Subprocessors
Last updated: May 18, 2026
This page identifies third-party providers that Unstruk Data, Inc. ("Dossium", "we", "us", or "our") may use to provide, operate, secure, support, and improve the Dossium platform.
Capitalized terms not defined on this page have the meanings given in the Dossium Terms of Service or Data Processing Addendum.
1. Overview
Dossium is a cloud-native platform that helps customers ingest, transform, index, retrieve, and use customer-controlled data in AI-powered applications, retrieval workflows, conversations, and agent context pipelines.
To provide the Service, Dossium uses third-party providers for cloud infrastructure, storage, compute, search, authentication, billing, AI model access, monitoring, analytics, support, and related operational functions.
This page is intended to help customers understand which third-party providers may process Customer Data or Customer Personal Data on Dossium's behalf.
2. Subprocessors vs. Customer-Connected Integrations
Dossium supports integrations with many third-party systems. Not every integration is a Dossium subprocessor.
A "Subprocessor" is a third-party provider engaged by Dossium to process Customer Personal Data on behalf of Dossium in order to provide the Service.
A "Customer-Connected Integration" is a third-party system that a customer chooses to connect to Dossium, such as a storage system, collaboration tool, email account, calendar, CRM, developer platform, or project-management system. These systems are typically controlled by the customer and governed by the customer's own relationship with that provider.
For example, if a customer connects its own Slack workspace, Gmail account, HubSpot account, GitHub organization, Notion workspace, or Google Drive folder to Dossium, that provider is generally a Customer-Connected Integration, not a Dossium subprocessor.
Customer is responsible for ensuring that it has the necessary rights, permissions, notices, consents, and legal basis to connect third-party systems to Dossium and process data from those systems.
3. Core Subprocessors
The following subprocessors may be used by Dossium to provide, operate, secure, support, and improve the Service.
| Provider | Purpose | Data Processed | Location / Region | Notes |
|---|---|---|---|---|
| Microsoft Azure | Cloud hosting, compute, storage, databases, search, indexing, monitoring, and infrastructure | Customer Data, Customer Personal Data, metadata, embeddings, indexes, files, logs, and operational data | United States and/or selected Azure regions | Dossium may use Azure services such as Blob Storage, Cosmos DB, Azure AI Search, Azure Functions, monitoring, logging, and related managed infrastructure services. |
| Clerk | Authentication and user identity | Account information, user identity metadata, email addresses, authentication metadata, organization membership metadata | United States and/or global infrastructure | Used for user authentication, account access, organization membership, and identity workflows. |
| Stripe | Billing and payment processing | Billing contact information, payment metadata, subscription data, invoice data, tax information, payment status | United States and/or global infrastructure | Dossium does not store full payment card details. |
| Vercel | Web application hosting and edge delivery | Web application metadata, request metadata, limited account/session metadata depending on configuration | United States and/or global infrastructure | Used where applicable for Dossium web applications, landing pages, dashboards, or control-plane interfaces. |
| PostHog | Product analytics and usage analytics | Product usage events, account or user identifiers, metadata, diagnostics, feature usage data | United States and/or EU depending on configuration | Used where applicable for analytics, product improvement, diagnostics, and usage analysis. |
| GitHub | Source control, CI/CD, issue tracking, and development operations | Source code, engineering metadata, operational metadata, security and deployment metadata | United States and/or global infrastructure | Used for Dossium engineering operations. GitHub is not a customer data store unless a customer separately connects GitHub as a Customer-Connected Integration. |
4. Conditional AI Subprocessors
The following providers may be used only when a customer configures, enables, selects, or invokes a feature that depends on that provider.
For example, Customer Data may be sent to a third-party AI model provider when a customer uses Dossium for embeddings, summarization, extraction, classification, question answering, generation, agent responses, audio processing, video processing, or other AI-assisted workflows.
| Provider | Purpose | Data Processed | Location / Region | Notes |
|---|---|---|---|---|
| OpenAI | AI model inference, embeddings, extraction, summarization, classification, generation, and customer-configured AI workflows | Prompts, retrieved context, extracted text, generated outputs, embeddings-related input, and Customer Data submitted to configured workflows | United States and/or provider-operated regions | Used only when configured or invoked for supported AI workflows. |
| Microsoft Azure OpenAI Service | AI model inference, embeddings, extraction, summarization, classification, generation, and customer-configured AI workflows | Prompts, retrieved context, extracted text, generated outputs, embeddings-related input, and Customer Data submitted to configured workflows | Azure regions depending on deployment/configuration | Used only when configured or invoked for supported AI workflows. |
| Anthropic | AI model inference, extraction, summarization, classification, generation, and customer-configured AI workflows | Prompts, retrieved context, extracted text, generated outputs, and Customer Data submitted to configured workflows | United States and/or provider-operated regions | Used only when configured or invoked for supported AI workflows. |
| AI model inference, embeddings, extraction, summarization, classification, generation, video generation, and customer-configured AI workflows | Prompts, retrieved context, extracted text, generated outputs, embeddings-related input, reference materials, generated media, and Customer Data submitted to configured workflows | United States and/or provider-operated regions | Used only when configured or invoked for supported AI workflows, including Gemini or Google media-generation services where available. | |
| Mistral AI | AI model inference, embeddings, extraction, summarization, classification, generation, and customer-configured AI workflows | Prompts, retrieved context, extracted text, generated outputs, embeddings-related input, and Customer Data submitted to configured workflows | EU, United States, and/or provider-operated regions | Used only when configured or invoked for supported AI workflows. |
| Cohere | AI model inference, embeddings, reranking, extraction, summarization, classification, generation, and customer-configured AI workflows | Prompts, retrieved context, extracted text, generated outputs, embeddings-related input, and Customer Data submitted to configured workflows | United States, Canada, and/or provider-operated regions | Used only when configured or invoked for supported AI workflows. |
| ElevenLabs | Audio generation, transcription, speech, voice, or audio-related AI workflows | Text, audio, generated audio, metadata, and Customer Data submitted to configured audio workflows | United States, EU, and/or provider-operated regions | Used only when audio or voice features are configured or invoked. |
| TwelveLabs | Video understanding, video indexing, video search, and video AI workflows | Video files, video metadata, transcripts, embeddings, extracted video context, and Customer Data submitted to configured video workflows | United States and/or provider-operated regions | Used only when video understanding or video indexing features are configured or invoked. |
5. AI Provider Use
Dossium does not train, fine-tune, host, or deploy its own AI foundation models.
Dossium does not use Customer Data to train or fine-tune Dossium-owned AI foundation models.
Dossium does not sell Customer Data.
Dossium does not share Customer Data for unrelated third-party use.
Third-party AI model providers are used only where required to provide customer-configured functionality or where a customer chooses to use features that depend on those providers.
Third-party AI model provider handling is governed by the applicable provider terms, customer configuration, and Dossium's agreements with those providers where applicable.
Customers are responsible for selecting model providers, model configurations, prompts, workflows, guardrails, and downstream applications appropriate for their data, risk profile, and legal obligations.
6. Customer-Connected Integrations
Dossium may allow customers to connect third-party systems to ingest, retrieve, index, enrich, or act on Customer Data.
These integrations are generally customer-selected systems and are not necessarily Dossium subprocessors. The customer controls whether to connect them, what permissions to grant, what data to ingest, and how to use the resulting data.
Dossium may support integrations with systems such as the following.
Collaboration and Knowledge Systems
- Slack
- Microsoft Teams
- Discord
- Notion
- Confluence
- Evernote
File Storage and Cloud Storage
- Google Drive
- Microsoft OneDrive
- Microsoft SharePoint
- Dropbox
- Box
- Amazon S3
- Azure Blob Storage
- Cloudflare R2
- Wasabi
- Backblaze B2
- DigitalOcean Spaces
- S3-compatible storage endpoints
Email, Calendar, and Contacts
- Gmail
- Google Calendar
- Google Contacts
- Microsoft Outlook
- Microsoft Calendar
- Microsoft Contacts
Meeting and Transcript Systems
- Zoom
- Fathom
- Fireflies
- Other meeting transcript or recording sources supported by Dossium
CRM and Customer Systems
- HubSpot
- Salesforce
- Attio
- Productlane
- Intercom
- Zendesk
Project Management and Work Tracking
- Jira
- Linear
- Trello
- Asana
Developer Systems
- GitHub
- GitLab
Other Sources
- Public web pages
- RSS feeds
- Website crawls
- APIs
- Uploaded files
- Customer-provided URLs
- Customer-built integrations using the Dossium API
The availability of a specific integration may vary by plan, feature, customer configuration, API availability, provider permissions, or product roadmap.
7. Data Processed by Subprocessors
Depending on the provider and customer configuration, subprocessors may process:
- Account information
- User identity metadata
- Authentication metadata
- Billing metadata
- Customer-ingested files
- Extracted text
- Metadata
- Embeddings
- Search indexes
- Conversation history
- Prompts
- Retrieved context
- AI-generated outputs
- Audio, image, or video inputs and outputs where configured
- Logs and diagnostic information
- Usage and product analytics events
- Support and operational metadata
Dossium limits subprocessor access to the data reasonably necessary for the provider to perform the applicable service.
8. Updates to This Page
Dossium may update this Subprocessor page from time to time as providers are added, removed, replaced, or reclassified.
Where required by applicable law or commercially reasonable under the circumstances, Dossium will provide notice of material subprocessor changes through the Dossium website, email, product notice, or another reasonable method.
Customers may object to a new subprocessor on reasonable data protection grounds by contacting legal@dossium.ai within 30 days after notice of the new subprocessor.
Dossium will use commercially reasonable efforts to address the objection. If the parties cannot resolve the objection, Customer may stop using the affected Service feature or terminate the affected Service subscription.
9. Contact
For questions about Dossium subprocessors, contact:
Unstruk Data, Inc.
Legal: legal@dossium.ai
Security: security@dossium.ai
Website: https://www.dossium.ai