LoginRequest Access
Policy library

ReadinessOS policy framework

Subprocessor & Infrastructure Policy

Public ReadinessOS policy document for governance, transparency and operational trust.

Document status

Version1.0
Source32_subprocessor_and_infrastructure_policy.md
FormatMarkdown

READINESSOS

Policy: Subprocessor & Infrastructure Policy

Version: 1.0

Effective Date: 06/06/2026

Last Updated: 06/06/2026

Contact: ReadinessOS@proton.me

1. Document Purpose

This Subprocessor & Infrastructure Policy establishes the principles governing the use of third-party infrastructure providers, cloud services, subprocessors, and supporting technology vendors utilized by ReadinessOS.

The objective of this policy is to provide transparency regarding external service providers that may process or store platform information while supporting the operation, security, scalability, and reliability of the ReadinessOS ecosystem.

2. Scope

This policy applies to:

  • Professional user accounts
  • Vessel accounts
  • Future fleet accounts
  • Authentication systems
  • Cloud infrastructure
  • AI services
  • Email services
  • Payment providers
  • Analytics providers
  • API infrastructure
  • File storage
  • Backup services
  • Future enterprise integrations

3. Definitions

For the purposes of this policy:

Subprocessor means an external organization engaged by ReadinessOS to process information or provide infrastructure supporting platform operation.

Infrastructure Provider means a third-party service responsible for hosting, networking, storage, computing, authentication, messaging, or similar technical services.

Processing means any operation performed on platform information including storage, transmission, analysis, backup, or deletion.

4. Purpose of Subprocessors

ReadinessOS may utilize subprocessors to support:

  • Cloud hosting
  • Authentication
  • Database services
  • File storage
  • AI processing
  • Email delivery
  • Payment processing
  • Analytics
  • Monitoring
  • Logging
  • Security
  • Backup services
  • Future enterprise functionality

Subprocessors are selected based upon reasonable commercial and technical standards.

5. Current Infrastructure

At the time of publication, ReadinessOS may utilize infrastructure and service providers including:

  • Supabase
  • Firebase (legacy or migration support where applicable)
  • OpenAI services
  • Cloud hosting providers
  • Email delivery providers
  • Payment processing providers
  • DNS providers
  • Content Delivery Networks (CDNs)
  • Analytics providers
  • Monitoring platforms

The specific providers utilized may change over time without prior notice.

6. Cloud Infrastructure

ReadinessOS may rely upon commercial cloud providers for:

  • Compute resources
  • Database hosting
  • Storage
  • Networking
  • Disaster recovery
  • High availability
  • Security services
  • Geographic redundancy

Cloud infrastructure may be located in multiple jurisdictions.

7. Authentication Providers

ReadinessOS may utilize external authentication providers to facilitate secure user access.

Authentication services may process:

  • Email addresses
  • Authentication tokens
  • Session identifiers
  • Device information
  • Login metadata

Authentication providers remain subject to their own privacy and security practices.

8. Artificial Intelligence Providers

AI-assisted platform functionality may utilize external AI providers to generate:

  • Readiness summaries
  • Educational content
  • Scenario recommendations
  • Professional summaries
  • Analytics
  • Operational insights

AI providers may process limited platform information necessary to generate requested outputs.

AI processing remains subject to applicable privacy controls.

9. Email Providers

ReadinessOS may utilize third-party email providers for:

  • Account verification
  • Password resets
  • Platform notifications
  • Billing communications
  • Newsletter distribution
  • Administrative communications

Email providers process only the information reasonably necessary to deliver communications.

10. Payment Providers

Payment processing may be performed by authorized third-party payment processors.

ReadinessOS does not necessarily store complete payment card information where secure payment processors are utilized.

Payment providers remain independently responsible for their own payment infrastructure and regulatory compliance.

11. Analytics Providers

ReadinessOS may utilize analytics providers to understand:

  • Platform performance
  • User engagement
  • Feature adoption
  • Error reporting
  • Service reliability
  • Aggregate usage trends

Analytics information may be aggregated or anonymized where reasonably practical.

12. Data Location

Platform information may be processed and stored in multiple jurisdictions depending upon infrastructure architecture and provider availability.

ReadinessOS will make reasonable efforts to ensure that providers maintain appropriate security and privacy safeguards consistent with applicable law.

13. Security Expectations

ReadinessOS expects subprocessors to maintain commercially reasonable safeguards including:

  • Encryption
  • Access controls
  • Security monitoring
  • Backup procedures
  • Authentication controls
  • Incident response capabilities
  • Infrastructure redundancy

ReadinessOS cannot independently guarantee the security practices of external providers.

14. Changes to Subprocessors

ReadinessOS reserves the right to:

  • Add subprocessors
  • Remove subprocessors
  • Replace providers
  • Change infrastructure architecture
  • Modify hosting arrangements
  • Introduce new enterprise providers

Operational changes may occur without individual user notification unless required by applicable law.

15. Third-Party Responsibility

Each external provider remains independently responsible for:

  • Security practices
  • Regulatory compliance
  • Privacy obligations
  • Infrastructure management
  • Service continuity
  • Internal operational controls

ReadinessOS does not control third-party internal operations.

16. Limitation of Liability

To the maximum extent permitted by applicable law, ReadinessOS shall not be liable for losses arising solely from failures attributable to independent third-party providers including:

  • Infrastructure outages
  • Authentication failures
  • Payment provider interruptions
  • Email delivery failures
  • Cloud service interruptions
  • Internet disruptions
  • AI provider outages

Reasonable efforts will be made to restore platform functionality where possible.

17. Relationship to Other Policies

This policy should be interpreted together with:

  • Terms of Service
  • Privacy Policy
  • Platform Security Policy
  • Data Processing Agreement (DPA)
  • API & Third-Party Integration Policy
  • AI Usage & Responsible AI Policy
  • Data Ownership Policy

Where conflicts exist regarding personal information processing, the Privacy Policy shall govern.

18. Policy Updates

ReadinessOS may revise this policy as infrastructure architecture, cloud providers, AI services, enterprise functionality, or legal requirements evolve.

Updated versions become effective upon publication unless otherwise specified.

19. Revision History

VersionDateDescription
1.006/06/2026Initial production release

END OF DOCUMENT