← Relay

Privacy Policy

Last updated 12 July 2026

Relay is a desktop application that operates your web browser on your behalf. To do that it has to see the pages you point it at. This policy explains exactly what leaves your computer, where it goes, and what we keep — in plain terms, because a policy you can’t follow is not consent.

Who we are

Relay is operated by Christopher Inegbedion, a sole trader based in the United Kingdom, who is the data controller for the purposes of the UK GDPR. You can reach us at privacy@relaythis.com.

The most important thing to understand

When Relay runs a task, the contents of the pages it is working on are sent to an AI model provider. That includes screenshots of those pages and the text on them, and it may therefore include anything visible while Relay is working — including personal or confidential information on the page.

This is not incidental; it is how the product works. Relay cannot operate a page it cannot see. If a page contains something you would not want sent to a third-party AI provider, do not run Relay on it.

Page content passes through our server and on to the model provider. We do not store the page content, screenshots, or the text of your tasks. We record only what the call cost — the model used, the number of tokens, and the price — so we can meter usage.

What stays on your computer

Most of what Relay knows about you never leaves your machine. It is stored on your own disk (under your Documents folder) and is not uploaded to us:

Deleting that folder deletes that data. We have no copy of it. (The page contents of a task are still sent to the model provider while the task runs, as described above.)

What we collect

What Why Kept for
An installation ID — a random identifier for your copy of Relay. It is not derived from your hardware and says nothing about you or your machine. To attach your account to your installation, apply your usage limit, and let us disable an account if we have to. As long as your account exists.
Usage records — for each AI call: the model, token counts, and cost. Not the content. To meter usage against your monthly limit and to keep the service from being abused. As long as your account exists.
Product analytics — events such as “a task started”, “a task failed”, which onboarding step you reached. Never page content, URLs, or task text. To understand which parts of Relay work and which do not. 12 months.
Crash reports — the type of error and the internal stack trace. Never the error message, which can contain a URL or a file path. To find and fix bugs. 12 months.
Problem reports — only when you press “Report a problem”: what you wrote, plus a recent extract of Relay’s log. API keys, email addresses and your home folder path are removed before it is sent, and you are told the log is attached before you send it. To diagnose the problem you reported. 24 months, or until resolved.
Waitlist — your email address, if you give it to us. To email you an invite. Until you ask us to remove it, or until we stop running a waitlist.
Email we send for you — if you ask Relay to send an email, we record that a message was sent, its subject, and a one-way hash of the recipient. We do not keep the recipient address in readable form or the body of the message. To stop our sending domain being used for spam, which would break email for every user. 12 months.

Who else sees your data

We use a small number of providers. We do not sell your data, and we never will.

Provider What they receive
OpenRouter, and the AI model provider it routes your request to (for example Google or OpenAI) The contents of the pages Relay is working on, and your task text. This is the AI model doing the work.
Cloudflare Hosts our server and database. Sees the requests passing through it.
PostHog (EU infrastructure) Product analytics and crash reports. No page content.
Resend Sends email — invites, notifications, and any email you ask Relay to send.
Twilio Only if you turn on SMS or WhatsApp notifications: your phone number and the message.

Some of these providers operate outside the UK. Where data is transferred abroad, it is done under the safeguards required by UK data protection law, such as the International Data Transfer Agreement or an adequacy decision.

Our lawful bases

Turning analytics off

Set RELAY_TELEMETRY=0 in Relay’s environment file (~/.relay/.env) and restart Relay. Nothing further is sent. Relay works exactly the same.

Your rights

Under the UK GDPR you have the right to access the data we hold about you, to have it corrected, to have it deleted, to restrict or object to how we use it, and to receive a copy in a portable form. Email privacy@relaythis.com and we will respond within one month.

Because your Relay data is stored on your own computer and identified only by a random installation ID, we may need you to tell us that ID (Settings → About) in order to find your records.

If you think we have handled your data badly, you can complain to the Information Commissioner’s Office at ico.org.uk. We would rather you told us first, and gave us the chance to fix it.

Children

Relay is not intended for anyone under 18, and we do not knowingly collect their data.

Changes

If we change this policy in a way that materially affects you, we will tell you in the app before the change takes effect — not only by quietly updating this page.