Trust

Subprocessors

These are the third-party services Rogger uses to operate the platform. Each has a signed data-processing agreement and has been assessed for security posture. Material changes are communicated to account owners 30 days before a new subprocessor begins handling customer data.

Last updated 2026-04-22

Cloudflare, Inc.

Purpose: DNS, DDoS protection, TLS termination, CDN
Data handled: Request metadata (IP, user agent, URL) only; no application data persisted
Location: Global anycast; primary AU edge for au traffic
Transfer mechanism: Standard Contractual Clauses + DPA

Stripe Payments Australia Pty Ltd

Purpose: Subscription billing and card processing
Data handled: Billing name, email, last-4 of card, transaction history. Full PAN never touches Rogger.
Location: Australia + United States (Stripe Australia Pty Ltd, processed in US under Stripe DPA)
Transfer mechanism: Standard Contractual Clauses + Stripe DPA

Anthropic PBC

Purpose: AI vision model (Claude) used as a fallback for receipt parsing when local vision is unavailable
Data handled: Receipt image (deleted within 60s of parse); extracted fields (merchant, amount, date)
Location: United States
Transfer mechanism: Standard Contractual Clauses + Anthropic zero-retention commercial terms

Fastmail Pty Ltd

Purpose: Hosted mailbox provider for Rogger's own @rogger.io email (inbound + outbound for billing@, security@, privacy@, legal@, support@, hello@)
Data handled: Email message contents, sender + recipient addresses, delivery + read metadata
Location: Australia (HQ + primary infrastructure in Melbourne)
Transfer mechanism: Within Australia — no cross-border transfer for inbox storage

Resend, Inc.

Purpose: Transactional email delivery for app-generated mail (password resets, billing receipts, system notifications)
Data handled: Recipient email, subject, message body, delivery telemetry
Location: United States
Transfer mechanism: Standard Contractual Clauses + Resend DPA

Postmark / ActiveCampaign, Inc.

Purpose: Optional customer-selected email provider for review invitations
Data handled: Recipient email hash, invitation payload. Customer-controlled; only used if the customer configures Postmark in their own account.
Location: United States
Transfer mechanism: Customer-controlled; DPA between customer and Postmark

Mobile Message Pty Ltd

Purpose: Optional customer-selected SMS provider
Data handled: Recipient mobile number, invitation payload. Customer-controlled.
Location: Australia
Transfer mechanism: Within AU — no cross-border transfer

Amazon Web Services Australia Pty Ltd (S3)

Purpose: Encrypted offsite database backups
Data handled: AES-256-CBC encrypted Postgres dumps (client-side encrypted before upload). Encryption key material is not stored with AWS.
Location: Australia — AWS Sydney region (ap-southeast-2)
Transfer mechanism: Within Australia — no cross-border transfer for backups

Notifications of change

To receive email notifications when this list changes, email [email protected] with the subject line "Subprocessor notifications — [your business]". We notify all account owners of material changes regardless.

Customer-configured providers

If you configure your own email (Postmark, Resend, SMTP) or SMS (Mobile Message) provider in Rogger, that provider becomes a subprocessor of yours, not ours. Your data-processing agreement with that provider governs their handling of the data.