Skip to content
Myellin

Trust

Subprocessors

Last updated: June 27, 2026

Myellin uses trusted infrastructure and AI service providers to operate the product. Provider use depends on the features a user enables, organization policy, and the API keys configured in the workspace.

Core infrastructure

  • Vercel: application hosting and edge delivery. Role: infrastructure processor. Location: global hosting and routing infrastructure based on deployment configuration. Retention: platform logs and deployment records follow Vercel retention settings.
  • Supabase: database, authentication, and storage infrastructure. Role: database, auth, and storage processor. Location: configured project region plus supporting infrastructure. Retention: customer content, auth data, and storage objects remain until deleted, retained by policy, or aged out of backups.
  • Microsoft 365: business email routing for the Myellin domain. Role: business communications processor. Location and retention follow the Microsoft 365 tenant and service configuration.

Optional AI providers

Optional AI providers receive selected content only when a user starts a workflow that needs that provider, or when an organization policy permits platform-provider fallback. Customer-provided API keys are encrypted in Myellin and sent server-side only to run the requested provider call.

  • OpenAI: optional AI inference provider.
  • Anthropic: optional AI inference provider.
  • Google: optional AI inference provider.
  • Moonshot: optional AI inference provider.
  • xAI: optional AI inference provider.
  • DeepSeek: optional AI inference provider.

AI provider locations and retention are governed by the enabled provider's terms, enterprise configuration, and API-key account settings. Myellin does not claim a provider is globally disabled unless the organization policy or deployment configuration enforces that restriction.

Update process

Myellin updates this page before adding a material new subprocessor for production customer data. Customers can request notification, procurement review, or objection handling by contacting privacy@myellin.com.

Current limitations

Region locking, formal subprocessor change-notice automation, and customer-specific signed subprocessor exhibits are handled through procurement review and are not self-service in the product today.

Questions about subprocessors or enterprise review can be sent to privacy@myellin.com.