Supabase
Infrastructureus-tx primaryPrimary database, authentication, edge functions, file storage.
Data handled: All tenant data — encrypted at rest, row-level-security-scoped.
Fly.io
InfrastructureUS-South (dfw)Application hosting for the SafeGuideEd API and worker processes.
Data handled: Request payloads in transit only. No persistent storage.
Cloudflare
CDN/VideoGlobal anycastCDN, DDoS protection, Stream video hosting for /watch.
Data handled: Public marketing assets and the 90-second tour video. No tenant data.
Portkey
AI gatewayUS-EastRoutes every generative-AI call. Enforces no-training contracts. Logs USD-denominated cost ledger.
Data handled: Prompts and completions in transit. Not stored beyond ledger metadata.
Anthropic
AI providerUSClaude — primary reasoning and lesson drafting.
Data handled: Prompts and completions. Bound by no-training contract.
xAI
AI providerUSGrok — image fallback.
Data handled: Prompts and completions. Bound by no-training contract.
Google
AI providerUSGemini — vision and multimodal reasoning.
Data handled: Prompts and completions. Bound by no-training contract.
OpenAI
AI providerUSEmbeddings for retrieval over teacher content and TEKS corpus.
Data handled: Embedding inputs. Bound by no-training contract.
Ideogram
AI providerUSDiagram and illustration generation for lesson visuals.
Data handled: Prompts only. Bound by no-training contract.
Sentry
ObservabilityUSError tracking and release health monitoring.
Data handled: Error traces with identifiers redacted where possible. 90-day retention.
PostHog
AnalyticsUS (Cloud)Cookieless product analytics for feature usage trends.
Data handled: Anonymized event metadata. No direct identifiers in payloads.