Subprocessors
Last updated: April 2026 · Version 1.0-DRAFT
SecondBrainCore uses the following third-party subprocessors to deliver its services. All subprocessors are engaged under data protection terms equivalent to those required by the LGPD and GDPR, as set out in our Data Processing Agreement .
| Subprocessor | Country | Service | Data Categories |
|---|---|---|---|
| Cloudflare, Inc. | USA (EU data centers available) | CDN, Edge compute, DDoS protection, Web Analytics | IP address, usage data, session tokens |
| Cloudflare D1 (SQLite) | USA (Cloudflare global network) | Database storage | Account data, purchase intents, leads, audit logs |
International Transfer Mechanism
Data transfers to the USA are made on the basis of Standard Contractual Clauses (SCCs) approved by the European Commission and adopted by the ANPD (National Data Protection Authority). Cloudflare maintains a GDPR-compliant DPA and participates in SCCs to cover EU and Brazilian data transfers.
For more information about Cloudflare's data protection practices, see the Cloudflare DPA at cloudflare.com/cloudflare-customer-dpa.
Changes to This List
SecondBrainCore will notify Business and Enterprise customers at least 30 days before adding new subprocessors. Customers may register written, reasoned objections within that period to legal@secondbraincore.com.
This page reflects the current list of subprocessors. The "Last updated" date above indicates when the list was last modified.