Name | Description of Processing | Processing Location | Corporate Location | Privacy Policy |
|---|---|---|---|---|
Stripe | Payments and subscription management | United States (primarily) | United States | |
GitHub | OAuth authentication; open-source search metadata | United States / global | United States | |
Supabase | Authentication and backend services | United States / global | United States | |
Microsoft (Azure) | Cloud hosted infrastructure, data hosting, AI inference | United States / global | United States | |
Amazon Web Services (AWS) / Amazon Bedrock | Cloud infrastructure; AI inference (data is routed only to the specific model required to fulfill the user’s request)user’s request) | United States / global | United States | |
OpenAI | AI inference (data is routed only to the specific model required to fulfill the user’s request) | United States | United States | |
Anthropic | Anthropic AI inference (data is routed only to the specific model required to fulfill the user’s request) | United States | United States | |
Google (APIs/AI services) | AI inference (data is routed only to the specific model required to fulfill the user’s request) | United States / global | United States | |
Datadog | Observability (RUM/APM), monitoring | United States / global | United States | |
PostHog | Product analytics | United States / global | United States | |
Intercom | Customer support communications | United States / global | United States | |
Application hosting and compute infrastructure | United States / global | United States | ||
Cloudflare | CDN, DNS, DDoS protection, and edge networking | United States / global | United States | |
xAI | AI inference (data is routed only to the specific model required to fulfill the user’s request) | United States | United States | |
Resend (Plus Five Five, Inc.) | Transactional email delivery | United States | United States | |
Twenty | CRM | Germany (EU) | United States | |
N8N | Dataflow automation | EU | United States | |
Railway | Application hosting and compute infrastructure | States | United States |
Effective date: February 23, 2026 | Last updated: March 10, 2026
The GitHits Data Processing Agreement incorporates this Subprocessor List by reference, and the GitHits Privacy Policy references it.
This Subprocessor List identifies third-party subprocessors that GitHits has authorized to process personal data on its behalf to provide the Service. "Service" has the meaning given in the GitHits Terms of Service. "Customer Data" may include personal data as our Data Processing Agreement describes.
GitHits will update this list as subprocessors change. We will provide at least 30 days' notice of new subprocessors before we authorize them to process Customer Data, as the Data Processing Agreement requires.
Processing locations may vary by region and service configuration. GitHits will update this list as it engages new subprocessors in accordance with the Data Processing Agreement. For details on how GitHits governs subprocessors, including your right to object to new subprocessors, see our Data Processing Agreement.
Contact: support@githits.com