Sub-processors

Google Cloud Platform

Primary cloud provider. Data at rest in me-central1 (Doha, Qatar). AI processing via Gemini Enterprise Agent Platform global endpoint with contractual Zero Data Retention — Google cannot store or train on your data.

AI inference (Gemini Enterprise Agent Platform), object storage (Cloud Storage), relational database (Cloud SQL), encryption key management (Cloud KMS), compute (Cloud Run), authentication (Firebase)

GCP me-central1 (Middle East, Doha) for storage/compute; Gemini Enterprise Agent Platform global (US/EU) for AI with Zero Data Retention

Anthropic (via Google Cloud Model Garden)

Accessed exclusively via Google Cloud Model Garden. No direct Anthropic API calls. Google Cloud ZDR applies.

Advanced AI analysis — portfolio rebalancing, succession assessment, complex reasoning tasks

GCP global endpoint (via Gemini Enterprise Agent Platform)

Stripe

PCI-DSS Level 1 certified. Card data never touches maivis servers.

Payment card processing, subscription management, billing portal

Global (Stripe infrastructure)

Firebase (Google)

Authentication, identity management, FIDO2 passkey verification

GCP global

PostHog

Analytics are opt-in only (DIFC DPL 2020 Art. 11). No data collected without explicit user consent.

Product analytics — session recording, event tracking, funnel analysis

EU (PostHog Cloud EU)