Sub-processors List

Inquira Product Sub-processors (EU Data Region)

These sub-processors support our Conversational AI services. They do not receive patient or end-user data outside of the region agreed upon with the customer, unless specifically stated.

Provider	Service & Personal Data	Data Location & Safeguards
Hetzner	Primary hosting for Inquira services	Germany
Microsoft Azure	Cognitive services for AI-powered features	Europe
Eleven Labs	Text To Speech services (optional)	Europe
Amazon AWS	Backup and storage (optional)	Germany
Mailjet	Email service for notifications and communications	Europe
Scaleway	Backup email service for notifications and communications	Europe
Telnyx	VOIP provider for phone numbers and SIP trunking	Germany
Sentry	Application error tracking and monitoring (may include limited app usage metadata)	Europe
PostHog	Application usage and event tracking (may include anonymized or limited session/user data)	Europe
Stripe	Payment processing – only handles customer billing information (e.g. company name, billing info), no patient data is processed	United States Uses Standard Contractual Clauses (SCCs)

Inquira Product Sub-processors (US Data Region)

These sub-processors support our Conversational AI services. They do not receive patient or end-user data outside of the region agreed upon with the customer, unless specifically stated.

Provider	Service & Personal Data	Data Location & Safeguards
Microsoft Azure	Primary hosting for Inquira services & cognitive services for AI-powered features	United States
Eleven Labs	Text To Speech services (optional)	United States
Amazon AWS	Backup and storage (optional)	United States
Postmark	Email service for notifications and communications	United States
Telnyx	VOIP provider for phone numbers and SIP trunking	United States
Sentry	Application error tracking and monitoring (may include limited app usage metadata)	United States
PostHog	Application usage and event tracking (may include anonymized or limited session/user data)	United States
Stripe	Payment processing – only handles customer billing information (e.g. company name, billing info), no patient data is processed	United States

Website Sub-processors

These sub-processors operate or enhance the functionality of inquira.health. They generally do not handle patient data unless a user voluntarily provides it (e.g. via contact forms or chat).

Provider	Service & Personal Data	Data Location & Safeguards
Vercel	Website hosting provider	Global Distributed hosting using secure regions and best practices.
Cloudflare	DNS and CDN services	Global Uses SCCs and industry-standard security for global edge caching.
Cal.com	Meeting scheduling system	United States Schedules demos/calls; minimal personal data is collected.
Crisp	Chat support for inquira.health	Europe Chat messages and metadata stored in Europe.

Infrastructure & Monitoring Sub-processors

The following providers facilitate network connectivity, system availability, logging, and performance monitoring. They handle operational or server metadata only. No patient or end-user data is intentionally stored with these tools. However, limited personal information (e.g. IP addresses, service requests) may appear incidentally in logs or alerts.

Provider	Service & Personal Data	Data Location & Safeguards
Tailscale	WireGuard-based VPN for secure server connectivity	Global Manages end-to-end encrypted ephemeral network connections.
UptimeRobot	Uptime monitoring	Global Minimal server-status data only
Telegram	Internal server alerts and notifications	Global End-to-end encrypted alert notifications which contain no sensitive information.