Subprocessors
This page lists the third-party subprocessors that Ariso engages to process customer data in connection with the delivery of our services.
Subprocessor Guidelines
Ariso carefully selects subprocessors that meet our high standards for security, privacy, and data protection. Before engaging any subprocessor, we:
- Conduct thorough security and privacy assessments
- Execute Data Processing Agreements (DPAs) with equivalent security and retention obligations
- Apply Standard Contractual Clauses (SCCs) for cross-border data transfers where required
- Ensure compliance with applicable data protection regulations (GDPR, CCPA, etc.)
- Monitor subprocessor compliance on an ongoing basis
We limit the data shared with each subprocessor to only what is necessary for them to perform their specific function. Customers will be notified of any new subprocessors before they begin processing data, with the opportunity to object.
Current Subprocessors
| Subprocessor | Purpose | Data Access |
|---|---|---|
| AWS | Infrastructure (compute, storage, database) | All platform data |
| OpenAI | LLM inference | Prompts with user context |
| Anthropic | LLM inference | Prompts with user context |
| Google Cloud | Infrastructure, LLM inference | Prompts with user context |
| Google Workspace | Calendar API, Gmail API, OAuth | Calendar/mail metadata, auth tokens |
| Slack | Messaging platform | User messages, workspace data |
| Zoom | Meeting platform | Meeting metadata |
| Recall.ai | Meeting transcription | Meeting recordings, transcripts |
| SigNoz | Observability | Logs, traces, metrics |
| Langfuse | LLM tracing | Agent execution data |
| Mailgun | Email delivery | Email addresses, magic links |
Last updated: December 2025
Questions about our subprocessors?
Contact our security team for more information.
Contact Security Team