The third-party services that help us run Foundry.
To deliver Foundry we use a small set of trusted third-party services ('sub-processors'). Each one signs paid-tier agreements with us under terms that protect your data. None of these providers use your data to train their AI models.
At a glance
On paid API tiers, every AI provider listed below contractually commits that:
- Your data is not used to train their models.
- Inputs and outputs are retained for a limited window (typically 30 days) for abuse-monitoring, then deleted.
- Data is encrypted in transit and at rest.
For enterprise customers (Refine plan) we can route through provider Zero-Data-Retention agreements where available, or accept a customer's own API keys so requests stay under the customer's contract with the provider. Contact legal@foundryagents.ai to scope a custom arrangement.
AI providers
| Provider | What they do | Data they may see | Location | Policy |
|---|---|---|---|---|
| OpenAI | Text generation, image generation, audio transcription (Whisper). Used for agent chats, audits, image creation, voice features. | Prompts and responses for requests routed to GPT models. Image prompts and outputs. Audio bytes for transcription. Files attached to a prompt by the user. | United States | Policy |
| Anthropic | Text generation via Claude models. Used for selected agent tasks (legal-style writing, long-context analysis) and select audits. | Prompts and responses for requests routed to Claude. Documents attached to a Claude conversation. | United States | Policy |
| Google (Gemini) | Image generation (Nano Banana), select text tasks. Used when users generate brand visuals or run Gemini-routed conversations. | Image generation prompts, reference images, and resulting images. Text prompts for Gemini routed tasks. | United States | Policy |
| Perplexity | Live web research used by the Signal Audit pipeline (Sonar Pro API). | Business name, website URL, and audit hint sent as a research query. | United States | Policy |
| Brave Search | Web search results powering the Signal Audit and certain agent web-research actions. | Search query strings (typically a business name or topic). No customer-identifying data attached. | United States | Policy |
| Kie.ai | Optional generative-media pipeline available to Refine customers who provide their own key. | Only requests routed via a customer's own Kie.ai API key, on that customer's behalf. | Singapore | Policy |
| Emergent (Universal LLM Key) | Routing layer for OpenAI / Anthropic / Google when customers use the universal Emergent key instead of bringing their own. | The same prompts and outputs that pass through to the underlying provider — Emergent's infrastructure sees the request before forwarding it. | United States | Policy |
Infrastructure & operations
| Provider | What they do | Data they may see | Location | Policy |
|---|---|---|---|---|
| MongoDB Atlas | Managed primary database. Stores all workspace content: accounts, organisations, conversations, documents, audits, leads. | All persisted application data, encrypted at rest. | United States | Policy |
| Cloudflare | DNS, CDN, DDoS protection, TLS termination for foundryagents.ai. | Request metadata (IP, headers, URL paths). Does not see request body content on encrypted endpoints unless TLS terminates at Cloudflare; we use end-to-end TLS for sensitive routes where applicable. | Global edge (data primarily processed in user's region) | Policy |
Communications & billing
| Provider | What they do | Data they may see | Location | Policy |
|---|---|---|---|---|
| Stripe | Payment processing for subscription and add-on purchases. | Billing name, email, payment method details. We never see your full card number. | United States | Policy |
| Resend | Transactional email delivery (login alerts, audit-ready notifications, password resets, billing receipts, optional product updates). | Recipient email address, subject line, email body, attachments such as your audit PDF. | United States | Policy |
Changes to this list
When we add a new sub-processor that handles customer data, we will update this page and (for active customers on Temper+ plans) notify you by email at least 14 days in advance unless the addition is required for security or legal reasons.
To object to a sub-processor addition, contact legal@foundryagents.ai. If we cannot accommodate the objection, you may terminate the affected subscription with a pro-rated refund of any prepaid fees for the period after the change takes effect.