O
ONX/Subprocessors

Subprocessor List

ONX (Optimal Nexus Ltd) uses the following third-party subprocessors to deliver the platform. Each subprocessor is covered by a Data Processing Agreement (DPA) and, where data is transferred outside the EEA, by Standard Contractual Clauses (SCCs) under GDPR Article 46.

Last updated: May 2026 · To request the full DPA or SCC documentation, contact compliance@optimalnexus.com

Supabase

DPA in place
Database & Authentication
Privacy policy

Purpose

Application database (PostgreSQL), user authentication, row-level security

Data processed

All application data including account, pipeline, and contact records

Location

United States (AWS us-east-1)

Transfer safeguard

Standard Contractual Clauses (EU SCCs)

Certifications

SOC 2 Type II, ISO 27001 (AWS infrastructure)

Vercel

DPA in place
Hosting & CDN
Privacy policy

Purpose

Application hosting, serverless edge functions, global content delivery

Data processed

Request data, session tokens, application traffic

Location

United States / Global Edge Network

Transfer safeguard

Standard Contractual Clauses (EU SCCs)

Certifications

SOC 2 Type II

Anthropic

DPA in place
AI Inference
Privacy policy

Purpose

ICP generation, signal analysis, deal recommendations, AI-assisted insights

Data processed

Company-level context and signals only. No raw personal data in prompts.

Location

United States

Transfer safeguard

Standard Contractual Clauses (EU SCCs)

Certifications

Enterprise DPA available

Clay.com

DPA in place
Data Enrichment
Privacy policy

Purpose

Company and contact data enrichment via waterfall enrichment stack

Data processed

Company domain, public LinkedIn URLs, firmographic data

Location

United States

Transfer safeguard

Standard Contractual Clauses (EU SCCs)

Certifications

Per Clay DPA

Perplexity AI

DPA in place
Web Intelligence
Privacy policy

Purpose

Real-time company research and signal discovery

Data processed

Company names, domains, public web context

Location

United States

Transfer safeguard

Standard Contractual Clauses (EU SCCs)

Certifications

Per Perplexity DPA

Resend

DPA in place
Transactional Email
Privacy policy

Purpose

System emails — account notifications, compliance alerts, deal nudges

Data processed

Email addresses, notification content

Location

United States

Transfer safeguard

Standard Contractual Clauses (EU SCCs)

Certifications

Per Resend DPA

Changes to this list: Optimal Nexus Ltd will provide 30 days' notice of any new subprocessors via in-platform notification and email to the account DPA contact. Customers may object to new subprocessors in accordance with their DPA.

Data Processing Agreement: A DPA is available on request for all paying customers. Enterprise customers may request a mutually negotiated DPA.

← Back to platformPrivacy PolicyTerms of Servicecompliance@optimalnexus.com