This page lists external services used to run Header Specter and what data they process.
1. Polar
Purpose: checkout, recurring billing, subscription lifecycle events, and customer portal access.
- Data categories: customer identifiers, subscription status, billing records handled by Polar.
- Header Specter stores only opaque IDs and status metadata required for entitlement checks.
2. Neon
Purpose: managed PostgreSQL hosting for customer, event, audit, and rate-limit tables.
- Data categories: encrypted customer email (if provided), subscription IDs, webhook records.
- Security posture: encrypted storage with database-level access controls.
3. Vercel
Purpose: hosting and serverless execution for the subscription companion app and API routes.
- Data categories: standard HTTP metadata required to serve requests.
- Security posture: TLS termination and deployment isolation managed by provider controls.
4. Vercel Analytics and Speed Insights
Purpose: product reliability and performance visibility.
- Data categories: aggregated page/performance telemetry.
- No payment credentials or secret material are intentionally sent in these signals.
5. Public IP Lookup Providers
Purpose: optional VPN scoring checks in the extension query a public IP provider endpoint to determine the current network IP.
- Data categories: request metadata and the caller IP needed to return your public IP value.
- Scope: only used when VPN/privacy score checks run in the extension.
6. X4BNet VPN List (GitHub Raw)
Purpose: fetch CIDR ranges used to classify whether a resolved public IP is commonly associated with VPN/proxy infrastructure.
- Data categories: standard HTTP metadata when downloading the list.
- Scope: list content is cached locally in extension storage and refreshed periodically.
7. Change Management
When a material integration is added or changed, this page and related policy pages are updated as part of the release process.
Related documents: Privacy Policy, Data Processing Agreement.