Privacy

Privacy Policy

Effective date: March 7, 2026

This Privacy Policy applies to both organizations that subscribe to RelayClear and individuals who submit messages through the service ("Submitters"). RelayClear is designed to protect submitter privacy. We operate a one-way anonymous feedback service and deliberately minimize data collection. This policy explains how we handle information in compliance with Canadian privacy law (PIPEDA).

Who we are

RelayClear is operated from British Columbia, Canada. For privacy-related inquiries, contact us at support@relayclear.com.

Information we collect

For Organizations:

  • Organization name and contact information
  • Billing contact email address
  • Destination email address(es) for receiving submissions
  • Payment information (processed securely through Stripe)

For Submitters:

  • Tracking token metadata (delivery status, scheduled delivery time, expiration date)
  • Access code validation data (to confirm a valid organization)
  • A truncated SHA-256 hash derived from the submitter's IP address is used for abuse prevention and rate limiting

Infrastructure and security data

  • RelayClear uses Cloudflare to operate the service. Cloudflare may process standard web request data (for example, IP address and user agent) for performance, analytics, and security. Cloudflare request log retention is currently up to 24 hours.
  • On pages where analytics is enabled, RelayClear uses Microsoft Clarity to understand page usage and improve the site experience. Clarity is not loaded on /submit, and the Stripe payment column on /subscribe is masked from Clarity capture.

Information we do NOT intentionally collect

  • Submitter accounts, profiles, or direct identity fields (for example, name, email, phone)
  • Persistent device identifiers or browser fingerprinting by RelayClear

Note: Even if RelayClear does not request identity fields, your message content may include details that can identify you.

Information we do not intentionally retain beyond short periods

We design RelayClear to minimize retention of submitter data. In particular:

  • Submission content (RelayClear systems): stored in isolated, encrypted storage only until the email is sent (at maximum within 24 hours), then deleted from RelayClear systems. Never stored in the main database.
  • Submission content (email delivery provider): may be retained by our email delivery provider for up to 24 hours as part of delivery processing and troubleshooting.
  • Raw submitter IP addresses: RelayClear does not store raw IP addresses in its database. We derive a truncated SHA-256 hash from the IP address for abuse prevention and store only the hash for up to 30 days.
  • Cloudflare request logs (including IP address): Cloudflare may process and retain IP addresses in access logs for performance, analytics, and security for up to 24 hours.

How we use information

We use collected information only for:

  • Operating the relay service (scheduling and delivering submissions)
  • Billing and account management for organizations
  • Providing delivery status through tracking links
  • Communicating with organizations about their account
  • Preventing abuse and ensuring service security

How submissions are handled

When a submission is received, RelayClear validates the access code, verifies bot protection, applies rate limits, and creates a tracking token. Submission content is stored only in isolated, encrypted storage while queued for delivery (up to 24 hours). After delivery (or final failure), the submission content is immediately deleted via automated cleanup and cannot be recovered. RelayClear stores tracking metadata (for example, delivery status, scheduled time, the receiving organization, and an IP-derived hash used for abuse prevention) for up to 30 days to support the tracking link, then automatically deletes it.

Third-party services

RelayClear uses third-party service providers to operate the service. These providers may process data according to their own privacy policies:

  • Cloudflare: Provides CDN, DDoS protection, and platform services. Cloudflare may process request logs including IP addresses for performance, analytics, and security. Current IP log retention is up to 24 hours. See Cloudflare's privacy policy at Cloudflare privacy policy.
  • Cloudflare Turnstile: Bot detection service used on submission and subscription forms. Minimal browser data is processed.
  • Microsoft Clarity: Usage analytics for public pages where enabled. Clarity may process interaction data, page URLs, browser metadata, and IP address according to Microsoft's privacy terms. RelayClear does not load Clarity on /submit, and masks the Stripe payment area on /subscribe.
  • Email validation provider: Validates organization email addresses during subscription setup to ensure deliverability. Email addresses are validated but not stored by the provider.
  • Email delivery provider: Sends submissions to organization destination addresses. Provider may retain message data for up to 24 hours as part of delivery processing and troubleshooting, and may process email metadata (sender, recipient, timestamp).
  • Stripe: Payment processing. Stripe handles all payment card information. RelayClear does not access or store payment card details.

For a complete list of current third-party service providers and their privacy policies, contact us at support@relayclear.com.

Data retention

  • Submission content (RelayClear systems): stored only in isolated, encrypted storage while queued for delivery (up to 24 hours), then deleted after delivery or final failure.
  • Submission content (Email delivery provider): May be retained for up to 24 hours as part of delivery processing.
  • Cloudflare request logs (including IP) Retained for up to 24 hours for performance, analytics, and security.
  • Tracking metadata (including IP-derived hash): Retained for 30 days, then automatically deleted.
  • Organization account data: Retained while account is active and for 7 years after cancellation for accounting and legal purposes.

Data location and transfers

RelayClear is hosted on cloud infrastructure which may process data in Canada, the United States, or other jurisdictions where our service providers operate. By using RelayClear, you consent to this cross-border data transfer. We use reputable service providers that maintain appropriate security safeguards.

Your rights

For Organizations: You have the right to access, correct, or delete your account information. Contact support@relayclear.com to exercise these rights.

For Submitters: RelayClear does not require submitters to provide direct identity fields (for example, name, email, phone). However, we may have limited operational data associated with a submission (for example, tracking metadata and an IP-derived hash used for abuse prevention) and our service providers may process short-lived request logs (for example, IP address) as described above.

Security

We implement multiple layers of security to protect your data:

  • Encryption in transit: All communications use HTTPS/TLS encryption
  • Encryption at rest: All database data is encrypted at rest on Cloudflare's infrastructure, which provides encryption at rest as part of Cloudflare's platform controls.
  • Field-level encryption: Sensitive fields (email addresses, payment identifiers) are encrypted in the database using AES-256-GCM.
  • Limited data retention: Tracking metadata expires after 30 days.

However, no system is completely secure. Organizations are responsible for securing access to their destination email addresses.

Legal disclosure

RelayClear may disclose information if required by law, court order, or government request. Depending on the request, this may include limited operational records such as organization account data, tracking metadata, and infrastructure logs processed by our providers. RelayClear is designed to minimize submitter-identifying data and does not require submitters to provide direct identity fields.

Changes to this policy

We may update this policy from time to time. Material changes will be posted with an updated effective date. Organizations will be notified of significant changes via their contact email.

Contact us

For privacy questions, concerns, or to exercise your rights, contact us at support@relayclear.com.