Sub-processors

To provide OWL we rely on a small number of third-party service providers ("sub-processors"). This page lists each one, what it does, and what data it receives. Because OWL is end-to-end encrypted, your file and message contents stay encrypted throughout — no sub-processor ever receives readable content.

Part of NDEVR's compliance & conformity program · Data-handling detail: privacy policy · Questions: security@ndevr.org.

Encryption is preserved end to end. Your file contents, message bodies, private key, and any connected-cloud tokens are encrypted on your device before they reach us. Sub-processors that store or transmit your data handle only ciphertext we cannot decrypt.

1. Infrastructure

Sub-processorPurposeData it receivesLocation
Amazon Web Services (Lightsail)Server hosting & storageAll stored data — encrypted content remains encrypted; plus account metadata and logsUnited States

2. Payments

You only interact with a payment processor if you buy a paid product or subscription. Card details are entered on the processor's own hosted page and never touch our servers.

Sub-processorPurposeData it receivesLocation
StripePayment processingName, email, and card details you enter on their pageUnited States / global
PayPalPayment processingName, email, and payment details you enter on their pageUnited States / global

3. AI assistant (optional)

These apply only if you use OWL's optional AI features (the QUAIL assistant or AI-assisted modeling). When the model is not self-hosted, the relayed content goes to a third-party AI provider. We do not send your account identity, and we require that your prompts and images are not used to train models.

Sub-processorPurposeData it receivesLocation
Third-party AI provider (when not self-hosted; subject to change)Generate AI assistant responsesYour prompt text and any screenshots you submit — no account identity; no training useVaries by provider

4. Connected cloud accounts (optional, user-initiated)

These apply only if you choose to import files from a third-party cloud. The connection happens between your browser/app and the provider; OAuth tokens are encrypted to your own key before any storage.

Sub-processorPurposeData it receivesLocation
DropboxCloud import you initiateOAuth consent and the files you explicitly selectUnited States / global
Microsoft (OneDrive)Cloud import you initiateOAuth consent and the files you explicitly selectUnited States / global
Google (Drive)Cloud import you initiateOAuth consent and the files you explicitly selectUnited States / global

5. Email

We send transactional and opt-in email (verification, password resets, receipts, and any digests you enable) from our own server. We do not route your email address or message content through a third-party email-delivery provider.

6. Changes to this list

We keep this page current as our providers change. For material changes to sub-processors that handle personal data, we update this page; enterprise customers who require advance notice of sub-processor changes can request it via security@ndevr.org.