SocioGenieLegal document
Sub-processors
Effective date: 28 May 2026 · Last updated: 28 May 2026
This page lists the third-party service providers (“sub-processors”) that MAGNATEX LLP engages to deliver the SocioGenie platform. Each sub-processor is bound by a Data Processing Agreement (DPA) and contractual confidentiality, security, and data-protection obligations consistent with the GDPR (Article 28), the UK GDPR, the DPDP Act 2023 (India), and the CCPA/CPRA where applicable.
This list is provided for transparency. It supplements (and does not replace) the disclosures in our Privacy Policy.
Current sub-processors
| Sub-processor | Purpose | Data processed | Location | Safeguards |
|---|---|---|---|---|
| Google LLC — Firebase / Google Cloud Platform | Authentication, Firestore database, Cloud Storage, Cloud Functions, hosting. | Account data, brand assets, AI Memory Layer, generated content, OAuth tokens, logs. | United States (us-central1) | EU SCCs + EU-US Data Privacy Framework (Google is certified) |
| OpenAI, L.L.C. | Generative text and image processing for captions, posts, product adverts, chatbot. | Prompts, brand context, generated outputs (no payment data, no passwords). | United States | OpenAI Data Processing Addendum + EU SCCs; API training opt-out enabled. |
| Anthropic, PBC | Generative text processing for captions, content strategy, chatbot reasoning. | Prompts, brand context, generated outputs. | United States | Anthropic Commercial Terms; zero-retention configured where available. |
| Google LLC — Gemini / Vertex AI | Multi-modal AI generation (text, image, vision). | Prompts, uploaded images, brand context, generated outputs. | United States | Google Cloud DPA + EU SCCs + EU-US DPF; Vertex AI does not train on customer data. |
| Dodo Payments Inc. | Merchant of Record for subscription billing, Top-Up Credit purchases, tax remittance, refunds. | Name, billing address, country, tax ID (where applicable), payment-instrument details. We never see card numbers. | United States (Delaware) | Dodo DPA + PCI-DSS Level 1; we receive only redacted transaction records. |
| Firecrawl (Mendable AI, Inc.) | On-demand fetching of public webpages submitted by users for brand onboarding (Brand DNA extraction). | URLs you submit and the public page content fetched. | United States | Firecrawl Terms; data not retained beyond the fetch session. |
| Google LLC — Google Analytics 4 | Aggregated product analytics on the public website and authenticated app. | Pseudonymous device/session identifiers, page views, IP (truncated where required). | United States (data may be processed in EU for EU visitors) | Google Ads Data Processing Terms + EU SCCs + EU-US DPF; loaded only after cookie consent (EU/UK users). |
| Meta Platforms, Inc. (Instagram, Facebook Graph API) | Publishing posts and reading post-level analytics for accounts you have connected via OAuth. | Connected-account access token, page/business identifiers, posts you publish, post insights you authorise us to read. | United States / Ireland | Meta Platform Terms + Meta DPA; SocioGenie is not affiliated with Meta. |
| LinkedIn Corporation | Publishing posts and reading post-level analytics for LinkedIn accounts connected via OAuth. | Connected-account access token, member/organisation identifiers, posts, analytics. | United States / Ireland | LinkedIn API Terms + LinkedIn DPA; SocioGenie is not affiliated with LinkedIn. |
Hosting region
Primary data storage is in Google Cloud Platform region us-central1 (Council Bluffs, Iowa, United States). Encrypted backups and disaster-recovery copies may be replicated to other Google Cloud regions in accordance with Google's standard durability and resiliency practices. International transfers are governed by EU Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, and the EU-US Data Privacy Framework where applicable.
Changes to this list
We may engage new sub-processors or replace existing ones from time to time. Material changes will be reflected on this page with an updated “Last updated” date. Business customers under a signed Data Processing Agreement may subscribe to email notifications of sub-processor changes by writing to founder@magnatex.co at least 30 days before they are introduced, where applicable.
Requests for documentation
We are happy to provide, on reasonable request and under confidentiality, copies of the relevant sub-processor DPAs, our Information Security Statement, our standard customer DPA, and any available SOC 2 / ISO 27001 attestations our providers publish. Please email founder@magnatex.co.
Contact
- Privacy & sub-processor queries: founder@magnatex.co
- Postal: MAGNATEX LLP (LLPIN: ACU-5689), 111, Fortune Business Hub, Sola, Nr. Satyamev Elysium, Ahmedabad, Gujarat 380060, India
Questions about this document?
Our team can help with privacy, legal, or compliance requests.