; its addition therefore does not trigger that commitment.
  • Terms and privacy. Plausible Data Processing Agreement . Plausible Data Policy

What is not on this list, and why

We deliberately keep the subprocessor surface small. The Site loads no marketing pixels, no chat widget, no fingerprinting library, and no third-party advertising network. The third-party scripts that load on a Site page today are: Cloudflare Turnstile on the Contact form (covered by the Cloudflare entry above) and the cookieless Plausible analytics beacon on the public marketing site (covered by the Plausible entry above). If a future feature requires a new subprocessor (for example, a self-serve billing portal or a customer-support tool), we will list it here before it goes into production and notify active customers per the change-notification commitment in the callout at the top of this page.

Questions or objections

If your procurement process needs a copy of a specific vendor's Data Processing Agreement (DPA), a security questionnaire, or a written representation that a particular vendor is not in our stack, reach out via the contact form with subject "subprocessors" and we will respond inside one business day to acknowledge and within five business days substantively.

This page is a public commitment. We update it whenever the underlying subprocessor list changes; the date below shows when it was last reviewed.

Last reviewed: May 24, 2026.