Privacy Policy

We collect information that you provide directly when you create an account, configure your organization, or contact us. This includes your name, email address, organization name, and billing information.

When you use the RelayOne platform, we collect usage data including API call metadata, policy evaluation logs, and feature usage analytics. We do not store the content of AI prompts or responses that pass through the gateway unless you explicitly enable content logging in your organization settings.

We also collect standard technical information such as IP addresses, browser type, and device information through server logs and analytics.

We use your information to operate and improve the RelayOne platform, including:

- Providing and maintaining the governance gateway, policy engine, and audit trail - Processing transactions and sending related information - Sending technical notices, updates, and security alerts - Responding to your requests and providing customer support - Monitoring and analyzing usage patterns to improve our services - Detecting, investigating, and preventing fraudulent or unauthorized activity

Account information is retained for as long as your account is active or as needed to provide services. When you delete your account, we remove your personal information within 30 days, except where retention is required by law.

Audit trail data is retained according to your plan: 30 days for Starter, 1 year for Pro, and configurable (up to 10+ years) for Enterprise. You can export your audit data at any time before deletion.

We do not sell your personal information. We share information only in the following circumstances:

- With service providers who assist in operating our platform (cloud hosting, payment processing, email delivery), under strict data processing agreements - When required by law, subpoena, or government request - To protect the rights, property, or safety of RelayOne, our users, or the public - With your consent or at your direction

We implement industry-standard security measures to protect your information, including encryption at rest (AES-256) and in transit (TLS 1.3), multi-tenant isolation, role-based access controls, and regular third-party security audits. For more details, see our Security page.

RelayOne processes data in the United States by default. Pro plans support EU data residency, and Enterprise plans support all regions with configurable data residency policies. International transfers are governed by Standard Contractual Clauses (SCCs) or other approved transfer mechanisms.

Depending on your jurisdiction, you may have the right to access, correct, delete, or export your personal information. You may also have the right to object to or restrict certain processing activities. To exercise any of these rights, contact us at [email protected].

For EU residents, we act as a data processor for AI interaction data that passes through the gateway and as a data controller for account and billing information.

We use essential cookies for authentication and session management. We use analytics cookies to understand how our platform is used. You can control cookie preferences through your browser settings. Our platform does not use third-party advertising cookies.

We may update this privacy policy from time to time. We will notify you of material changes by posting a notice on our website or sending you an email. Continued use of the platform after changes constitutes acceptance of the updated policy.

If you have questions about this privacy policy or our data practices, contact us at [email protected] or write to us at RelayOne, Inc.