Privacy Policy

1. Information We Collect

1.1 Account and Customer Information

We collect the following information when you create or use a Relayra account:

• Account Information: Name, email address, phone number, company name, business type, profile settings, and login information
• Payment Information: Billing address, payment method (processed securely by Stripe)
• AI Agent Configuration: Business name, greeting, services, hours, website, common questions, special instructions, contacts, voice selections, call-routing settings, and integration settings
• Communication Data: Call recordings, voicemail recordings, transcripts, summaries, notes, caller/called numbers, call duration, timestamps, call events, and related metadata
• Integration Data: Calendar, booking, webhook, notification, and connected-account data you choose to configure
• Usage Data: How you interact with our service, features used, setup progress, performance metrics, diagnostics, and support history

1.2 Technical Information

We automatically collect:

• Device Information: IP address, browser type, operating system
• Usage Analytics: Pages visited, features used, session duration
• Performance Data: Response times, error logs, system metrics
• Cookies and Tracking: Session cookies, preference settings, analytics cookies

2. How We Use Your Information

2.1 Service Delivery

• Provide AI-powered phone receptionist services
• Answer, route, record, transcribe, summarize, and analyze calls and voicemails
• Generate call notes, summaries, transcripts, recordings, notifications, and customer-facing insights
• Power AI agent behavior using the business information and instructions you provide
• Operate booking, calendar, webhook, SMS, email, and other integrations you enable
• Manage your account and billing

2.2 Communication

• Send service notifications and updates
• Provide customer support
• Share important service changes
• Send marketing communications (with your consent)

2.3 Service Improvement

• Analyze usage patterns, call outcomes, transcripts, summaries, and metadata to improve our AI and product experience
• Evaluate AI agent performance, prompt quality, call quality, latency, routing behavior, and transcription quality
• Develop new features and capabilities
• Optimize service performance
• Conduct research and analytics, including aggregated or de-identified analysis where practical

2.4 Human Review and Automated Analysis

Authorized Relayra personnel and automated systems may review or analyze call recordings, transcripts, summaries, notes, metadata, and account configuration for legitimate business purposes, including:

• Providing and improving the Service
• Customer support and troubleshooting
• Quality assurance, training, and product improvement
• Safety, security, fraud prevention, and abuse prevention
• Diagnosing outages, call failures, transcription issues, or AI behavior problems
• Creating insights, summaries, analytics, or workflow outputs for the customer account

We restrict access to authorized personnel with a business need. We do not sell call recordings, transcripts, or call content.

2.5 AI Processing

Relayra uses AI systems and service providers to process speech, generate AI responses, summarize calls, create transcripts, classify call outcomes, and improve service quality. Unless separately disclosed or agreed, Relayra does not use customer call content to train third-party foundation models.

3. Information Sharing

3.1 Third-Party Services

We share data with trusted third parties to provide our service:

• Twilio: Phone call processing and routing
• Deepgram: Speech-to-text and AI processing
• Stripe: Payment processing and billing
• AWS S3: Secure data storage

These providers process information on our behalf so we can operate Relayra. They may process call audio, transcripts, metadata, account information, or payment information depending on the service they provide.

3.2 Subprocessors and Service Providers

• We may use additional subprocessors and infrastructure providers to operate Relayra
• We require providers processing personal data on our behalf to follow contractual data protection obligations
• Our providers and subprocessors may change over time as our service evolves
• Where required by law, we implement appropriate transfer safeguards for cross-border processing

3.3 No Sale of Call Content

We do not sell call recordings, transcripts, summaries, or call content. We may use aggregated, de-identified, or anonymized information to understand and improve the Service.

3.4 Legal Requirements

We may disclose information when required by law or to:

• Comply with legal obligations
• Protect our rights and property
• Prevent fraud or abuse
• Ensure user safety

4. Data Security

4.1 Security Measures

• Encryption: All data encrypted in transit and at rest
• Access Controls: Access restricted to authorized users and personnel with a business need
• Monitoring: Continuous security monitoring and logging
• Backups: Regular, encrypted backups of your data

4.2 Data Retention

• Call Recordings and Transcripts: Stored for up to 7 years for service continuity, customer access, legal compliance, dispute resolution, and operational needs unless deleted earlier under applicable policy or law
• Account Data: Retained while your account is active
• Billing and Transaction Data: Retained as needed for tax, accounting, legal, and compliance obligations
• Analytics Data: Aggregated, de-identified, or anonymized data may be retained for product analytics and improvement
• Deleted Data: Permanently removed within 30 days, subject to legal, security, and backup retention requirements

5. Customer Responsibilities for Call Compliance

Relayra customers are responsible for compliance with applicable call recording, monitoring, transcription, AI disclosure, privacy, and consent laws in the jurisdictions where they operate and where their callers are located. This includes providing legally required caller notices and obtaining required consent before recording, transcription, AI analysis, or monitoring when applicable.

Relayra currently uses a universal recording, transcription, and AI-analysis disclosure before live call handling as a safer default. That disclosure does not replace each customer's obligation to confirm the policy fits their business, callers, and jurisdiction.

Customers should not use Relayra for highly regulated or sensitive communications unless they have confirmed their legal, compliance, and contractual obligations.

6. Your Rights (GDPR)

5.1 Data Subject Rights

Under GDPR, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate personal data
• Erasure: Request deletion of your personal data
• Portability: Export your data in a machine-readable format
• Restriction: Limit how we process your data
• Objection: Object to certain types of processing

5.2 Exercising Your Rights

To exercise your rights, you can:

• Use our self-service tools in your account settings
• Email us at [email protected]
• Contact our Data Protection Officer

7. Cookies and Tracking

6.1 Types of Cookies

• Essential Cookies: Required for basic functionality
• Analytics Cookies: Help us understand usage patterns
• Preference Cookies: Remember your settings
• Marketing Cookies: Used for targeted advertising (with consent)

6.2 Cookie Management

You can manage cookies through:

• Your browser settings
• Our cookie consent banner
• Account privacy settings

8. International Transfers

Your data may be transferred to and processed in countries outside the EU/EEA. We ensure adequate protection through:

• Standard Contractual Clauses (SCCs)
• Adequacy decisions by the European Commission
• Certification schemes and codes of conduct

9. Children's Privacy

Relayra is not intended for children under 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Email notification
• In-app notification
• Posting the updated policy on our website

11. Contact Information