This page lists providers that may process operational data for page delivery, analytics, payments, license validation and support. Statement contents are not sent to these providers in Local Mode.
Last updated: 2 July 2026
| Provider | Purpose | Data categories | Processing region |
|---|---|---|---|
| Cloudflare Pages / CDN | Website delivery, TLS, security headers and edge caching | Request metadata such as IP address, user agent, URL and security logs | Global edge network, including US and EU/EEA locations |
| Gumroad | Payment processing, order records, refunds and license validation | Purchase email, order/license details, payment metadata and license key validation request | United States and other provider locations |
| Plausible Analytics | Optional anonymous, cookieless website analytics | Page URL, referrer, device/browser summary and approximate country-level location | European Union/EEA or the configured Plausible workspace region |
| Support email provider | Customer support and privacy requests sent to support@antelope.tools | Email address, message contents, attachments you choose to send and support history | United States and EU/EEA depending on mailbox routing |
| Cloud OCR provider | None currently | No statement files are sent to cloud OCR today. Before cloud OCR launch, uploads must use real MIME validation, file/page limits, randomized private storage, short-lived signed URLs, isolated OCR workers, resource limits, deletion evidence and safe logs. | Not applicable |
New subprocessors that would receive personal data or statement contents will be listed here before launch. Cloud OCR, if ever added, will be opt-in, will not be used for model training, and must pass the cloud OCR launch gate on the Security page before production use.
Gumroad processes payment details, purchase records and license validation requests. LINGYANG does not receive full card details.
Plausible Analytics may be used for cookieless, anonymous page analytics when configured. Analytics never include statement contents.
No. OCR currently runs on device with self-hosted Tesseract.js assets. If cloud OCR is introduced, the provider will be listed before use and the upload security launch gate must be complete.