Architecture note. Under the bring-your-own-bucket data architecture (locked 2026-05-06, see Data Architecture), customer payload data is written directly to a customer-owned AWS S3 bucket in the customer's own AWS account, under the customer's KMS keys. The customer's bucket is not a JIL subprocessor - it is governed by the customer's own contract with AWS, in the customer's chosen region.
This list enumerates the subprocessors that JIL itself contracts with for processing-in-flight, working-state storage, attestation audit, and operational support. The list remains controlling for the activities described.
Subprocessor List
1. Active Subprocessors with PHI Access
| Subprocessor | Category | Region | BAA Status | Right to Audit |
|---|---|---|---|---|
| Amazon Web Services, Inc. | Cloud infrastructure: Bedrock (managed AI inference), SageMaker (self-hosted AI inference), KMS (key management), CloudHSM (FIPS 140-2 Level 3 HSM), S3 (object storage with Object Lock Compliance), RDS (managed PostgreSQL), OpenSearch Serverless (vector index for legal corpus), CloudTrail and CloudWatch (audit logs), Inspector and GuardDuty (vulnerability and threat detection) | United States: us-east-1, us-east-2, us-west-2 (commercial); us-gov-west-1 (GovCloud, federal scope only) | AWS Business Associate Addendum executed | Inherited from AWS SOC 2 Type II + ISO 27001 + FedRAMP High audits |
No other entity has access to Protected Health Information.
2. Subprocessors Without PHI Access (Operational)
The following subprocessors support the Company's general business operations and do not receive Protected Health Information at any point:
| Subprocessor | Category | Region | Data Categories |
|---|---|---|---|
| Hetzner Online GmbH | Cloud infrastructure for the Company's public marketing surfaces (jilsovereign.com, getjil.com), staging, and validator nodes | European Union (Nuremberg, Helsinki); validator nodes worldwide | Public website content, application logs, no customer PHI |
| Cloudflare, Inc. | Edge TLS termination, DNS, DDoS protection, content distribution for public surfaces | Global edge network | Public web traffic only |
| Stripe, Inc. | Payment processing for retail (consumer) subscription billing on retail.jilsovereign.com | United States | Cardholder data tokenized by Stripe (PCI scope reduced); Company never stores PAN; no PHI |
| GitHub, Inc. (Microsoft) | Source code repository and CI/CD pipeline | United States | Source code; no production data; no PHI |
| Anthropic, PBC | Indirect only - all Anthropic Claude inference is invoked through the AWS Bedrock contractual boundary, not the Anthropic Direct API. Bedrock contractually does not retain customer prompts or share them with Anthropic. | Inference profile geography is enforced to United States regions via AWS | None - no direct relationship between Company and Anthropic; PHI never reaches Anthropic infrastructure |
3. Subprocessor Selection and Onboarding
Before engaging any new subprocessor that may have access to Protected Health Information or other regulated data, the Company performs the following:
- Security and compliance review including independent audit reports (SOC 2 Type II, ISO 27001, HITRUST, or equivalent), data flow assessment, and incident history review.
- Negotiation and execution of a written agreement that imposes substantively equivalent obligations to those the Company owes its customers, in accordance with 45 C.F.R. § 164.502(e)(1)(ii) and § 164.308(b)(2).
- Customer notice as required by the customer-facing BAA.
- Documentation in this list and the internal subcontractor inventory.
4. Customer Objection
A customer may object to a proposed new subprocessor in writing during the thirty (30) day notice period. If the Company cannot reasonably accommodate the objection, the customer may terminate the affected portion of the Underlying Agreement without penalty for the remainder of the then-current term.
5. Removal of Subprocessors
When a subprocessor is removed, the Company shall confirm in writing that:
- all PHI in the subprocessor's possession has been returned or destroyed;
- access keys, IAM roles, and shared credentials have been revoked; and
- the removal date and method of confirmation are recorded in the immutable audit log retained for fifteen (15) years.