Subprocessors
Effective date: 7 May 2026
Overview
Pamoja.ai by Galago engages a small number of third-party providers (“subprocessors”) to deliver the service. The table below lists every provider that materially processes Customer Data, the purpose, the categories of data, the location of processing, and whether the provider is always active or engaged only when the customer enables a specific feature.
We update this list when subprocessors are added or replaced. Customers under a signed Data Processing Agreement receive reasonable prior notice.
Active subprocessors
| Provider | Purpose | Data processed | Location / transfer notes | Status |
|---|---|---|---|---|
| Vercel Inc. | Web application hosting, edge delivery and CI/CD | Account data, organisation data, all platform traffic, request logs | United States (Vercel HQ); EU edge infrastructure | Active |
| Supabase Inc. | Managed Postgres database, authentication and file storage | All Customer Data (students, donors, schools, documents, communications, audit logs) | European Union — Zurich, Switzerland (eu-central-2) | Active |
| Resend (drresend, Inc.) | Transactional and marketing email delivery, bounce/complaint webhooks | Recipient name and email, subject, body, headers, delivery events | United States; EU sub-region available on request | Active |
| Anthropic, PBC Engaged only when AI features are enabled by the customer for their tenant. | Claude API for AI-assisted summaries, narratives and email drafting (only when the customer enables AI features) | Prompts and structured payloads required for the requested AI task. Not used to train Anthropic models. | United States | Optional |
| Functional Software, Inc. (Sentry) | Error tracking and performance monitoring | Error stack traces, browser/OS metadata, technical breadcrumbs. PII scrubbed where reasonably possible. | United States; EU region available | Active |
| Cloudflare, Inc. (Turnstile) | Anti-bot challenge on public registration forms | IP address, user-agent, challenge token | United States / global edge | Active |
| Google LLC (Google Drive API) Engaged only when the customer initiates a Drive sync. | Optional bulk import of student photos from a customer-provided Google Drive folder | File metadata and content explicitly shared by the customer with the service | United States / EU | Optional |
International transfers
Some subprocessors above operate from outside the EU/EEA. Where personal data is transferred outside the EEA, transfers are protected using appropriate safeguards in line with Chapter V GDPR — typically the European Commission’s Standard Contractual Clauses, supplemented by additional technical and organisational measures where required.
Customer notice and objection
Customers under a signed DPA receive reasonable prior notice when a subprocessor is added or replaced and may object on reasonable data-protection grounds. To subscribe to subprocessor change notifications, write to marcbonischarancle@gmail.com.