Built to be auditable.

Data residency

Pick a region at workspace creation. Session data, AI inference inputs, and backups are pinned to that region for the life of the workspace. No cross-region replication.

• United States — us-central1 (Iowa)
• European Union — europe-west4 (Netherlands)
• Asia-Pacific (Mumbai, alpha) — asia-south1
• On-prem / VPC-isolated — available on request for enterprise pilots

How PII is handled

1. Tier 1 — local regex on every keystroke. 12-category regex + Luhn validator runs in the browser SDK before any DOM mutation leaves the page. Detects credit cards, SSNs, phone numbers, emails, IBANs, JWTs, and similar.
2. Tier 2 — page-context heuristics. Input elements with autocomplete="cc-number" / "new-password" / "current-password" + type="password" are redacted to *** before serialisation.
3. Tier 3 — on-device GLiNER (extension). When the Relyv browser extension is installed, an ONNX/WebGPU GLiNER model performs a contextual entity scan against the page text before the SDK uploads. Adds √30 additional categories; never leaves the browser tab.

Mobile SDKs apply Tier 1 + 2 only. Tier 3 lands when Apple Neural Engine / Android NNAPI integration ships in beta.

Vulnerability disclosure

Report security issues to security@relyv.ai. We accept good-faith research under our safe harbor policy and triage every report within 1 business day.

• Out of scope: theoretical risks without proof of concept; SPF / DKIM / DMARC nags; clickjacking on pages without auth-state changes.
• In scope: anything that exposes a workspace's session data, bypasses RBAC, or escalates a member to higher privilege.
• Bounty range: $250 (low) to $10,000 (critical). Hall of fame on /security/hall-of-fame.

Sub-processors

The full list lives on the /legal/subprocessors page. The most significant ones, for the curious:

• Google Cloud (GCP) — compute, storage, Pub/Sub, Cloud Run. US + EU regions only.
• MongoDB Atlas — operational database. Region-pinned per workspace.
• Anthropic — opt-in cloud LLM inference for AI session summary (SDK-only customers). EU workspaces use the EU-DPF endpoint.
• Stripe — billing only. No customer session data touches Stripe.
• Sendgrid — transactional email (invites, billing receipts).

Live status

Current platform health, uptime over the last 90 days, and the public incident timeline: status.relyv.ai

Subscribe via email or webhook for incident-start / -resolved alerts.

SLA

• Free / Starter — best effort, no credit schedule
• Pro — 99.5 % monthly uptime, 5 % credit per 1 % below
• Business / Enterprise — 99.9 % monthly uptime, 10 % credit per 0.1 % below; full SLA terms in your MSA

Uptime is measured against the public /_ping health check + ingestion success rate; published on the status page above.

Data Processing Agreement

The current Relyv DPA is signable and download-ready — no sales call required.

• Read the DPA (2026-Q2 revision)
• Sign DPA via DocuSign — counter-signed within 1 business day.
• Custom MSA / DPA edits: email legal@relyv.ai.

Right to erasure / DSAR

As a data subject under GDPR / CCPA you can ask Relyv to confirm, export, or delete the personal data we hold. Two paths:

• Self-serve — sign in and use the Account → Privacy panel. Confirmation email arrives within 5 minutes; full erasure completes within 30 days.
• Email path — write to privacy@relyv.ai with your account email and the data you want exported or erased.
• For end-users of a Relyv customer (i.e. someone whose session was captured): contact the customer first; if they cannot help, email us and we'll escalate.