Skip to content
Bulwark
PlatformReconGauntletAEGISPricingIntegrationsFree OFAC toolsSecurity
Sign inRequest access

Sub-processors

Every third party that processes data on our behalf. We update this page before adding a new sub-processor.

Services that may touch customer data

Sub-processorPurposeData touchedTerms
AnthropicLLM API for the Recon research agentResearch queries + tool outputs, in transit only — Zero Data Retention: nothing retained, no training on inputsSOC 2 Type II · ZDR agreement
SupabaseManaged Postgres + authentication (platform identity, tenant data, and the vendor-run OFAC reference plane)Account emails, tenant records, audit logs; the reference plane holds public Treasury data onlySOC 2 Type II
VercelWeb application hosting + TLS terminationTransient request/response processingSOC 2 Type II
RailwayContainer hosting for the Recon serviceTransient request/response processing — stateless, read-only filesystem, no customer text at restSOC 2 Type II
StripeSubscription billing and paymentsBilling contact, payment method, subscription state — card data never touches our systemsPCI DSS Level 1 · SOC 2

Public reference-data sources (no customer data)

These integrations read public datasets or receive only the entity name being researched — never account data. The optional ones are off by default and activate only when a customer supplies their own API key.

Sub-processorPurposeData touchedTerms
U.S. Treasury (OFAC)SDN + Consolidated list and General License ingestionOutbound HTTP to public government datasets onlyU.S. government public data
OpenSanctions (optional)PEP screening in Recon — off until a customer supplies a keyOutbound entity-name lookups; nothing retained vendor-sideCustomer-keyed, opt-in
Lloyd's List Intelligence (optional)Vessel intelligence in Recon — off until a customer supplies a keyOutbound vessel IMO lookups; nothing retained vendor-sideCustomer-keyed, opt-in
UK Companies House / OpenCorporatesCorporate-registry lookups in ReconOutbound entity-name lookups; nothing retained vendor-sidePublic / provider ToS
Tavily / Brave / GDELTWeb search + news aggregation in ReconOutbound search queries; nothing retained vendor-sideProvider ToS

Notes for reviewers

  • Recon’s LLM degradation path stays inside the same Anthropic organization, so the Zero Data Retention agreement covers it unchanged — no additional sub-processor.
  • Customer-installed chat surfaces (Slack, Microsoft Teams) store messages in the customer’s own workspace under the customer’s existing agreements — they are not vendor sub-processors.
  • Full engineering register, data-flow detail, and the stateless-architecture attestation are available in the vendor pack: request it.

See also: Security & Trust · Privacy Policy · Network access for IT

Bulwark

Compliance intelligence for OFAC sanctions. Definitive reference, live change feed, knowledge base.

Weekly OFAC change digest — free.

Platform

Bulwark · OFAC referenceRecon · research agentGauntlet · screeningAEGIS · reporting

Delivery

PricingIntegrationsFree OFAC referenceFree sanctions searchEmail & Slack notificationsHow it works

Company

ContactFAQPrivacyTerms

Trust

Security & trustSub-processorsPlatform statusNetwork access for ITPrivacy policyTerms of service
© 2026 Bulwark Compliance LLC