Privacy Policy

To provide our cross-AI context synchronization features, we collect the following types of information:

Account & Authentication Data: When you sign in with Google, we receive your name, email address, and profile picture via Google OAuth. We securely handle authentication tokens but do not store your Google password.

Website Content: When the Relay Chrome extension is active, connected, and capture is explicitly enabled by you, we capture and store the full text content of your AI chat sessions on supported platforms (ChatGPT, Claude, Gemini, Grok, Codex, Perplexity, and DeepSeek). This includes your messages, the AI's responses, and associated HTML markup from the chat interface.

Derived Data: Relay processes your captured chats to generate project summaries, decisions, open tasks, constraints, and session digests. These derived items are stored alongside your original chat content.

Project Data: Project names, descriptions, objectives, and configurations you create within Relay.

Extension Data: Device tokens, connection status, and extension preferences stored locally in your browser via Chrome storage APIs.

Usage & Analytics Data: We collect privacy-respecting analytics to understand how you interact with the Service and to improve it. This includes: page views and navigation paths; feature usage events (e.g., project creation, extension connection, MCP tool calls, digest generation); session and activation milestones; error events and exception traces; browser type, OS, and approximate geographic region (country-level); and extension version. Analytics are collected via PostHog and are associated with a randomly generated anonymous ID until you sign in, at which point they are linked to your user account. Analytics tracking is enabled by default across the web dashboard, browser extension, and MCP server. To opt out or request deletion of your analytics data, contact support@onrelay.app.

We use the data we collect exclusively for the core functionality of the Relay service:

• Maintaining project canon (stable truth) and context packets from your chat history and MCP interactions
• Generating tentative updates that may be promoted to canon after review or automatic confidence checks — you can lock any canon entry to prevent automatic changes
• Enabling context insertion into new AI chat sessions
• Displaying your project dashboard, activity feed, and saved context
• Demoting or archiving raw memory items once they are covered by canon or summary snapshots — demoted items are retained for provenance and historical queries, not deleted
• Authenticating your identity and managing your session
• Improving service reliability and diagnosing failures

We do not sell, rent, or share your data with third parties for advertising or marketing purposes.

We take data protection seriously and implement robust measures to secure your information:

Storage Location: Your data is stored in a Neon PostgreSQL database with encryption at rest and in transit, hosted in a secure cloud environment.

Local Storage: Certain data, such as your immediate extension state and local preferences, is stored locally on your device within Chrome's storage mechanisms.

Encryption: All data transmitted between your browser and our servers is encrypted using industry-standard protocols (HTTPS/TLS). We use secure session management via httpOnly cookies and scoped device tokens for extension authentication.

We do not sell your personal data or chat content to third parties. We only share data with trusted third-party service providers under strict confidentiality to operate the Service:

• Infrastructure Providers: We share necessary data with our hosting and database providers (Neon, Vercel) solely to run the application securely.
• Analytics Provider: We use PostHog (posthog.com) for privacy-respecting, aggregated usage analytics and error tracking. Data sent to PostHog includes usage events, error traces, browser/OS metadata, and approximate location. Analytics data does not include captured chat content or AI responses. PostHog processes this data on our behalf under a data processing agreement; see PostHog's privacy policy at posthog.com/privacy for details.
• Authentication Provider: Google OAuth is used for sign-in. We do not control Google's privacy practices.

We are not responsible for the privacy practices of the AI tools you use (such as ChatGPT, Claude, Gemini, Grok, Codex, Perplexity, and DeepSeek). We recommend reviewing their respective privacy policies.

Relay's use and transfer to any other app of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements:

• We do not use or transfer your data for serving personalized, retargeted, or interest-based advertisements.
• We do not use or transfer your data to determine creditworthiness or for lending purposes.
• We only use the data to provide or improve our single-purpose features.

Depending on your location (e.g., under GDPR or CCPA), you have the right to:

• Access: Request a copy of the personal data we hold about you (also available via the dashboard and project detail pages).
• Delete: Delete your data at any time (via Settings), or request complete deletion by contacting us.
• Revoke Access: Disconnect the Chrome extension at any time, which stops all data capture immediately.
• Opt Out of Analytics: Contact us to opt out of analytics tracking or to request deletion of your analytics data held by PostHog.

To exercise any of these rights, contact us at support@onrelay.app. We will respond to your request within 30 days.