Sub-Processors

Railway

Infrastructure

Purpose:

Application hosting, database hosting, and container orchestration

Location:

United States

Data types:

All customer data (account information, posts, chat history, encrypted API keys)

Security:

SOC 2 Type II, encryption at rest and in transit, private networking

OpenRouter

AI / LLM

Purpose:

LLM routing provider for AI chat and analysis features. Routes requests to downstream model providers listed below.

Location:

United States

Data types:

AI chat messages (prompts and responses), model selection metadata

Security:

TLS encryption, no training on customer data by default

OpenRouter is a routing layer. Your messages are forwarded to the specific model provider you select. ThreadScope uses a fixed set of models -- the downstream providers are listed individually below.

OpenAI

AI / LLM (via OpenRouter)

Purpose:

Downstream model provider for GPT-4o and GPT-4o Mini

Location:

United States

Data types:

AI chat messages (prompts and responses) for the selected model

Security:

SOC 2 Type II, encryption at rest and in transit, no training on API data by default

Anthropic

AI / LLM (via OpenRouter)

Purpose:

Downstream model provider for Claude 3 Haiku and Claude 3.5 Sonnet

Location:

United States

Data types:

AI chat messages (prompts and responses) for the selected model

Security:

SOC 2 Type II, encryption at rest and in transit, no training on API data by default

Google

AI / LLM (via OpenRouter)

Purpose:

Downstream model provider for Gemini 2.0 Flash and Gemma models

Location:

United States

Data types:

AI chat messages (prompts and responses) for the selected model

Security:

SOC 2 Type II, ISO 27001, encryption at rest and in transit

Meta

AI / LLM (via OpenRouter)

Purpose:

Downstream model provider for Llama 3.1 8B and Llama 3.3 70B (open-weight models hosted by OpenRouter or partner infrastructure)

Location:

United States

Data types:

AI chat messages (prompts and responses) for the selected model

Security:

Open-weight models; hosting security governed by OpenRouter's infrastructure

Mistral AI

AI / LLM (via OpenRouter)

Purpose:

Downstream model provider for Mistral Large

Location:

France

Data types:

AI chat messages (prompts and responses) for the selected model

Security:

TLS encryption, no training on API data by default

DeepSeek

AI / LLM (via OpenRouter)

Purpose:

Downstream model provider for DeepSeek V3

Location:

China

Data types:

AI chat messages (prompts and responses) for the selected model

Security:

TLS encryption

DeepSeek is based in China. Data sent to DeepSeek models may be processed in China and subject to Chinese data protection laws. By selecting a DeepSeek model, you acknowledge this transfer.

NVIDIA

AI / LLM (via OpenRouter)

Purpose:

Downstream model provider for Nemotron models (free tier)

Location:

United States

Data types:

AI chat messages (prompts and responses) for the selected model

Security:

SOC 2 Type II, encryption at rest and in transit

Polar

Payments

Purpose:

Merchant of record, subscription billing, and payment processing

Location:

Sweden

Data types:

Email address, name, billing address, payment method details

Security:

PCI DSS compliant, encryption at rest and in transit

Resend

Email Delivery

Purpose:

Transactional email delivery (verification, password reset, notification digests)

Location:

United States

Data types:

Email addresses, email content for notifications

Security:

SOC 2 Type II, TLS encryption, DKIM/SPF/DMARC

Arcjet

Security

Purpose:

Rate limiting, bot detection, and abuse prevention

Location:

United States

Data types:

Request metadata (IP addresses, HTTP headers). No message content.

Security:

TLS encryption

Sentry

Error Tracking

Purpose:

Application error monitoring and performance tracking

Location:

United States

Data types:

Error reports, stack traces, performance metrics. No message content.

Security:

SOC 2 Type II, encryption at rest and in transit