These are the third-party vendors Calivina WebAgent (operated by Galactiv EOOD) uses to deliver the
service. Each is bound by a Data Processing Agreement that mirrors our obligations under
CCPA / GDPR. We notify Customers thirty (30) days before adding a new sub-processor that
processes Customer Content; see Privacy Policy §5.
Vendor
Purpose
Data category
Region
Workers, Pages, R2 (object storage), D1 (database), KV, DNS, CDN, edge caching, Cloudflare for SaaS custom hostnames
All Customer Content (HTML, images), all Visitor logs, all Customer account data
Global edge / US headquartered
Payment processing, billing, invoicing (acts as our merchant of record)
Customer email, billing details, payment instrument tokens, country, tax ID. We never see card numbers.
EU + US (Stripe-side)
Transactional email (magic links, receipts, takedown acks, renewal reminders)
Recipient email, subject, message body, send/delivery status
US
AI-assisted copywriting during Preview generation (paraphrase of public business info)
Public business name, address, services list (no Customer-supplied or Visitor data)
US
AI-assisted copywriting during Preview generation (used as alternate to Anthropic)
Same as Anthropic — public business info only
US
Source-code hosting and CI/CD (GitHub Actions) for our Worker + frontends
Engineering metadata only (commits, builds, deploy logs). Does not process Customer Content.
US
If we add a new sub-processor and you object on legitimate grounds, you have 30 days from the
notification to terminate your subscription with a full pro-rata refund of unused time. Email
privacy@calivina.com with the subject
"Sub-processor objection" and we'll handle it within five business days.
This list was last reviewed and confirmed accurate on the same date as the Privacy Policy.
See Privacy Policy for the full
framework.