Subprocessors
Last Updated: May 9, 2026
This page lists the third-party service providers ("subprocessors") that Mineral Wild engages to process personal data on our behalf. It is the canonical reference for regulatory disclosure under GDPR Art 28 and CCPA §1798.140(ag). When we onboard or remove a subprocessor, this page is updated first and our Privacy Policy follows.
Each subprocessor is contractually bound by a data processing agreement incorporating the applicable safeguards (Standard Contractual Clauses for EU transfers, CCPA service-provider terms for CA users).
1. User-data Subprocessors
These providers process user personal data. Their role is necessary to deliver the core service.
| Name | Location | Data Categories | Purpose |
|---|---|---|---|
| Amazon Web Services — S3 (Simple Storage Service) | United States (us-east-1) | User content: photos, videos, chat attachments, generated data-export ZIPs | Primary media storage |
| Amazon Web Services — CloudFront | United States (global edge) | User content: cached media delivery (signed URLs) | Content delivery network |
| Amazon Web Services — RDS (PostgreSQL) | United States (us-east-1) | All account data (profile, specimens, collections, messages, moderation) | Primary application database |
| Amazon Web Services — SES (Simple Email Service) | United States (us-east-1) | Identifiers (email address, send event metadata) | Transactional email (verification codes, password reset, data-export ready) |
| Amazon Web Services — Rekognition | United States (us-east-1) | User content: chat image frames | Automated content moderation (CSAM, prohibited content detection) |
| Amazon Web Services — ElastiCache (Redis) | United States (us-east-1) | Transient identifiers (session tokens, rate-limit counters) | Session and rate-limit state |
| Centrifugo (self-hosted on AWS EC2) | United States (us-east-1) | Identifiers (user id), message metadata | Real-time message delivery via WebSocket |
| Google Gemini | United States (global routing) | Audio data (voice input; not retained after request) | Voice-to-text transcription and mineral data extraction (default provider) |
| OpenAI | United States | Audio data (voice input; not retained after request) | Voice transcription (backup provider) |
| Qwen (Alibaba Cloud) | China mainland | Audio data (voice input; not retained after request) | Voice transcription for PRC region users |
| Google Firebase Cloud Messaging (FCM) | United States (global routing) | Device push tokens, message delivery metadata, sanitized notification payloads | Android and iOS push notification registration and delivery |
| Apple Push Notification service (APNs) | United States (global routing) | iOS notification delivery metadata, sanitized notification payloads | iOS operating-system push delivery via Firebase |
| Google Sign-In (OAuth) | United States | Identifiers (Google account id; email only if you grant scope) | Optional account authentication |
| Apple Sign-In (OAuth) | United States | Identifiers (Apple user id; private-relay email if elected) | Optional account authentication |
| Sentry (Functional Software, Inc.) | European Union | Internet/network activity (crash stack traces, device info; not bound to user identifiers in production) | Error monitoring and alerting |
| Cloudflare Web Analytics | United States (global edge) | Internet/network activity (aggregate page URL, referrer, country; no cookies, no personal identifiers) | Anonymous website analytics on mineralwild.com |
| Cloudflare DNS + CDN (mineralwild.com / mineralwild.app) | Global (Cloudflare edge) | Internet/network activity (request routing, TLS termination) | Domain DNS authority + landing-page CDN |
| Cloudflare Turnstile | Global (Cloudflare edge) | Internet/network activity (browser challenge signals; no cookies; no personal identifiers) | Anonymous landing-page abuse mitigation (invisible challenge replacing reCAPTCHA) |
| MaxMind (GeoLite2-Country database) | Database self-hosted on Mineral Wild infrastructure (United States); MaxMind itself does not receive request data | None received by MaxMind. Internally we derive an ISO country code from the request IP via a self-hosted database; the raw IP is not stored. | Country-of-origin attribution and anti-fraud heuristics |
2. Company-operations Processors (no user data)
These providers support our company operations and do not process user personal data from the App. They are listed here for transparency so that data subjects can see the full set of vendors Mineral Wild contracts with.
| Name | Location | Data Categories | Purpose |
|---|---|---|---|
| Doola | United States (Delaware) | Company formation records, EIN administration (no App user data) | LLC registration and ongoing compliance filings |
| Mercury | United States | Banking operations (no App user data) | Business bank account and outbound payments |
3. Notification of Changes
We update this page whenever a subprocessor is onboarded or removed. Material changes (a new subprocessor added that processes a new category of user data) will be announced in-App via Settings → What's New at least 30 days before taking effect, where reasonably possible.
If you have questions about a specific subprocessor or wish to object to our use of one, please contact mineralwild@gmail.com.
4. Related Documents
- Privacy Policy — full disclosure of what personal data we collect and how we use it.
- Terms of Service — the agreement governing your use of the App.