Sub-processors List
Last updated: 18 Dec 2025
Inquira Product Sub-processors (EU Data Region)
These sub-processors support our Conversational AI services. They do not receive patient or end-user data outside of the region agreed upon with the customer, unless specifically stated.
| Provider | Service & Personal Data | Data Location & Safeguards |
|---|---|---|
| Hetzner | Primary hosting for Inquira services | Germany |
| Microsoft Azure | Cognitive services for AI-powered features | Europe |
| Eleven Labs | Text To Speech services (optional) | Europe |
| Amazon AWS | Backup and storage (optional) | Germany |
| Mailjet | Email service for notifications and communications | Europe |
| Scaleway | Backup email service for notifications and communications | Europe |
| Telnyx | VOIP provider for phone numbers and SIP trunking | Germany |
| Sentry | Application error tracking and monitoring (may include limited app usage metadata) | Europe |
| PostHog | Application usage and event tracking (may include anonymized or limited session/user data) | Europe |
| Stripe | Payment processing – only handles customer billing information (e.g. company name, billing info), no patient data is processed | United States (Standard Contractual Clauses ) |
| Nylas | Scheduling and calendar connectivity (Optional) (only if the customer enables scheduling features). When customers connect Google or Microsoft calendars, calendar data and OAuth tokens are processed via Nylas. When scheduling is connected via an Inquira App, only essential booking information (e.g. time, availability, identifiers) is shared with Nylas; additional booking questions and non-essential data remain stored solely within Inquira. | Europe |
Inquira Product Sub-processors (US Data Region)
These sub-processors support our Conversational AI services. They do not receive patient or end-user data outside of the region agreed upon with the customer, unless specifically stated.
| Provider | Service & Personal Data | Data Location & Safeguards |
|---|---|---|
| Microsoft Azure | Primary hosting for Inquira services & cognitive services for AI-powered features | United States |
| Eleven Labs | Text To Speech services (optional) | United States |
| Amazon AWS | Backup and storage (optional) | United States |
| Postmark | Email service for notifications and communications | United States |
| Telnyx | VOIP provider for phone numbers and SIP trunking | United States |
| Sentry | Application error tracking and monitoring (may include limited app usage metadata) | United States |
| PostHog | Application usage and event tracking (may include anonymized or limited session/user data) | United States |
| Stripe | Payment processing – only handles customer billing information (e.g. company name, billing info), no patient data is processed | United States |
| Nylas | Scheduling and calendar connectivity (Optional) (only if the customer enables scheduling features). When customers connect Google or Microsoft calendars, calendar data and OAuth tokens are processed via Nylas. When scheduling is connected via an Inquira App, only essential booking information (e.g. time, availability, identifiers) is shared with Nylas; additional booking questions and non-essential data remain stored solely within Inquira. | United States |
Website Sub-processors
These sub-processors operate or enhance the functionality of inquira.health. They generally do not handle patient data unless a user voluntarily provides it (e.g. via contact forms or chat).
| Provider | Service & Personal Data | Data Location & Safeguards |
|---|---|---|
| Vercel | Website hosting provider | Global (Distributed hosting using secure regions and best practices) |
| Cloudflare | DNS and CDN services | Global (Uses SCCs and industry-standard security for global edge caching) |
| Cal.com | Meeting scheduling system | United States (Schedules demos/calls; minimal personal data is collected) |
| Crisp | Chat support for inquira.health | Europe (Chat messages and metadata stored in Europe) |
Infrastructure & Monitoring Sub-processors
The following providers facilitate network connectivity, system availability, logging, and performance monitoring. They handle operational or server metadata only. No patient or end-user data is intentionally stored with these tools. However, limited personal information (e.g. IP addresses, service requests) may appear incidentally in logs or alerts.
| Provider | Service & Personal Data | Data Location & Safeguards |
|---|---|---|
| Tailscale | WireGuard-based VPN for secure server connectivity | Global (Manages end-to-end encrypted ephemeral network connections) |
| UptimeRobot | Uptime monitoring | Global (Minimal server-status data only) |
| Telegram | Internal server alerts and notifications | Global (End-to-end encrypted alert notifications which contain no sensitive information) |
Contact Information
Inquira Technologies B.V.
Dutch Chamber of Commerce Number (KvK): 95495460
Westplein 12, 3016 BM, Rotterdam, The Netherlands
For responsible disclosure of security vulnerabilities, please visit our responsible disclosure page.