Subprocessors
Third-party processors used by Pluse to deliver the Service.
Last updated: May 15, 2026 · Version 1.0
1. About This Page
Emmber, Inc. (“Pluse,” “we”) uses certain third-party service providers (“subprocessors”) to operate and improve the Pluse platform at pluse.to and the Pluse iOS application. This page lists each subprocessor, its purpose, the categories of personal data it processes on our behalf, and its primary processing location, as required by our Data Processing Agreement (DPA) and applicable privacy laws (including GDPR Article 28, the CCPA/CPRA, and other US state privacy laws).
Use of subprocessors does not change your relationship with Pluse. Emmber, Inc. remains the data controller (or, where applicable, the data processor acting on your behalf) and is responsible for ensuring each subprocessor meets the security and data-protection standards required by our Privacy Policy and DPA.
2. Current Subprocessors
The following table lists subprocessors that may process personal data on our behalf in connection with the Service.
| Subprocessor | Purpose | Data Categories | Location |
|---|---|---|---|
| Stripe, Inc. Privacy · DPA |
Payment processing, subscription billing, Stripe Connect platform infrastructure, payout disbursement, tax calculation (Stripe Tax). | Name, email, billing address, payment card data (tokenized), bank account details, transaction history, IP address. | United States (CA) |
| DigitalOcean Generative AI Platform (DigitalOcean, LLC — see hosting row below) Privacy · DPA |
Managed AI inference service used to power the Lux assistant. The current production model is Claude Sonnet 4.5 (created by Anthropic, deployed on DigitalOcean’s GenAI Platform). Customer inputs and outputs are not used to train any foundation model. | Chat prompts and responses, conversational context, system instructions, anonymized account identifier (for rate limiting). No raw payment-card or credential data is sent. Other personal data is sent only if the user explicitly includes it in a prompt. | United States |
| Intuit Inc. Privacy |
QuickBooks Online integration (OAuth, invoice/payment sync) for users who opt to connect a QuickBooks account. | QuickBooks account ID, OAuth tokens, invoice and payment records that the user has elected to sync. | United States (CA) |
| Plaid Inc. Privacy |
Bank account verification and transaction ingestion for the optional Pluse bank-feed feature. | Bank login (handled by Plaid — never seen by Pluse), masked account number, account balance, transaction history. | United States (CA / NY) |
| DigitalOcean, LLC (hosting) Privacy · DPA |
Primary cloud infrastructure hosting for the Pluse web platform, application servers, and MySQL database. Same vendor as our AI inference provider (see DigitalOcean Generative AI Platform row above). | All categories of personal data stored within the Service. | United States (NY) |
| Cloudflare, Inc. Privacy · DPA |
Content delivery network (CDN), DDoS protection, TLS termination, and edge caching for pluse.to. | IP address, request metadata, security telemetry. Cloudflare does not have access to plaintext application data. | United States (CA) |
| Amazon Web Services, Inc. Privacy · DPA |
Transactional email delivery via Amazon Simple Email Service (SES) for account, billing, invoice, and security notifications. | Recipient email address, email subject and body, sending IP, delivery metadata. | United States (WA) |
| Functional Software, Inc. (d/b/a Sentry) Privacy · DPA |
Application error monitoring and performance telemetry. Used to detect bugs and reliability issues. | Error stack traces, browser/device user-agent, route/URL, user ID (pseudonymized), redacted request metadata. Payment data and credentials are scrubbed at the SDK level. | United States (CA) |
| Apple Inc. Privacy |
App Store distribution and in-app purchases for the Pluse iOS app, Sign in with Apple authentication, Apple Push Notification service (APNs). | Apple ID (when used to sign in), device push token, subscription receipt data, name and email if shared via Sign in with Apple (may be Apple Private Relay). | United States (CA) |
| Google LLC Privacy |
Sign in with Google (OAuth), Google Fonts CDN, Firebase Cloud Messaging (Android push, when applicable). | Google account ID, name and email (only when Sign in with Google is used), IP address (Google Fonts request), push token (Android). | United States (CA) |
| Plausible Insights OÜ Privacy · DPA |
Privacy-respecting website analytics for the public marketing pages at pluse.to. Cookieless; no cross-site tracking. | Anonymized page-view event with country-level location, referrer, browser, and OS. No persistent identifier, no cookies, no personal data. | European Union (EE) |
3. Model Providers (Disclosed for Transparency)
The following parties created or develop the AI models that Pluse uses, but they are not direct subprocessors of Pluse. Their contractual relationship is with our AI inference subprocessor (DigitalOcean), not with Pluse. We disclose them here so users know which model is generating Lux’s responses.
| Model Creator | Model | Accessed Via | Location |
|---|---|---|---|
| Anthropic, PBC Privacy |
Claude Sonnet 4.5 | DigitalOcean Generative AI Platform (see Section 2) | United States (CA) |
4. Internal Affiliates
Emmber, Inc. currently has no operating subsidiaries or affiliates. Should that change, this page will be updated to reflect any intra-group data sharing.
5. International Data Transfers
Most Pluse data is processed in the United States. Where personal data is transferred to a subprocessor outside the user’s jurisdiction (for example, EU/UK user data flowing to US-based providers), we rely on the following safeguards:
- EU Standard Contractual Clauses (SCCs) — included in subprocessor DPAs.
- UK International Data Transfer Addendum (IDTA) — where the UK GDPR applies.
- EU–US Data Privacy Framework (DPF) certification — where the subprocessor is DPF-certified.
- Supplementary technical measures — encryption in transit (TLS 1.2+) and at rest (AES-256).
6. Adding or Changing Subprocessors
Pluse may engage new subprocessors or replace existing ones from time to time. Where required by our DPA with a customer, we will provide reasonable advance notice (no less than 30 days) before a new subprocessor begins processing customer data. Notice will be provided by updating this page and, where the customer has opted in, by email.
If you have a signed Pluse DPA and wish to be notified of subprocessor changes by email, please contact us at Contact@pluse.to with the subject line “Subprocessor Notifications.”
7. Objecting to a Subprocessor
Customers with a signed Pluse DPA may object to the engagement of a new subprocessor on reasonable data-protection grounds. To submit an objection, contact Contact@pluse.to within 30 days of notice. If we are unable to provide a commercially reasonable alternative, the customer may terminate the affected portion of the Service in accordance with the DPA.
8. Service Providers vs. Subprocessors
Under the CCPA/CPRA, the entities listed above are considered “service providers” rather than sellers of personal information. Pluse does not sell or share personal information for cross-context behavioral advertising. For more on California consumer rights, see our Privacy Choices page.
Questions about a subprocessor?
For DPA, GDPR, CCPA, or other privacy questions, contact our team.
Contact@pluse.toThis list is maintained in good faith and is current as of the “Last updated” date above. We may use additional service providers for non-personal-data purposes (e.g., domain registration, document signing) that are not listed here because they do not process customer personal data.
Emmber, Inc. is a Delaware corporation qualified to do business in the State of Florida. The “Pluse” name and the Pluse platform are operated by Emmber, Inc.
© 2024–2026 Emmber, Inc. All rights reserved. Pluse™ and Lux™ are trademarks of Emmber, Inc.