Microsoft Azure
Purpose: Application hosting, databases, storage, logging, and infrastructure. Data processed: account metadata, workspace metadata, uploaded files, generated outputs, operational logs, and application data.
Subprocessors
Third parties that may process TraceOps Commercial customer data.
TraceOps Commercial discloses every third party that may touch customer content, billing data, or AI-processed inputs. This page is the authoritative list and should be reviewed alongside the privacy policy and terms.
OpenAI
Purpose: AI model processing for document analysis, summaries, matrices, drafts, and generated workflow responses. Data processed: customer-provided prompts, uploaded document excerpts, workspace instructions, generated outputs, and related AI-processing metadata.
Stripe
Purpose: Subscription billing, checkout, invoices, payment processing, and payment status. Data processed: subscriber name, email, billing address, payment metadata, subscription plan, invoice history, and payment status. Stripe does not receive uploaded files, document text, proposal workspace content, or AI-generated document outputs.
Data boundary
TraceOps Commercial is not authorized for CUI, classified information, ITAR-controlled data, export-controlled data, source-selection sensitive information, or restricted government information. Do not upload or submit such data. Subscribers are responsible for confirming that uploaded materials are public or otherwise non-controlled before submission.
Changes to this list
This subprocessor list reflects the third parties that may process customer data through TraceOps Commercial as of the most recent update. If a new subprocessor is added or an existing one is replaced, this page will be updated. Material changes will be communicated to active subscribers through in-product or email notification.