Subprocessor register

Feuillet & Viana, Lda ("PropCheckr") uses the subprocessors below to operate the platform. This list is updated when materially changed, with 15 days' notice to business customers where required.

1. Active subprocessors

Supabase Inc. — PostgreSQL hosting, application file storage, API execution. Data: Business data, accounts, cases, document metadata, logs. Location: European Union (Frankfurt, Germany — AWS). Safeguards: Supabase DPA, EU hosting, encryption at rest and in transit.

Clerk Inc. — Authentication, session management and user identity. Data: Email, name, identifier, sign-in metadata. Location: United States (with global infrastructure). Safeguards: Clerk DPA, SCCs, SOC 2 Type II certification.

Stripe Inc. — Payments, subscriptions and billing. Data: Customer IDs, subscription status, billing history (tokenised cards at Stripe). Location: EU / United States depending on service. Safeguards: Stripe DPA, PCI-DSS, SCCs.

OpenAI LLC — AI document extraction and assistance (opt-in / assisted features). Data: Document content sent for analysis (no model training per contractual terms). Location: United States. Safeguards: OpenAI DPA, SCCs, Enterprise API without training on customer data.

Resend Inc. — Transactional email and notifications. Data: Email addresses, transactional message content. Location: United States. Safeguards: Resend DPA, SCCs.

Vercel Inc. — Next.js application hosting and execution, technical logs. Data: IP addresses, access logs, HTTP headers. Location: EU / United States depending on deployment region. Safeguards: Vercel DPA, SCCs, EU-preferred deployment.

Google LLC (Analytics) — Public website audience measurement (only after cookie consent). Data: Pages visited, anonymised events, truncated/anonymised IP. Location: United States / Google infrastructure. Safeguards: Prior consent, anonymize_ip, no loading without opt-in.

2. Transfers outside the European Union

When a subprocessor is established outside the EU/EEA, PropCheckr ensures appropriate safeguards: EU Standard Contractual Clauses (SCCs), recognised certifications or adequacy decisions. Case business data is hosted in the EU (Frankfurt). Transfers related to authentication, payments, AI or analytics are limited to what is strictly necessary.

3. Updates

Last review: July 2026. Questions or change notifications: team@propcheckr.com. B2B customers may request a full Data Processing Agreement at /legal/dpa.

Complaints book (Portugal)

Under Decree-Law no. 156/2005 and Portaria no. 274/2017, you may file a complaint through the electronic Complaints Book.

Open the electronic Complaints Book

Feuillet & Viana, Lda · team@propcheckr.com

Last updated: 2026-06-09.

Back to pricing