Last updated: May 7, 2026 · This list is the canonical reference and supersedes any list embedded in older versions of the Privacy Policy.
How to read this page
For each sub-processor we list: legal name, the purpose for which we use it, the categories of personal data shared, the region where data is processed, and a link to the provider's own privacy policy / DPA. We will give existing customers at least 30 days' written notice before adding a new sub-processor that processes personal data — subscribe to updates by emailing privacy@getbedpost.com.
None of the sub-processors below receive raw cycle dates, activity logs, journal entries, partner notes, or AI chat transcripts unless explicitly stated. We never sell personal data and never use special-category health data for advertising.
Active sub-processors
| Sub-Processor | Purpose | Data Categories | Region | Privacy / DPA |
|---|---|---|---|---|
| Stripe Payments Inc. | Web subscription billing & payment processing | Email, billing country, payment-method token, subscription status. No card numbers reach BedPost. No health data. | USA / EU | Privacy · DPA |
| Resend (Drip Inc.) | Transactional email delivery (welcome, receipts, password reset, security alerts) | Email address, message content. No health data. | USA | Privacy · DPA |
| Klaviyo Inc. | Marketing email lifecycle and double opt-in (opt-in only) | Email address, marketing-event metadata, anonymized engagement signals. No health data. | USA | Privacy · DPA |
| Mixpanel Inc. | Anonymized product analytics (with IP anonymization enabled) | Anonymized usage events, screen-view counts. No personal or health data. | USA | Privacy · DPA |
| Functional Software Inc. (Sentry) | Crash reporting & error monitoring | Device type, OS version, app version, stack traces. PII scrubbed in transit. No personal or health data. | USA | Privacy · DPA |
| RevenueCat Inc. (activates at mobile launch) | Mobile in-app purchase entitlement management (iOS & Android) | Anonymous app user ID (verified email), subscription status, product ID. No health data. | USA | Privacy · DPA |
| Apple Inc. | App distribution (App Store), in-app purchases, Sign In with Apple | Identity token, optional name & relay email at sign-up. Per Apple's own policies. | USA | Privacy |
| Google LLC | App distribution (Play Store), in-app purchases, Sign In with Google | Identity token, email, profile name when you choose to sign in with Google. | USA | Privacy |
| Replit, Inc. | Application hosting, build pipeline, deployment | All data the application processes (encrypted at rest and in transit). Replit acts as a hosting infrastructure provider only. | USA | Privacy · DPA |
| Neon, Inc. (via Replit-managed Postgres) | Managed PostgreSQL database (primary & read replicas) | All persisted application data. Encrypted at rest (AES-256) and in transit (TLS 1.2+). | USA | Privacy · DPA |
Conditional / opt-in sub-processors
The following providers are wired into the application but only activate when a specific user opt-in is granted. They do not receive special-category health data under any circumstance.
International transfers
Most of our sub-processors are located in the United States. Where personal data of EU/EEA, UK, or Swiss individuals is transferred to a country outside the EEA/UK that lacks an adequacy decision, transfers are protected by the European Commission's Standard Contractual Clauses (2021/914), the UK Information Commissioner's International Data Transfer Addendum, and supplementary technical measures (encryption in transit and at rest, pseudonymisation of analytics events).
Questions or objections
If you object to our use of any specific sub-processor, contact us at privacy@getbedpost.com within 30 days of a notified change. See our Data Processing Addendum for the contractual framework that governs these relationships.