Cossistant Logo
Widget v0.2.0NEW: Script embeds and AI clarification
arrow-leftPreviousarrow-rightNext

Third-Party Services

Security, compliance, and third-party infrastructure used by Cossistant.

Overview

Cossistant leverages best-in-class third-party services to deliver a secure, reliable, and performant customer support platform. We are committed to achieving SOC 2 Type II certification as soon as possible and have carefully selected service providers that maintain the highest security and compliance standards.

This page describes the managed Cossistant Cloud stack. If you are running Cossistant on your own infrastructure, use the Self-Host overview for the storage and email setup paths, including the AWS-first infrastructure route and the choice between Resend and SES for email transport.

Infrastructure & Hosting

  • Vercel - Hosts our Next.js web application and provides edge infrastructure for optimal performance worldwide.
  • Railway - Hosts our Hono backend API, Redis instance, and provides automatic deployments with monitoring.
  • AWS S3 - Secure cloud storage for file uploads and media assets (SOC 2 Type II certified).
  • AWS CloudFront - Content delivery network (CDN) for fast, global content distribution (SOC 2 Type II certified).
  • Upstash - QStash and Workflows for serverless background job processing and workflow orchestration (SOC 2 Type II certified).

Database & Storage

  • PostgreSQL - Primary database for all application data.
  • Drizzle ORM - Type-safe database toolkit and ORM.

Authentication & Payments

  • Better Auth - Modern authentication solution for secure user authentication.
  • Polar.sh - Payment processing and subscription management for our billing system.

Communication

  • Resend - Transactional email delivery with high deliverability rates (SOC 2 Type II certified).

Monitoring & Analytics

  • OpenStatus - Uptime monitoring and status page infrastructure.
  • Tinybird - Real-time analytics platform for inbox metrics, visitor tracking, and geolocation data (SOC 2 Type II certified).
  • DataFast - Third-party web analytics script used for hosted site analytics.

Security & Compliance Commitment

All third-party services we use are carefully vetted for:

  • SOC 2 Type II compliance (current or in progress)
  • GDPR compliance
  • Robust data encryption (in transit and at rest)
  • Regular security audits and penetration testing
  • High availability and disaster recovery capabilities

We regularly review our vendor landscape to ensure we maintain the highest standards of security and privacy for our customers.

arrow-left Mentionsllms.txt arrow-right