Sub-processors
Last updated: May 17, 2026
CVJinny is a career-document generator operated by Danu AI Solutions (the "Owner"). The following sub-processors deliver the Service. Each is bound by a written agreement incorporating the data-protection obligations of our Data Processing Addendum, including GDPR Art. 28 requirements, the India DPDP Act 2023, and (where relevant) Standard Contractual Clauses 2021/914 and the UK IDTA. CVJinny does not connect to any social-media platform via OAuth — that wedge belongs to other Danu AI products, not this one.
Active sub-processors
| Sub-processor | Purpose | Hosting region | Data categories | Transfer mechanism |
|---|---|---|---|---|
| Google LLC (Gemini API) | LLM generation for CV / cover letter / SOP, parsing, OCR, transcription, embedding — under no-training enterprise terms; see /ai-training. | United States / EU (paid-tier API endpoints) | CV content, target inputs, generated outputs, audio for transcription, OCR images | SCCs (Module Two) for EU/UK/CH data subjects |
| Supabase, Inc. | Postgres database (RLS, auth, encrypted token storage) | European Union (eu-central-1 / Frankfurt) for CVJinny project qmyekaifnerkdgzjusfv | Account, profile, generations metadata, share links, agency / candidate data, GST invoice metadata | SCCs (Module Two) — controller-to-processor |
| Cloudflare R2 (Cloudflare, Inc.) | Object storage for generated PDFs, passport-style headshots, backup snapshots | Global edge network | Rendered CV / cover-letter / SOP PDFs, photo uploads, gzipped DB backup snapshots (with app_secrets encrypted at-rest per V5 finding C1) | SCCs (Module Two) |
| Upstash, Inc. | Redis cache, rate-limiting counters, short-lived wizard drafts (≤7-day TTL), AI response cache | European Union (Frankfurt) for CVJinny primary; QStash unused for CVJinny crons (see /sub-processors note below) | Wizard-draft transient bytes (sanitised), rate-limit counters keyed by user ID / IP-hash, response-body cache entries | SCCs (Module Two) |
| Razorpay Software Pvt. Ltd. | Payment processor — global cards, UPI, NetBanking, recurring subscriptions, GST invoicing under Indian GST Act 2017 | India (RBI-licensed; SEBI / RBI-supervised) | Card / UPI / NetBanking instrument metadata, billing email, address-for-GST, optional GSTIN, transaction history | DPDP Act 2023 compliant; SCCs for cross-border card data; PCI-DSS Level 1 |
| Resend, Inc. | Transactional email delivery (sign-up, password reset, trial-ending, receipts, share-link delivery to recruiters) | United States / EU | Recipient email + name, subject line, HTML / text body. Bounce / open / click metrics retained for delivery diagnostics. | SCCs (Module Two) |
| MSG91 Communications India Pvt. Ltd. | WhatsApp template messages (share-link delivery to recruiters) + OTP SMS (auth) | India | Recipient phone, OTP code (short-lived), share-link URL | DPDP Act 2023 compliant; recipient phone number + WhatsApp display-name (if available) only — no message body retained beyond delivery confirmation. |
| Hostinger International Ltd. | Application hosting (Coolify-managed Docker on a dedicated KVM VPS) + Traefik TLS termination | Hostinger VPS — region listed in the current Coolify config; check there for the live placement | All in-flight CVJinny traffic; the application process; Docker container filesystem (ephemeral, no persistent CV content stored at the VPS layer) | EU/EEA data — no transfer mechanism required for EU residents when VPS region is EU; SCCs for non-EU residents otherwise |
| Sentry (Functional Software, Inc.) | Error monitoring (CV content scrubbed; no PII transmitted by design) | United States / EU | Stack traces, hostname, route, request id, user id (when available). Body fields scrubbed at capture time. | SCCs (Module Two) |
| Cloudflare, Inc. (DNS / Email Routing / Edge) | Authoritative DNS for cvjinny.com + Cloudflare Email Routing for receive-only addresses (support@, dmca@, legal@, security@). No DDoS / WAF / CDN in front of the VPS today. | Global edge network | DNS lookups, inbound email envelope routing (forwarded to Danu AI Solutions admin Gmail) | SCCs (Module Two) |
Optional / fallback providers
These providers are wired into CVJinny's code-paths for future or opt-in features but are not active in production today. They become sub-processors only when an admin enables the matching feature flag or env var; until then no data is sent to them.
| Provider | Purpose (when enabled) | Hosting region | Transfer mechanism |
|---|---|---|---|
| Hugging Face, Inc. | Auxiliary inference (embedding, classification) — currently unconfigured in production; HUGGINGFACE_API_KEY supported as a fallback for future failover only. | United States / EU | SCCs (Module Two) when enabled |
| fal.ai, Inc. | Image / TTS fallback inference — currently unconfigured in production; FAL_API_KEY supported for opt-in feature flag only. | United States / EU | SCCs (Module Two) when enabled |
AI providers — explicit no-training contracts
Google Gemini API is configured under the no-training enterprise / paid-tier API terms — your CV / cover-letter / SOP inputs and generated outputs are never used by Google (or by CVJinny) to train, fine-tune, or evaluate foundation models. Agency-tier customers may route their own provider via BYOK (Bring Your Own Key) under their own no-training contract; the BYOK key is encrypted at rest with AES-256-GCM (per-user envelope) and never logged. Full per-provider guarantees live at /ai-training.
Cron architecture — system crontab, not QStash
CVJinny's daily background jobs (country-rule research, knowledge-source refresh, embeddings refresh, billing-period sweeps, deletion finalisation, DB backup, SEO audit) run directly from the VPS root crontab as curl calls to /api/cron/cvjinny/*. Upstash QStash is not used for CVJinny crons even though the Upstash account exists for Redis. QSTASH_TOKEN intentionally remains empty in production.
Change notifications
We will update this page before engaging any new sub-processor with access to personal data. Enterprise / agency customers subscribed to sub-processor notifications at [email protected] receive at least 30 days advance notice and may object on reasonable data-protection grounds.
Owner's Reservation of Rights
The Owner reserves the absolute, exclusive, and unfettered discretion, with or without prior notice and without liability, to: (a) add, change, replace, or remove any sub-processor, AI provider, payment processor, hosting region, or vendor; (b) introduce, restructure, withdraw, suspend, or discontinue any feature, plan, integration, price, fee, FX rate, credit weight, quota, discount, coupon, reward, or facility — partially or fully; (c) pass through any sub-processor, AI-provider, infrastructure, payment, or third-party cost increase to invoices or credit weights, immediately or with delay, with no obligation to pass through cost decreases; and (d) modify or replace this Sub-processors page, the DPA, or any related policy at any time with effect upon posting (subject only to legally-required minimum notice). The Owner's Universal Reservation of Rights — Terms of Service section 1.1, the Authorized-Use License in section 1.2, the Benefits Reservation in section 1.3, the Dynamic Pricing & FX clause in section 1.4, and the Comprehensive Owner Protections in section 18 — are incorporated into this page in full. No sub-processor change, AI-provider change, region change, or vendor change gives rise to any refund, credit-back, pro-rated reimbursement, alternative compensation, SLA payout, or service credit of any kind; the No-Refund Policy applies in full and is incorporated by reference.