To keep Serus running, we rely on a handful of trusted partners for things like hosting, payments, and security. Every vendor on this list is held to the same standards we hold ourselves to — your data stays protected, no matter who's handling it.
Here's exactly who they are and what they do.
Subprocessors
Last Update: April 13th, 2026
Introduction
This page lists the third-party service providers (“Subprocessors”) that ANON AI Labs, Inc. (“Serus,” “ANON,” “we,” “us,” or “our”) uses to help deliver and support the Serus Services.
This list is provided for transparency and forms part of our Privacy program. Where applicable (for business/enterprise customers), Subprocessors are also covered under our Data Processing Addendum (DPA).
DPA:
https://www.serus.ai/legal/dpaPrivacy Policy:
https://www.serus.ai/legal/privacy
1. What is a “Subprocessor”?
A Subprocessor is a third party that processes personal data on our behalf in order to provide the Services (for example, cloud hosting, analytics, customer support tooling, authentication, or payment processing).
Some providers may act as independent controllers for data they process for their own purposes (for example, certain payment providers). In those cases, their processing is governed by their own privacy policies.
2. What this list includes (and what it may not include)
This list includes Subprocessors that may process personal data in connection with the Services.
Because we may update infrastructure, vendors, and integrations over time, the list may change. In limited cases, certain cookies, embedded content, or third-party integrations enabled by customers (e.g., within a white-label deployment) may involve additional third parties not listed here. For cookie-related technologies, see our Cookie Policy.
Cookie Policy:
https://www.serus.ai/legal/cookies
3. Updates and notifications
We may update this Subprocessors list from time to time. If we make material changes, we will update the “Last updated” date above and may provide additional notice where required by law or contract.
Enterprise customers who have notification rights under a signed agreement or DPA should follow the notice process in that agreement.
4. Subprocessors list
Below is a list of Subprocessors that may be used to provide the Services:
Clerk
Purpose: Authentication and user management
Location: United States
Data Types: Customer data (login credentials, authentication tokens, user profiles)
Amazon Web Services (AWS)
Purpose: Cloud infrastructure and hosting services
Location: United States
Data Types: Customer data, application data, logs
Fly.io
Purpose: Server hosting and global edge deployment
Location: United States / Global
Data Types: Customer data, application data, logs
Purpose: Cloud infrastructure and hosting services
Location: United States / Global
Data Types: Customer data, analytics data, application data, logs
Resend
Purpose: Functional & transactional email delivery service
Location: United States
Data Types: Customer contact data (email addresses), communication content, delivery logs
Stripe
Purpose: Payment processing and billing services
Location: United States
Data Types: Customer payment details, billing information, transaction data
Sentry
Purpose: Application monitoring, error tracking, and debugging
Location: United States
Data Types: Application data, error logs (may include limited customer-identifiable data if present in logs)
Trigger.dev
Purpose: Workflow automation and background job orchestration
Location: United States
Data Types: Customer data processed through automated tasks, application data, job execution logs
Zendesk
Purpose: Customer support and ticketing platform
Location: United States / Global
Data Types: Customer contact details, support communications, metadata, and logs
PostHog
Purpose: Product analytics and user identification
Location: United States
Data Types: Email addresses, names, country
Prighter (iuro Rechtsanwälte GmbH)
Purpose: EU/UK/Swiss GDPR Article 27 representation and data subject request management
Location: Austria (EU) / United Kingdom / Switzerland
Data Types: Data subject contact details, identification data, and request content
OpenRouter (routes to Google Gemini)
Purpose: AI processing and content analysis
Location: United States
Data Types: User profile data included in AI prompts
LocationIQ
Purpose: Address validation and autocomplete
Location: United States
Data Types: Addresses, postal codes, coordinates
IPInfo
Purpose: IP geolocation
Location: United States
Data Types: IP addresses
LeakCheck
Purpose: Breach database lookups
Location: United States
Data Types: Email addresses, usernames, phone numbers, passwords, domains
Have I Been Pwned (Apozy Ltd / Troy Hunt)
Purpose: Breach data lookup
Location: United States / Australia
Data Types: Email addresses
OSINT Industries
Purpose: OSINT queries and intelligence gathering
Location: United States
Data Types: Email addresses, names, phone numbers, usernames, wallet addresses
5. Questions
If you have questions about this list or our vendors, contact:
Support: support@serus.ai
Privacy/DPO: dpo@serus.ai
Support portal: https://www.serus.ai/contact/support
ANON AI Labs, Inc.
A Delaware corporation, United States