BriefVox AIBriefVox AI
Início

BriefVox AI

Subprocessors Registry

Última atualização: 2026-05-30

Este documento ainda não tem uma tradução jurídica dedicada para o idioma escolhido. É apresentada a versão disponível.

BriefVox AI Subprocessors and Vendors Registry

1. Purpose of this registry

This registry tracks who BriefVox AI entrusts or shares data with in the course of providing the service. The document must be updated whenever a vendor changes.

2. Registry

Vendor

Service

Data

Role

Location

DPA/SCC

Status

Google LLC

login and registration via Google (OAuth 2.0)

Google account identifier, email address, name from Google account

identity provider / independent controller

USA (transfer under standard contractual clauses, Art. 46 GDPR)

https://policies.google.com/privacy

active

Stripe

payments, invoices, subscriptions

payment data, email, transaction identifiers

processor / independent controller for certain services

Irlandia / USA (Stripe Payments Europe, Ltd.)

https://stripe.com/legal/dpa

active

Backblaze B2 (Backblaze Inc.)

storage and infrastructure

audio files, video files, linked media imports, transcriptions, metadata

processor

Unia Europejska (EU Central, Amsterdam) / European Union (EU Central, Amsterdam)

https://www.backblaze.com/company/dpa.html

active

Amazon Web Services (AWS Bedrock)

AI Notes generation (summaries, notes, translations) from transcript text; does not perform audio transcription — that runs locally at the Operator

transcript text sent as a prompt, AI Notes output, metadata (audio/video files are not shared with this provider)

processor / subprocessor

Unia Europejska (Sztokholm, AWS eu-north-1) / European Union (Stockholm, AWS eu-north-1)

https://aws.amazon.com/compliance/gdpr-center/

active

Resend (Resend, Inc.)

system notifications

email address, system message content

processor

USA (Standardowe Klauzule Umowne / Standard Contractual Clauses)

https://resend.com/legal/dpa

active

Vercel Inc.

hosting and delivery of the web application (frontend), CDN, request routing; the backend (API, database, queues, transcription) runs on the Operator's own infrastructure, not on Vercel

technical connection data (IP address, request metadata), session cookies, and data entered in the browser in transit; audio/video files and transcriptions are not stored on Vercel

processor

USA (transfer under standard contractual clauses, Art. 46 GDPR)

https://vercel.com/legal/dpa

active

3. Vendor selection criteria

availability of a Data Processing Agreement (DPA),

whether data is processed within the EU/EEA,

whether encryption is applied,

data retention terms,

whether data is used for model training,

whether model training on client data can be disabled,

how data is deleted after processing,

whether the vendor holds security certifications or documentation.