Subprocessors

Last updated: May 12, 2026 · Version 2026-05-12

This page lists the third-party service providers ("Subprocessors") that Choclement LLC, doing business as BHmetrics, engages to Process Customer Personal Data on its behalf in the course of providing the BHmetrics Service. It is incorporated by reference into our Data Processing Addendum, our Privacy Policy, and our Terms of Service. Capitalized terms not defined here have the meanings given in those documents.

How we use Subprocessors

Each Subprocessor is engaged under a written data-protection agreement that imposes obligations no less protective than those in our DPA. We select Subprocessors that maintain recognized security and privacy programs (SOC 2 Type II, ISO 27001, or equivalent) wherever feasible. Where a Subprocessor receives Customer Personal Data subject to a Restricted Transfer (EEA, UK, or Switzerland to a country without an adequacy decision), the transfer is governed by the EU Standard Contractual Clauses, the UK International Data Transfer Addendum, and/or the Swiss-equivalent SCCs as set out in the DPA.

Change notification

We notify customers of any addition or replacement of a Subprocessor that Processes Customer Personal Data at least thirty (30) days in advance, by email and/or in-product banner, and by updating this page. Customers may object to a new Subprocessor on reasonable data-protection grounds within fifteen (15) days by emailing [email protected]. See DPA Section 5.2 for details.

To receive change notifications directly, email [email protected] with the subject line Subprocessor Notifications and the email address you would like added.

Current Subprocessors

Core infrastructure

Subprocessor	Service / role	Location of processing	Categories of Personal Data	Transfer mechanism
Vercel Inc.	Application hosting (Next.js web app, server functions, edge network).	United States	All categories listed in DPA Schedule 1, transiently.	EU SCCs & UK IDTA; Vercel DPA.
Neon, Inc.	Managed PostgreSQL database (primary application data store, including events table, brands, rules, automation log, attribution and model tables).	United States	All categories listed in DPA Schedule 1.	EU SCCs & UK IDTA; Neon DPA.
Cloudflare, Inc.	Edge network (CDN, DDoS protection, bot management), Workers compute (event-pipeline, capi-fanout, click-redirect workers), Workers KV (dedup ledger), Queues, and email routing.	Global (primarily United States)	All categories listed in DPA Schedule 1, transiently; KV stores deduplication keys and hashed identifiers.	EU SCCs & UK IDTA; Cloudflare DPA.

Authentication, billing, communications

Subprocessor	Service / role	Location	Categories of Personal Data	Transfer mechanism
Clerk Inc.	Authentication, session management, SSO (Google, Microsoft), multi-factor authentication, passkeys.	United States	Operator personnel data: name, email, hashed password, sign-in metadata, MFA status, IP, user agent.	EU SCCs & UK IDTA; Clerk DPA.
Stripe, Inc.	Billing and payment processing (subscriptions, invoices, tax). Choclement stores only customer ID, subscription status, tier; full payment instrument data is processed by Stripe.	United States (with global processing as required)	Operator personnel and billing-contact data: name, email, billing address, plan/subscription metadata; payment-instrument data processed by Stripe directly.	EU SCCs & UK IDTA; Stripe DPA; Stripe is a PCI DSS Level 1 service provider.
Resend, Inc.	Transactional email delivery (sign-up confirmation, billing notices, rule fires, weekly digest, security alerts).	United States	Operator personnel data: name, email, content of transactional messages.	EU SCCs & UK IDTA; Resend DPA.

AI Subprocessors (Copilot and embeddings)

Subprocessor	Service / role	Location	Categories of Personal Data	Transfer mechanism
Anthropic, PBC	Large-language-model inference for the AI Copilot. Anthropic's commercial terms provide that customer inputs and outputs are not used to train Anthropic's foundation models.	United States	Operator chat input/output and aggregated brand context (current guardrail configuration, list of active rule names and statuses, anomaly summaries, recent automation-log summaries). Raw end-consumer event data, hashed identifiers, and individual click data are not sent.	EU SCCs & UK IDTA; Anthropic Commercial Terms of Service.

OpenAI is listed in some product documentation as a planned fallback large-language-model provider for embeddings and back-up inference. OpenAI is not currently wired into the production Service and does not currently receive any customer data. If we enable it, we will give notice under the subprocessor-change process above and update this page.

Operator notifications (when configured)

Subprocessor	Service / role	Location	Categories of Personal Data	Transfer mechanism
Slack Technologies, LLC	If a customer configures a Slack incoming-webhook URL in their workspace settings, we deliver brand-specific operational alerts (rule fires, anomaly detections) to that Slack channel. Slack is engaged at the customer's direction and only for the customer's own workspace.	United States	Operator-facing alert text: brand name, rule or anomaly summary, timestamps. No end-consumer identifiers are sent.	Customer's own Slack workspace; Slack-Salesforce Customer Terms apply to the customer's relationship with Slack.

Observability (planned)

We are working to add structured error monitoring (Sentry) and centralized log storage (Axiom) as observability subprocessors. Neither is currently wired into the production Service. When enabled, we will give notice under the subprocessor-change process above and update this page with their data categories and transfer mechanism.

Onward transfers to Connected Platforms

At Customer's direction, the Service transmits conversion events, audience signals, and related metadata to advertising platforms (Connected Platforms) connected to Customer's account. Connected Platforms are independent controllers (or processors of their respective advertisers) for the data they receive from us on Customer's behalf; they are not our Subprocessors. The Connected Platforms most commonly involved are:

Meta Platforms, Inc. — Meta Conversions API, audience management, campaign mutations. Subject to Meta Platform Terms and Conversions API Terms.
Google LLC — Google Ads API, Enhanced Conversions, Customer Match. Subject to Google Ads API Terms and Customer Match policy.
TikTok Pte. Ltd. — TikTok Events API, audience management. Subject to TikTok Marketing API Terms.
Pinterest, Inc. — Pinterest Conversions API, audience management. Subject to Pinterest Business Terms and Developer Guidelines.
Snap Inc. — Snap Conversions API, audience management. Subject to Snap Marketing API Terms.
Shopify Inc. — inbound webhooks (orders/paid) from Customer's storefront. Subject to Shopify Partner Program and API terms.

Customer is responsible for compliance with each Connected Platform's terms and for any data Customer instructs us to transmit to a Connected Platform.

Affiliates

Choclement LLC has no operating affiliates at this time. If we add affiliates in the future, we will list them here and treat them, where they Process Customer Personal Data, as Subprocessors subject to the notice and objection rights in our DPA.

Change log

2026-05-12 — Initial publication of this page. All Subprocessors above were previously identified in the BHmetrics Privacy Policy; this page consolidates them with location, data categories, and transfer mechanism.

Contact

Choclement LLC, doing business as BHmetrics
c/o registered agent on file with the Delaware Secretary of State
Subprocessor inquiries: [email protected]
Service URL: bhmetrics.com