Privacy Policy

ProxyStacks operates Relay and is responsible for the personal data described in this policy. Privacy questions and requests can be sent to [email protected].

Creem separately acts as merchant of record for purchases and processes checkout, tax, invoice, and payment data under its own privacy notice.

• Account information: name, email address, profile image, account identifiers, and sign-in provider details.
• API content: prompts, messages, tool inputs, attachments, and model responses needed to complete API requests.
• Usage and diagnostic data: API key prefix, request ID, model, provider, token counts, cost, latency, status, errors, timestamps, device, and network data.
• Billing references: plan, subscription status, renewal dates, balance transactions, and identifiers returned by Creem. We do not receive full card details.
• Support communications: messages, attachments, and account or request details you provide when asking for help.

• Provide authentication, API routing, model responses, usage records, billing, and customer support.
• Measure token usage, deduct credits, detect errors, secure accounts, and prevent fraud or abuse.
• Maintain and improve reliability, compatibility, and product performance.
• Comply with legal obligations and enforce our Terms and Acceptable Use Policy.
• Send essential service, security, billing, and policy notices.

Relay must send API request content to the model provider selected or routed for your request. That provider processes the content under its own terms, privacy policy, and data controls. Provider availability can change, and the provider used for a request is recorded in your usage logs when available.

Standard Relay usage logs are designed to record billing and diagnostic metadata rather than the full prompt and response. Request content may still be processed transiently, retained by an upstream provider, or preserved when reasonably necessary for security, abuse investigation, support you request, or legal compliance.

We use essential cookies to keep you signed in, protect authentication flows, and remember language preferences. These are needed for the service to work. We do not currently use third-party advertising cookies.

We share information only as needed with service providers that help operate Relay, including:

• Google for optional account authentication;
• the AI model provider handling a request;
• hosting, database, network, monitoring, and security vendors;
• Creem for checkout, subscriptions, tax, invoices, refunds, and fraud prevention;
• professional advisers, authorities, or other parties when required by law or needed to protect rights and safety.

We do not sell personal information or share it for cross-context behavioral advertising.

We retain account data while your account is active and for a reasonable period afterward. Billing and transaction records are kept as required for tax, accounting, fraud prevention, and dispute handling. Usage and security logs are kept only as long as reasonably necessary for billing, reliability, security, and legal obligations. Support messages are retained while needed to resolve the issue and maintain an appropriate business record.

We use administrative and technical safeguards appropriate to the service. Relay stores API keys as one-way hashes and shows the full key only when it is created. No online service can guarantee absolute security, so you should protect your account, rotate exposed keys, and avoid sending information a model provider does not need.

Relay and its providers may process information in countries other than yours. Where required, we use appropriate contractual or legal safeguards for international transfers.

Depending on where you live, you may have rights to access, correct, delete, restrict, object to, or receive a copy of your personal data, and to withdraw consent where processing is based on consent. You may also lodge a complaint with your local data protection authority. To make a request, email us from the address connected to your Relay account.

Relay is not directed to children under 13, and we do not knowingly collect their personal data. We may update this policy as Relay or legal requirements change. The effective date above shows when the current version began to apply.