Supabase
- Purpose
- Primary database, authentication, file storage, row-level security
- Data received
- All account, CPD, reflection, evidence, and audit data
- Hosting region
- AWS Sydney (ap-southeast-2), Australia
- Privacy policy
- supabase.com/privacy
Trust · Sub-processors
Who touches your data.
A complete list of third-party services PracticaCPD relies on, what they do, what data they receive, and where they host it. Adding or replacing a sub-processor is a material change to this page; we'll update the date below and notify active users.
Last updated 16 May 2026
Netlify
- Purpose
- Web application hosting and CDN delivery
- Data received
- HTTP request metadata (URL, IP, user agent). No application data.
- Hosting region
- Global CDN with Australian edge
- Privacy policy
- netlify.com/privacy
Stripe
- Purpose
- Subscription billing and payment processing
- Data received
- Name, email, billing address, payment method (card details stored by Stripe, never seen by us)
- Hosting region
- Global, including United States and Ireland
- Privacy policy
- stripe.com/au/privacy
Resend
- Purpose
- Transactional email delivery (sign-in codes, receipts, notifications)
- Data received
- Email address, subject + body of operational emails
- Hosting region
- United States
- Privacy policy
- resend.com/privacy
AWS (Bedrock — Anthropic Claude)
- Purpose
- AI inference for the optional Reflection Assistant and Standardised Patient simulations
- Data received
- Only the case text or simulation transcript you submit. Inference runs in Australia; prompts are not retained for training.
- Hosting region
- AWS Sydney (ap-southeast-2), Australia
- Privacy policy
- aws.amazon.com/privacy
Expo / EAS
- Purpose
- Mobile app build pipeline (EAS Build), over-the-air JS updates (EAS Update), and push token delivery (Expo Push)
- Data received
- Expo push tokens (opaque device identifiers used to route notifications). No CPD content.
- Hosting region
- United States
- Privacy policy
- expo.dev/privacy
Apple
- Purpose
- iOS app distribution (TestFlight, App Store) and Apple Push Notification Service relay
- Data received
- App install metadata, encrypted push payloads (no readable content stored by Apple)
- Hosting region
- Global
- Privacy policy
- apple.com/au/legal/privacy
Sentry
- Purpose
- Application error monitoring and crash reporting
- Data received
- Stack traces, URL, browser type, anonymised user ID. No CPD content or evidence files.
- Hosting region
- United States, EU
- Privacy policy
- sentry.io/privacy
Google Analytics 4
- Purpose
- Anonymised page-level usage analytics — only loaded after explicit cookie consent
- Data received
- Pseudonymous client ID, page path, device class, country (no individual identifiers)
- Hosting region
- Global, primarily United States
- Privacy policy
- policies.google.com/privacy
Cross-border disclosures
Where a sub-processor operates outside Australia, the transfer is governed by Australian Privacy Principle 8. Each overseas recipient is contractually bound to handle PracticaCPD user data in a manner consistent with the APPs, and operates under recognised security frameworks (SOC 2, ISO 27001, PCI-DSS, or equivalent). The single most sensitive flow — AI inference on practitioner case text — has been deliberately routed through AWS Bedrock in the Sydney region so that it never leaves Australia.
Notification of changes
We will give active users at least 14 days' notice by email before adding a new sub-processor that handles identifiable user data. You can object during that window by emailing support@practicacpd.com.au; if we can't accommodate your objection (e.g. because the sub-processor is replacing a critical service) you may delete your account before the change takes effect.
Back to Trust & compliance.