Home › Legal › Privacy Policy

Privacy Policy

Effective May 5, 2026 · Version 1.0

1. Who we are

Relayly is operated by Aabhyasa ("we", "us"), an email-infrastructure provider with egress in EU (Gravelines, France) and Canada (Beauharnois). For GDPR purposes we are a data processor when handling messages on behalf of our customers, and a controller for the personal data customers create when signing up.

2. What we collect

Account data

• Email address, account name, hashed password (Argon2id).
• IP address + user-agent at signup, login, and sensitive actions (audit log, retained 365 days).
• Optional: payment-method metadata via Stripe (we never see card numbers).

Sending data

• Emails you send (envelope, headers, body) are stored for up to 90 days for delivery, debugging, and your own log search. After that, message bodies are deleted; aggregate stats are retained.
• Recipient addresses are stored as part of the message and on suppression lists when applicable.

Cookies + site analytics

• Strictly-necessary session cookie for the dashboard.
• If you opt in via the cookie banner: anonymous analytics (visit count, page).

3. Lawful bases (GDPR Article 6)

• Contract — to operate the service you've subscribed to.
• Legitimate interest — for fraud, abuse, and security.
• Consent — for non-essential analytics; revocable any time.

4. International transfers

EU customers' data stays in EU egress unless they explicitly select Canada. Cross-border transfers use the EU SCCs 2021, UK IDTA addendum, and Swiss DPA where applicable.

5. Your rights

Access (Art 15), rectification (Art 16), erasure (Art 17), portability (Art 20), restriction (Art 18), and objection (Art 21). Use the dashboard's Account → Export and Account → Delete actions, or email privacy@relayly.io.

6. Sub-processors

We use the sub-processors listed at relayly.io/sub-processors. Subscribe via that page for change notifications.

7. Security

Encryption at rest (AES-256) and in transit (TLS 1.2+). Argon2id for passwords. Optional MFA. See Security.

8. Contact

Privacy: privacy@relayly.io. DPO inquiries: dpo@relayly.io. Postal address available on request.