Legal

Sub-processors

Last updated: June 23, 2026

Quoining (operated by Bolt Systems, LLC) uses a limited set of third-party sub-processors to deliver the Service. A sub-processor is a third party that we engage to process customer data on behalf of our customers. Each sub-processor is bound by contract to data-protection terms substantially aligned with our Data Processing Agreement.

The Service is currently offered only in the United States. Our core application hosting and the customer database are in AWS us-east-1 in the United States. Some optional, customer-enabled sub-processors listed below process limited data outside the United States (Shopify in Canada, Moralis in the European Union, Blockstream in Canada, CoinGecko in Singapore, Better Stack in the European Union / United States); those processors only receive data after the customer enables them and can be disabled at any time from Settings.

Core infrastructure (always active)

Sub-processorPurposeLocationData types
Amazon Web Services (AWS)Cloud hosting (ECS Fargate), database (RDS PostgreSQL), cache (ElastiCache Redis), file storage (S3), transactional email (SES), secrets (Secrets Manager), monitoring (CloudWatch, GuardDuty)United States (us-east-1)All customer data at rest and in transit

Payments

Sub-processorPurposeLocationData types
Stripe, Inc.Subscription billing, payment processing, invoicingUnited StatesBilling contact, payment method tokens, invoice metadata

Identity providers (used only when the user chooses)

Sub-processorPurposeLocationData types
Google LLC (OAuth)Sign in with Google (only when the user chooses this method)United StatesProfile email, name, ID token
Microsoft Corporation (Entra ID)Sign in with Microsoft (only when the user chooses this method)United StatesProfile email, name, ID token

Product integrations (opt-in per customer)

Sub-processorPurposeLocationData types
Plaid, Inc.Bank account linking and transaction import (opt-in per customer)United StatesBank account identifiers, transaction history, balances
Anthropic, PBCAI features (transaction categorization, AI Accountant, PDF statement parsing, footnote drafting). Anthropic does not train its models on customer data submitted through its commercial API.United StatesPrompts, chart-of-account names, transaction descriptions, document snippets
OpenAI, L.L.C.AI features when a company connects its own OpenAI key (transaction categorization, AI Accountant, PDF/document extraction, footnote drafting). OpenAI does not train its models on data submitted through its API.United StatesPrompts, chart-of-account names, transaction descriptions, document snippets
Google LLC (Gemini API)AI features when a company connects its own Google Gemini key (transaction categorization, AI Accountant, PDF/document extraction, footnote drafting). Google does not use paid Gemini API data to train its models.United StatesPrompts, chart-of-account names, transaction descriptions, document snippets
Gusto, Inc.Payroll sync (opt-in)United StatesPayroll run summaries, employee wage breakdowns
Ramp Business CorporationCorporate card and expense import (opt-in)United StatesTransaction metadata, merchant and category data
Bill.com, LLCAccounts payable sync (opt-in)United StatesVendor records, bill and payment metadata
Avalara, Inc.Sales tax automation (opt-in)United StatesInvoice line items, addresses, tax jurisdiction data
Shopify Inc.E-commerce order, payout, and product sync (opt-in)CanadaPayout summaries, order, product, and inventory metadata
Block, Inc. (Square)POS payment sync (opt-in)United StatesPayment and refund metadata
MoralisBlockchain wallet scanning and token price lookups for crypto accounting (opt-in)European UnionWallet addresses, on-chain transaction data (public blockchain)
Blockstream Corporation Inc.Bitcoin wallet scanning for crypto accounting (opt-in)CanadaBitcoin wallet addresses, on-chain transaction data (public blockchain)
CoinGeckoCryptocurrency market price lookups for fair-value remeasurement (opt-in)SingaporeAsset symbols only (e.g. BTC, ETH) — no customer-identifying data

Observability & analytics

Sub-processorPurposeLocationData types
Sentry (Functional Software, Inc.)Application error tracking and performance monitoring. Session replay is captured around error events; in addition, when an authorized Quoining administrator is impersonating a customer account for support or audit purposes, the full session is recorded for the duration of that impersonation. In all cases, text inputs and media are masked by default.United StatesError stack traces, request metadata, masked session replays, user ID when signed in
Better StackPublic status page at status.quoining.com and synthetic uptime monitoringEuropean Union / United StatesHTTP probe results (no customer data)
PostHog, Inc.Product analytics, loaded only after analytics-cookie consentUnited States (us.i.posthog.com)Pseudonymous event data, feature-flag decisions
Google LLC (Google Analytics 4)Aggregate marketing-site analytics, loaded only after analytics-cookie consentUnited StatesPseudonymous pageview data with IP truncation enabled, UTM parameters

Notice of new sub-processors

We will notify customers of material changes to this list (new sub-processors, material scope changes) by updating this page and emailing the account admin at least 30 days before the change takes effect, except where shorter notice is required by law or by a business-continuity event. Customers may object to the addition of a sub-processor by contacting privacy@quoining.com before the effective date.

Related documents