Most B2B vendors give you a wall of badges. We give you the receipts: the sub-processors that touch your data, the keys that sign our mail, the DPA you can download right now without talking to sales, and a public refund ledger you can hash yourself.
Every third-party service that processes customer data, listed in full. Public, versioned, change-subscribable via the repo commit log.
| Service | Purpose | Data category | Region |
|---|---|---|---|
| Stripe | Billing, payment processing | Account email, payment method (tokenized) | US |
| Resend | Transactional + lifecycle email | Customer email, message body | US |
| Google Workspace | Outbound sending mailboxes, identity | Customer email, message body | US |
| Cal.com Cloud | Meeting booking | Customer email, meeting metadata | EU/US |
| Instantly | Outbound campaign sequencer | Prospect contact data, campaign performance | US |
| Apollo | Prospect enrichment | Public prospect data (LinkedIn-tier) | US |
| Anthropic | AI reply classification (Claude Haiku) | Reply text (transient, not retained for training) | US |
| n8n Cloud | Workflow orchestration | Workflow state, integration tokens (encrypted at rest) | EU |
| DigitalOcean | Compute infrastructure for site + monitoring | Server logs, no customer PII written to disk | US (NYC1) |
| Backblaze B2 | Off-site encrypted backup | Encrypted tarballs only (SSE-B2, 30-day retention) | US (us-east-005) |
| Namecheap | DNS, domain registration | No customer data | US |
| GitHub | Source code, integrity log | No customer data (private repo) | US |
This list is the source of truth. Any sub-processor change is a git commit in meetforge/legal/SUB-PROCESSORS.md. Subscribe to repo notifications to receive changes.
SPF, DKIM, DMARC posture for every domain we send from. Verifiable with a dig command.
| Domain | SPF | DKIM | DMARC |
|---|---|---|---|
| meetforge.ai | PASS | PASS | p=none (warmup) |
| trymeetforge.com | PASS | PASS | p=none (warmup) |
| getmeetforge.com | PASS | PASS | p=none (warmup) |
DMARC p=none is the deliberate warmup posture. Escalation to p=quarantine tracked in our standing roadmap; estimated 2026-06-28. Weekly deliverability metrics will publish to /proof per our spec.
All customer data in n8n Cloud is encrypted at rest by the platform (AES-256). Off-site backups to Backblaze B2 use SSE-B2 server-side encryption. Sub-processor data sits behind each sub-processor's encryption-at-rest controls (linked above).
All traffic to meetforge.ai, the /proof ledger, and every n8n webhook endpoint uses TLS 1.2+ with HSTS. Internal service-to-service hops within the droplet are local-loopback only.
Reply text routed through the Claude Haiku classifier is transient — we send the message body, receive the classification, and do not retain the body beyond the active workflow execution (typically <30 seconds). Anthropic's API does not train on Workspaces customer data per its commercial terms.
On customer request or contract termination, customer data is deleted from n8n Data Tables within 30 days. Backups expire on a 30-day rolling window. Sub-processor deletion timelines are governed by each sub-processor's policy (e.g., Stripe retains billing records for tax compliance per their own terms).
If we identify a confirmed security incident affecting your data, we notify you by email at the contact address on file within 72 hours of confirmation. The notification includes: what data category was affected, what we know about the cause, what mitigation steps are underway, and what (if anything) we ask you to do.
This is the same 72-hour standard GDPR Article 33 imposes on data controllers, applied unconditionally as our own SLA regardless of jurisdiction.
We do not currently hold SOC 2 Type 2. The cost-benefit for SOC 2 at our stage is poor — first-year all-in cost is $20K–$35K, and at our customer count the right place to spend that money is on customer outcomes, not on a badge. We will pursue SOC 2 Type 2 the quarter our enterprise pipeline requires it, and post the audit window publicly. In the meantime, we publish every operational evidence artifact a SOC 2 audit would otherwise lock behind NDA — sub-processor list (above), backup posture (above), breach SLA (above), refund ledger (/proof), cryptographic integrity log (/proof/integrity).
That honest posture is itself the differentiator. The badges will follow.
Email security@meetforge.ai with details. We acknowledge within 24h.