Privacy Policy

Who we are

Relay is operated by Ai5labs Research OPC Pvt Ltd (India). When you sign up, log in, or route requests through the hosted router, your data is handled as described below.

Data flow when you use the hosted router

This is the most important section for enterprise customers. When your application makes a routing request, the SDK posts to https://router.relay.ai5labs.com/v1/route with:

• The user prompt (last user message from the conversation). Required for classification.
• The candidate model alias list (or, if your API key has an allowed_models whitelist, the slugs from the dashboard).
• Routing constraints (budget tier, needs, exclude/prefer lists) — derived from your code.
• Your API key (Bearer token; matched against a SHA-256 hash in our database).

The router then forwards the prompt and candidate metadata to a classifier LLM (currently OpenAI gpt-4o-mini) which picks the best alias. The router returns that alias to your SDK.

The actual LLM completion runs in your process, using your own API keys. We never see the completion text, tool call results, or your API keys.

What is stored, and for how long

• Account: email, optional name + company. Kept while your account is active.
• API keys: SHA-256 hash only (the raw key is never persisted). Plus name, creation/last-used timestamps, optional model whitelist.
• Route logs: one row per call (timestamp, chosen alias, classified intent, confidence, latency). Not the prompt itself. Used for quota + billing. Retained 90 days.
• Billing: subscription status, prepaid credit balance, redacted payment metadata. Retained 7 years (financial records).
• Audit log: API key create/revoke/edit events with IP and user agent. Retained 1 year.
• Server logs: IP, user agent, timestamps. Retained 30 days.

What we do NOT store

• Your prompts. The classifier processes them in-memory and forwards to OpenAI for classification only.
• The LLM completion text returned by the upstream model.
• Your API keys..
• Tool-call inputs or outputs in your application.
• Conversation history beyond the single last user message forwarded to the classifier per route call.

Data sub-processors

• Supabase — Postgres + auth (region: configured per deployment)
• Vercel — marketing site + dashboard hosting (global edge)
• Fly.io — router service hosting
• OpenAI — classifier LLM (receives the per-call prompt + candidate metadata, no persistent storage on our side)
• Dodo Payments — merchant-of-record for subscription + credit purchases (receives billing email, address, payment method)
• Resend / Supabase Email — transactional email (magic links, receipts)

Enterprise customers can request a DPA, sub-processor list with contact addresses, and SCC (standard contractual clauses) by emailing legal@ai5labs.com.

Your rights

Under GDPR (EU), DPDP (India), CCPA (California), and similar regimes you have rights to access, export, correct, delete, or restrict processing of your data. Email privacy@ai5labs.com and we will respond within 30 days. Account deletion via the dashboard cascades to remove all profile, key, and billing rows; route_logs are anonymised within 24 hours.

Security

• TLS 1.2+ on every endpoint.
• API keys hashed (SHA-256) at rest.
• Database encrypted at rest (Supabase-managed).
• Row-level security with column-level grants on billing fields — users cannot self-promote subscriptions or balances.
• Webhook signatures verified via the Standard Webhooks spec (HMAC-SHA256, 5-min replay window).
• Audit log for API-key lifecycle events.