Subprocessors
Last updated: April 29, 2026
Purpose
This page lists all third-party services that may process customer data on MemwaMind's behalf. It is updated whenever a subprocessor is added, removed, or materially changed.
“Customer data” means source documents, normalized financial records, alerts, draft outputs, knowledge notes, and workflow prompts or completions containing those records — including Tax Return Information (TRI) as defined under 26 U.S.C. § 7216. The § 7216 Status column below identifies how each subprocessor interacts with TRI.
Customer Data Subprocessors
| Vendor | Service | Purpose | Data category | Region | §7216 Status |
|---|---|---|---|---|---|
| Google Cloud Platform | Cloud Run, Cloud SQL, Cloud Storage, Scheduler, Secret Manager | Primary compute, database hosting, file storage, and scheduled jobs. All MemwaMind customer data is processed within the GCP us-central1 region. Covered by Google's Data Processing Addendum. | Source documents, normalized financial line items, alerts, drafts, knowledge notes, audit trails. All customer data categories. | us-central1 (Iowa, USA) | Customer-controlled via §7216 written consent in the MSA. GCP processes TRI as an infrastructure subprocessor under MemwaMind's direction. |
| Firebase (Google) | Firebase Authentication + Firestore | User authentication (token issuance and verification) and derived dashboard cache. Firestore stores alert summaries, briefing metadata, and dashboard state — it is not the primary source of truth for any customer financial record. | User account metadata (email, hashed credentials, session tokens), derived alert and briefing summaries. Not raw Tax Return Information. | Google-managed US multi-region defaults | Customer-controlled. Firebase does not receive raw Tax Return Information — only derived, non-TRI dashboard metadata. |
| OpenAI | OpenAI API (GPT-4o, text-embedding-3-small) | Primary LLM inference for agent workflows, document-grounded answers, skill drafting, and suggested questions. Also generates all document chunk embeddings at ingestion time. Prompts are constructed under MemwaMind's Zero Data Retention configuration. | Prompts and completions may include firm names, client names, financial figures, document excerpts, alert narratives, and retrieved document chunks. Constitutes Tax Return Information when derived from uploaded tax documents. | United States | Disclosed under §7216. OpenAI processes TRI as an auxiliary service provider to MemwaMind, which processes TRI as an auxiliary service provider to Customer firms. No-train commitment applies under OpenAI Enterprise terms. |
| Anthropic | Anthropic API (Claude) | AI review for selected Memwa workflows where Anthropic is the configured model provider. Usage is conditional on routing configuration. | Prompt and completion data for supported workflows. May include document excerpts and client record context when Anthropic routing is active. | United States | Disclosed under §7216 when Anthropic routing is active. Same auxiliary-service-provider framework as OpenAI. No-train by default under Anthropic API terms. |
| Cohere | Cohere Rerank API (rerank-english-v3.0) | Cross-encoder reranking of retrieved document chunks at query time. When COHERE_API_KEY is configured, Cohere receives the top candidate chunks from the retrieval workflow and returns a relevance-ranked ordering. Cohere does not receive the original documents — only the retrieved text chunks and the query. | Document chunk snippets at query time: text excerpts from firm-uploaded documents that the retrieval workflow selected as candidates. May include financial figures, client names, and other content from uploaded tax and accounting documents. | United States | Disclosed under §7216. Cohere receives TRI-derived chunk snippets as part of the retrieval workflow. Cohere's API does not train on inference inputs by default. Contractual no-train confirmation in progress (A-RL-002). |
| Resend | Resend Transactional Email | Transactional and lifecycle email delivery: welcome emails, user invitations, alert digests, and system notifications. Resend is MemwaMind's current transactional email provider, replacing a prior vendor as of April 2026. | Recipient email addresses, message subject lines, and email body content. Email bodies for alert digests may include client names and financial summary figures. | United States | Email content is not Tax Return Information by default. If a firm's alert digest includes taxpayer-specific figures, Customer is responsible for ensuring that the email distribution list is appropriate under §7216. MemwaMind does not send TRI directly to clients via email. |
| Sentry | Sentry Error Monitoring | Application error tracking, exception capture, and performance monitoring. Sentry receives error events when exceptions occur in the API or dashboard. PII scrubbing is enabled: event payloads are filtered before transmission to remove email addresses and structured financial data patterns. | Error messages, stack traces, request context metadata. PII scrubbing is active; structured financial data is filtered. Residual PII exposure is possible in edge cases where error messages include user-provided input. | United States | Not a §7216 disclosure surface under standard operation (PII scrubbing enabled). Residual-exposure audit is an open item (Ann R4.1 / Talia open item). Do not transmit raw TRI to Sentry intentionally. |
| Stripe | Stripe Checkout, Billing, and Customer Portal | Subscription billing, payment processing, and customer-managed billing actions. Stripe stores payment instrument data on its own PCI-DSS-compliant infrastructure. MemwaMind does not receive or store full card numbers. | Firm billing contact, firm name, subscription tier, and invoice metadata. Stripe stores payment instrument data on its own infrastructure; MemwaMind only sees the last four digits for billing reference. | United States | Not §7216. Stripe processes billing data only — no Tax Return Information or client financial data. |
Operational Vendors
These vendors support MemwaMind's engineering and operations but do not receive live customer data in the ordinary course.
| Vendor | Purpose | What they touch |
|---|---|---|
| GitHub | Source code hosting | Code only; no customer firm data |
| Anthropic (Claude Code) | Engineering tooling used during development | Source code and fixture data only; no live customer data |
| OpenAI (ChatGPT/Codex) | Engineering tooling used during development | Source code and fixture data only; no live customer data |
Note on ChromaDB
MemwaMind's vector store (ChromaDB) runs as a self-hosted service within MemwaMind's GCP environment (Cloud Run, us-central1). It is not an independent third-party subprocessor — it runs inside our GCP project and is covered by the Google Cloud Data Processing Addendum. It is listed under Google Cloud Platform above.
§7216 — Tax Return Information Disclosure
MemwaMind operates as an auxiliary service provider to licensed accounting and tax practices under 26 C.F.R. § 301.7216-2(d). The subprocessors marked “Disclosed under §7216” above receive Tax Return Information in the course of providing their services to MemwaMind, which in turn provides those services to Customer firms.
MemwaMind's Master Services Agreement and Privacy Policy describe the § 7216 framework in detail. By using the Platform, Customer firms represent that they have an appropriate basis under § 7216 to disclose Tax Return Information to MemwaMind and its listed subprocessors for the purposes described on this page.
Notification of Changes
Before we add or replace a customer-data subprocessor, we email the owner account of every active firm with at least 30 days' notice (emergency replacements — vendor outage, security remediation — may be shorter and are disclosed in the next notice).
To receive change notices at a dedicated distribution list, email founder@memwamind.com with the subject line “Subprocessor notice list.”