Does that vendor have SOC 2? Who processes their data? When did it change?

Subprocessor list extracted from Airtable's published page (airtable.com/company/subprocessors, vendor-dated March 31, 2026): 22 third-party subprocessors (core infrastructure, in-product AI, and support/service providers) plus 3 Formagrid affiliates.

Verification pass: SOC 2 Type II, ISO 27001:2022 (public certificate PDF), ISO 27701, HIPAA, and TX-RAMP Level 2 confirmed against Airtable's trust page. Security page URL corrected to /company/trust-and-security; subprocessors list and DPA links added.

Vendor added to StackPosture — initial snapshot from published trust documentation. Verification pass pending.

Subprocessor list extracted from Anthropic's trust center (trust.anthropic.com/subprocessors, fetched 2026-06-10): 18 subprocessors. Notable: three hyperscalers (GCP, AWS, Azure) plus Palantir Federal Cloud Service for Claude for Government, ElevenLabs for voice mode, and Brave Search/TurboPuffer powering web search.

Vendor added with a verified initial snapshot: SOC 2 Type II, ISO 27001:2022, ISO/IEC 42001:2023, and HIPAA BAA availability confirmed against Anthropic's Privacy Center certification article (fetched 2026-06-10). DPA confirmed at anthropic.com/legal/data-processing-addendum. Trust portal (trust.anthropic.com) is JS-rendered — Vanta-hosted; subprocessor list extraction pending.

Verification pass: SOC 2 Type II, ISO 27001:2022 (plus 27017/27018/27701), HIPAA, and CSA STAR Level 1 confirmed against Asana's trust page. Status page and EU/AU/JP data residency recorded; trust center corrected to security.asana.com.

Vendor added to StackPosture — initial snapshot from published trust documentation. Verification pass pending.

Vendor added with a verified initial snapshot: SOC 2 (Coalfire-audited, cloud products), ISO/IEC 27001:2022 with ISO 27018 extension, and FedRAMP Moderate (Jira, Confluence, JSM) each confirmed against Atlassian's dedicated compliance resource pages (fetched 2026-06-10). PCI DSS kept as reported only — the logo appears on the compliance page without a linked resource. The full 34-item compliance resource list is JS-filtered; remaining certifications can be verified individually later.