The third-party services that help us build your binder.

Cloudflare, Inc.

• Purpose: Pages hosting, Workers compute, R2 object storage, and DNS. This is the core of our stack. Every page you load from rdbinder.com is served by Cloudflare; every file you upload through the intake form lands in Cloudflare R2 object storage.
• Data categories: Customer Inputs at rest in R2 storage (payroll register, contractor invoices, cloud-spend exports, design-doc opt-ins); intake-form payloads in Worker memory during request handling; order and intake metadata as JSON in R2.
• Region: United States. R2 buckets are pinned to US storage.
• Privacy & DPA: Cloudflare Privacy Policy | Cloudflare Customer DPA

Resend, Inc.

• Purpose: Transactional email delivery. Order confirmations, payment receipts, intake links, intake acknowledgments, and engagement status emails all transit Resend on our verified sub-domain (mail.rdbinder.com).
• Data categories: Customer email address; the contents of intake-form and engagement-status emails (which never include file content from payroll registers or contractor invoices).
• Region: United States.
• Privacy & DPA: Resend Privacy Policy | Resend DPA

Stripe, Inc.

• Purpose: Payment processing for the Engagement Fee. When you pay for a binder, the card or ACH transaction is handled directly by Stripe Checkout; payment information never touches R&D Binder's own infrastructure.
• Data categories: Customer billing email and payment information, handled directly by Stripe. R&D Binder does not store card data; we receive only the post-payment confirmation event from Stripe.
• Region: United States.
• Privacy & DPA: Stripe Privacy Policy | Stripe DPA

GitHub, Inc.

• Purpose: Source-code repository hosting and read-only OAuth access. When you install the R&D Binder GitHub App into your engineering organization, we read repository metadata and (only if you opt in per repository) design-doc files. We never request write or admin permissions.
• Data categories: Commit metadata, contributor email addresses included in publicly-readable commit history, repository content (read-only).
• Region: United States.
• Privacy & DPA: GitHub Privacy Statement | GitHub DPA

Airtable, Inc.

• Purpose: Customer ledger for engagement state tracking. We use Airtable as the internal source of truth for which customer is at which step of the engagement (ordered, intake completed, binder drafted, binder delivered, etc.).
• Data categories: Customer name, contact email, engagement state, and links (pointers) to R2-stored inputs. The Customer Inputs themselves stay in R2; Airtable holds only metadata.
• Region: United States.
• Privacy & DPA: Airtable Privacy Notice | Airtable DPA

Migadu

• Purpose: Inbound email mailboxes for the support and partner addresses reachable through our contact form. Migadu receives correspondence customers send to those addresses; we do not push customer financial data through Migadu.
• Data categories: Customer correspondence sent to R&D Binder mailboxes. No payroll, contractor, or engineering data is routed through Migadu.
• Region: Switzerland (apex MX). Customers who require strict US-only data residency may opt out by communicating solely through the rdbinder.com contact form, which routes through Resend in the United States.
• Privacy & DPA: Migadu Privacy Policy (Migadu states this serves as their Data Processing Agreement)

This provider touches only the public marketing site (rdbinder.com). It does not see your contact-form payload, your Customer Inputs (payroll register, contractor invoices, commit metadata, design-doc opt-ins, narrative drafts), or your engagement state. It is not a subprocessor of Customer Content under the Data Processing Agreement; the thirty-day pre-notification commitment in DPA §6 therefore does not apply to its addition.

Plausible Insights OÜ

• Purpose: Aggregate web analytics on the public marketing site (rdbinder.com): pageviews per URL and a small number of named conversion events (for example, /estimate clicks, /sample views, /contact submissions). Used to understand which pages convert. Cookieless and privacy-preserving by design.
• Data categories: Page URL (path; query parameters discarded except marketing campaign tags such as utm_source), HTTP referrer, browser and version, operating system, device class, country-region-city derived from the Internet Protocol address. The Internet Protocol address itself is not stored. A daily-rotating salted hash is used in place of cookies; the salt rotates every 24 hours, preventing cross-day visitor identification. No Customer Inputs. No payroll or commit data. No contact details. No payment information.
• Region: European Union. Plausible Insights OÜ is incorporated in Estonia; servers are owned and operated by European infrastructure providers within the EU.
• Privacy & DPA: Plausible Data Policy | Plausible DPA

Per Section 6 of the Data Processing Agreement, R&D Binder gives customers at least thirty (30) days' advance notice, where practicable, before engaging a new subprocessor that will process customer personal information. Customers may object to a new subprocessor on data-protection grounds; we work in good faith to resolve any objection.

Downstream sub-processors of our subprocessors (for example, Stripe's own card-network partners or Cloudflare's hardware vendors) are governed by those vendors' published terms and are not separately enumerated here.

If you spot something on this page that looks out of date, please tell us via the contact form and we will reconcile it against the DPA within one business day.

• Data Processing Agreement - the legally-binding version of this list, plus the change-notification, security, retention, and breach-notification commitments.
• Security and data handling - what we collect, where it lives, who has access, what we never do, and how long we keep it.
• Privacy Policy - the visitor-facing privacy notice for rdbinder.com.

Last reviewed: May 24, 2026.