Subprocessors

The vendors we use, and why.

Protocol Wealth works with a small number of third-party service providers ("subprocessors") to deliver advisory services, custody client assets, and operate our platform. This is the full list — each provider's role, the data categories it processes, where it operates, and the security attestations it publicly maintains.

Read the Privacy Policy How we vet our vendors

This list is the public-facing supplement to the "How We Share Information with Third Parties" section of our Privacy Policy. The Privacy Policy remains the authoritative description of why we share information, what safeguards apply, and what rights you have. This list exists so that you — or your compliance, audit, or legal team — can see the full vendor roster without filing a written request.

Security attestations are shown as the vendor published them at the time this list was compiled. Our own vendor-risk process reviews attestations at engagement, annually thereafter, and on material change. Inclusion here is not an endorsement; it states that the vendor meets our requirements for the role listed and that we have reviewed their attestations within the scope appropriate to that role. Where Client PII would otherwise appear in a vendor's data flow, our PII redaction pipeline removes direct client identifiers before any external AI transmission.

Data categories used below

Client PII.: Name, contact information, government-issued identifiers, account numbers, tax identifiers.
Financial data.: Account balances, transaction history, holdings, fund flows, tax information.
Advisory content.: Advisor-authored analysis, AI-assisted research drafts, Investment Policy Statements, recommendations, notes.
Wallet addresses.: On-chain wallet identifiers; all public blockchain data.
Custody instructions.: Wallet signing requests, trade orders, transfer instructions, MPC key material.
Firm operational data.: Advisor communications, internal documents, firm records not specific to a single client.

Category 1

Artificial Intelligence

Anthropic, PBC

Role: External AI inference via the Claude API under a Zero Data Retention (ZDR) agreement — advisor-supporting research, analysis drafting, and document preparation under human review.
Data processed: Advisory content and redacted research inputs. Client PII is removed by our PII redaction pipeline before any data reaches Anthropic.
Location: US-only workspace; US-only inference regions.
Attestations: SOC 2 Type II · ISO 27001 · HIPAA BAA available. ZDR enforced at the workspace level (no retention, no training use); independently attestable by Anthropic on regulatory or qualified-partner request.

Category 2

Infrastructure and Platform

Google Cloud Platform (GCP)

Role: Primary compute and data platform — Cloud Run services, Cloud SQL (Postgres), Memorystore (Redis), Secret Manager, and the CI/CD identity pool.
Data processed: All Client PII, Financial data, Advisory content, and Firm operational data we process is stored on or flows through GCP. Encrypted at rest (AES-256) and in transit (TLS 1.2+).
Location: us-central1 (Iowa); production pinned to US regions under organization policy.
Attestations: SOC 1 / 2 / 3 · ISO 27001 / 27017 / 27018 / 27701 · PCI DSS · FedRAMP High · HIPAA BAA available.

Google Workspace

Role: Business email, document storage (Drive), calendar, and identity for Protocol Wealth personnel. Not used to process client-authenticated advisory data.
Data processed: Firm operational data. Client PII appears only to the extent included in advisor correspondence or internal documents, subject to our retention schedule and PII-handling standards.
Location: US regions.
Attestations: SOC 1 / 2 / 3 · ISO 27001 / 27017 / 27018 · HIPAA BAA available.

Cloudflare, Inc.

Role: DNS, CDN, web application firewall, and Pages hosting for marketing/informational properties. Authenticated advisory surfaces do not transit Cloudflare (pw-api is private; the webhooks surface routes direct to Google Cloud Run).
Data processed: Public website traffic metadata and DNS query metadata. No Client PII, Financial data, or Advisory content transits Cloudflare in the current topology.
Location: Global edge network; US-origin routing preferred.
Attestations: SOC 2 Type II · ISO 27001 · PCI DSS Level 1.

Category 3

Client Onboarding and Compliance

Veriff OÜ

Role: Identity verification at onboarding — document verification, liveness detection, biometric match against submitted government-issued ID.
Data processed: Government-issued identification documents, selfie/liveness captures, identity-match outcome records.
Location: Estonia (HQ); US data processing on AWS US regions.
Attestations: SOC 2 Type II · ISO 27001 · GDPR-compliant processing.

Scorechain S.A.S. (via QuickNode)

Role: Onchain compliance — Scorechain Free Sanctions API (OFAC/OFSI/MOFA/NBCTF screening) and the Scorechain Risk Assessment API via QuickNode (KYT/KYW risk scoring on Bitcoin, Ethereum, Solana, Base, XRP, and Avalanche). Chains outside that set are reviewed manually by the CCO using public block explorers.
Data processed: Wallet addresses, transaction hashes, and per-chain risk-scoring outputs. No Client PII — public on-chain identifiers only.
Location: Luxembourg (Scorechain HQ); QuickNode global edge.
Attestations: Scorechain — vendor attestations under active annual review; specifics on request. QuickNode — SOC 2 Type II.

QuickNode, Inc.

Role: Multi-chain RPC and blockchain-data infrastructure; the addon substrate for the Scorechain Risk Assessment API and general-purpose RPC reads.
Data processed: Wallet addresses, transaction hashes, RPC query metadata. No Client PII — public on-chain identifiers only.
Location: US (New York).
Attestations: SOC 2 Type II.

Hadrius, Inc.

Role: AI-powered compliance monitoring — trade surveillance, outbound marketing-communication review, archiving of regulated communications. Integrated via manual export workflow.
Data processed: Firm operational data, including outbound advisor communications, marketing materials, and trade activity. Client PII appears to the extent present in reviewed communications.
Location: US.
Attestations: Vendor attestations under active annual review; specifics on request.

Category 4

Account Data Aggregation

Quiltt, Inc.

Role: Financial account aggregation orchestration. We maintain a single integration with Quiltt; downstream connectivity (MX, Finicity, Akoya) and enrichment (FinGoal) are Quiltt-routed.
Data processed: Account balances, transaction history, holdings, and institution-tokenized credentials for accounts clients link through Quiltt.
Location: US.
Attestations: SOC 2 Type II (auditor Insight Assurance; criteria: Security, Availability, Processing Integrity, Confidentiality). Master Services Agreement: end users own their data; 15-day deletion on termination; 24-hour customer breach notice.

MX Technologies, Inc.

Role: Account connectivity provider routed through Quiltt. No direct integration; MX data reaches us only via Quiltt.
Data processed: Institution-tokenized credentials and account data for accounts clients link through Quiltt.
Location: US.
Attestations: SOC 2 Type II.

FinGoal

Role: Transaction cleaning and enrichment routed through Quiltt. No direct integration; FinGoal data reaches us only via Quiltt.
Data processed: Transaction-level data for linked accounts; enrichment outputs (merchant categorization, recurring-transaction detection, cashflow classification).
Location: US.
Attestations: SOC 2 Type II.

Finicity, Inc. (a Mastercard company)

Role: Account connectivity routed through Quiltt, enabled to reach institutions MX does not serve (notably USAA). No direct integration; bank-hosted OAuth consent; no institution credentials stored by Protocol Wealth.
Data processed: Institution-tokenized credentials and account data (balances, transaction history, holdings) for accounts linked via Finicity through Quiltt.
Location: US (Salt Lake City, Utah; Mastercard Open Banking).
Attestations: SOC 2 Type II (Mastercard Open Banking / Finicity). Pass-through terms: AES-256 minimum at rest, GLBA-aligned handling, 48-hour incident notice.

Akoya LLC

Role: Token-based account connectivity routed through Quiltt, enabled as a secondary/fallback path. Credential-free, tokenized (FDX-aligned) access with bank-hosted consent. No institution credentials stored by Protocol Wealth.
Data processed: Tokenized account-access grants and account data (balances, transaction history, holdings) for accounts linked via Akoya through Quiltt.
Location: US (owned by a consortium of US financial institutions; Fidelity-affiliated).
Attestations: SOC 2 Type II.

Category 5

Custody and Brokerage

Altruist Financial LLC

Role: Advisory custodian and billing platform — custody for traditional-asset accounts and advisory-fee billing.
Data processed: Client PII for account establishment, Financial data (balances, trades, fee calculations), advisory-billing records.
Location: US (registered broker-dealer; FINRA / SIPC member).
Attestations: SEC / FINRA / state oversight · SOC 2 Type II.

Interactive Brokers LLC

Role: Brokerage and custody for IBKR-custodied client accounts. IBKR bills its own fees under a direct client relationship; advisory fees are billed separately.
Data processed: Client PII for brokerage account establishment, Financial data (positions, trades, account activity).
Location: US (registered broker-dealer; FINRA / SIPC member).
Attestations: Regulated broker-dealer under SEC, FINRA, and corresponding international regulators.

Anchorage Digital Bank, N.A.

Role: Qualified digital-asset custodian — holds institutional digital-asset positions and provides custodial transaction signing.
Data processed: Custody instructions, wallet addresses, transaction signing requests, balance/position data for AUM calculation and reporting.
Location: US (OCC-chartered national trust bank).
Attestations: OCC oversight · SOC 2 Type II.

BitGo Trust Company

Role: Qualified digital-asset custodian for institutional digital-asset holdings.
Data processed: Custody instructions, wallet addresses, transaction signing requests, balance/position data.
Location: US (South Dakota trust charter).
Attestations: South Dakota Division of Banking oversight · SOC 2 Type II.

Fordefi

Role: Multi-party computation (MPC) wallet infrastructure for the firm onchain operational treasury and client-directed onchain allocations where Protocol Wealth is a co-signer.
Data processed: MPC key shares (Fordefi holds one share; remaining shares held by Protocol Wealth and, where applicable, Coincover as backup), signing requests, wallet addresses, transaction metadata.
Location: US and Israel; US-region processing for Protocol Wealth workloads.
Attestations: SOC 2 Type II.

Coincover

Role: Client-engaged disaster-recovery service for a client’s own self-custodial wallets. The engagement is structurally direct between client and Coincover; Protocol Wealth does not hold, access, or intermediate the backup key material, and Coincover cannot initiate any transaction unilaterally.
Data processed: Encrypted backup key material held by Coincover on the client’s behalf. No Protocol Wealth client PII, financial data, or transaction data flows to Coincover.
Location: United Kingdom.
Attestations: ISO 27001 · SOC 2 Type II. (Listed for transparency; under a strict definition, a client-engaged recovery service rather than a subprocessor.)

Category 6

Onchain Data

DeBank

Role: Multi-chain wallet and DeFi position-data aggregator — the primary read-only onchain portfolio-visibility source.
Data processed: Public wallet addresses and on-chain transaction/position data (all public blockchain data). No Client PII.
Location: Global (headquartered in Hong Kong).
Attestations: Processes only public blockchain data; holds no Protocol Wealth client information under any data category.

Octav

Role: Multi-chain wallet and DeFi position-data aggregator — backup/fallback to DeBank for resilience and cross-source reconciliation. Read-only.
Data processed: Public wallet addresses and on-chain transaction/position data (all public blockchain data). No Client PII.
Location: US.
Attestations: Vendor attestations under active annual review; specifics on request.

Maintenance

Changes to this list

When we engage a new subprocessor or materially change an existing subprocessor's role, we update this list and its version number, update the Privacy Policy if the change affects the scope of data sharing, and provide at least 30 days' advance notice to clients when the change materially expands the categories of data shared, the geography of processing, or the class of AI service engaged. We retain prior versions of this list for a minimum of seven years.

You may object to a specific subprocessor engagement by contacting your adviser or [email protected]. Where a subprocessor is structurally required to deliver advisory services — a qualified custodian, or the sole integration path for a data category — we will describe the operational implications of declining and any alternative we can substitute.

List version 1.3 · compiled June 3, 2026 · page last updated June 5, 2026. Companion to our Privacy Policy. Protocol Wealth, LLC is an SEC-registered investment adviser (CRD #335298). See our Form ADV for authoritative regulatory disclosures.

Registration with the SEC does not imply a particular level of skill or training. This list is informational; the Privacy Policy is the authoritative description of our data-sharing practices, safeguards, and your rights. A vendor's inclusion is a statement that it meets our vendor-risk requirements for the role listed — not a security audit, certification, or endorsement of that vendor.

Questions about this list or a specific subprocessor: [email protected], Attn: Chief Compliance Officer.