Privacy Policy
Last updated: 4 July 2026
This Privacy Policy explains what data Relay collects, why, and what choices you have. It applies to the Relay desktop app and related services (the "Service"). We aim to collect as little as we need to run Relay.
Relay is operated by Relay Server Hosting ("Relay", "we", "us"), the data controller responsible for the personal data described in this policy. You can reach us about privacy at [email protected].
1. What we collect
Account information
- Username — how you and your friends identify each other.
- Email address — for verification, password resets, security, and account-related messages. You must verify it before using Relay.
- Password — stored only as a salted hash; we never store your password in plain text and can't see it.
- Age confirmation — at sign-up we ask you to confirm you're old enough to use Relay (see "Children"). We don't collect your date of birth.
Server and world data
- World data and plugins you and your group upload, stored in cloud object storage so hosting can pass between members.
- Server metadata — server names, membership, roles, invites, and which member is currently hosting.
- Connection details while hosting — when you host, your server's current connection address (your IP and port, or your assigned Relay tunnel address) is shared with that server's members so they can join. It's cleared when you stop hosting.
Payment information
- If you buy an upgrade or extra server, our payment processor collects and handles your card details. We never receive or store your full card number. We keep only what's needed to manage your plan — your subscription status and the processor's customer/subscription identifiers.
Operational data
- Basic logs needed to operate and secure the Service (for example, timestamps and error information).
- Storage usage totals, so we can enforce plan limits.
We do not sell your data, and we don't use it for advertising.
2. How we use your data
- To operate the Service — store and sync worlds, manage servers, and hand hosting between members.
- To verify your email and secure your account.
- To process payments and manage your plan.
- To send important account or Service notices.
- To enforce storage limits and these terms, and to prevent abuse.
- To diagnose problems and improve reliability.
Legal bases (EEA & UK users)
If you're in the EEA or UK, we rely on these GDPR/UK-GDPR legal bases:
- Performance of a contract (Art. 6(1)(b)) — to create and operate your account, store and sync your worlds, manage servers and memberships, process payments, and share a host's current connection address with that server's members so they can join.
- Legitimate interests (Art. 6(1)(f)) — to keep the Service secure, retain operational logs, prevent abuse and fraud, and enforce plan and storage limits. You can object to this processing (see "Your choices and rights").
- Consent (Art. 6(1)(a)) — where we ask for it separately, such as optional marketing email. You can withdraw consent at any time.
- Legal obligation (Art. 6(1)(c)) — to keep the limited records the law requires us to retain (for example, financial records).
3. Service providers
We use a small number of third parties to run Relay, including:
- Cloud object storage to hold world and plugin data.
- An email provider to send verification and account emails.
- Hosting/tunnel infrastructure used to connect players to a host's server.
- A payment processor to handle upgrade and extra-server payments, including recurring monthly billing.
These providers process data only to provide their service to us, under contracts that require them to protect it and process it solely on our instructions. If you buy an upgrade or extra server, our payment processor handles your card details — we don't store your full card information ourselves. We keep only what's needed to manage your plan, such as your subscription status and the processor's customer/subscription identifiers. We can provide the current list of the specific providers we use on request — email [email protected].
4. Your choices and rights
- Access, correction, deletion & more — you can delete your account from the app at any time. Deletion is a 30-day soft-delete: your account and associated data are retained for 30 days (so you can recover them by contacting us within that window), then permanently removed. Depending on where you live (for example, under GDPR/UK-GDPR or CCPA/CPRA), you may also have the right to access a copy of your data, correct it, delete it, restrict or object to certain processing, request portability of the data you gave us, and — where we rely on consent — withdraw that consent. We won't discriminate against you for exercising these rights.
- Email — account and security emails are necessary to use the Service, so they aren't optional, but we keep them to a minimum. Marketing email is opt-in and you can turn it off at any time.
- World data — server admins control their group's worlds and can remove them.
To make a request, email us at [email protected]. We may need to verify your identity first, and we'll respond within the time the law requires (generally within 30 days under GDPR/UK-GDPR, or 45 days under CCPA/CPRA). You also have the right to complain to your data-protection authority — in the UK the ICO, in the EEA your national supervisory authority — though we'd appreciate the chance to put things right first.
5. Data retention
We keep your data while your account is active. Deleting a server or your account is a 30-day soft-delete: the data (your servers, world storage, friends, and settings) is retained for 30 days and can be recovered during that window, after which it is permanently purged, except where we must keep limited records for legal, security, or fraud-prevention reasons. Backups may persist for a short period before being overwritten. Typical retention periods:
- Account & world data — kept while your account is active; a 30-day recovery window after deletion, then purged.
- Host connection address — held only while you're hosting; cleared when you stop.
- Operational & security logs — kept for a limited period (typically up to 90 days), longer only where needed to investigate a specific security or legal matter.
- Billing records — your subscription status and the processor's customer/subscription identifiers are kept while you hold a paid plan and afterwards for as long as we're required to retain financial records (commonly 6–7 years, depending on jurisdiction).
6. Security
We use reasonable technical and organisational measures to protect your data, including hashed passwords and access controls. No system is perfectly secure, so we can't guarantee absolute security, but we work to protect your information and to limit what we collect. If a breach affecting your personal data occurs, we'll notify affected users and any relevant authority where the law requires it, without undue delay.
7. Children
You must be at least 13 — or the higher minimum age of digital consent in your country — to use Relay, and we ask you to confirm this when you sign up. Relay isn't directed at children under 13, and we don't knowingly collect personal data from them. If you're a parent or guardian and believe a child under 13 has given us personal data, contact us at [email protected] and we'll delete it. Because Relay servers are private and invite-only, the group admins who send invites are responsible for who joins their server.
8. International users
Relay may store and process data in countries other than where you live, including the United States. Where we transfer personal data out of the EEA or UK, we rely on an appropriate safeguard — such as the European Commission's Standard Contractual Clauses (with the UK Addendum where relevant), or a transfer to a country covered by an adequacy decision — so your data keeps a comparable level of protection. You can ask us for more detail at [email protected].
9. Your California privacy rights
If you're a California resident, the CCPA/CPRA gives you the right to know what personal information we collect and why, to access and delete it, to correct inaccuracies, and not to be discriminated against for exercising these rights. In the past 12 months we've collected the categories described in "What we collect" — identifiers such as username and email, account credentials stored as a hashed password, the content you upload, commercial information such as your plan and subscription status, and internet/network activity such as logs and connection details — used them for the purposes in "How we use your data", and disclosed them only to the service providers listed in "Service providers". We do not sell or share your personal information as those terms are defined under the CPRA, and we don't process it for cross-context behavioural advertising. To exercise your rights, email [email protected]; you may use an authorised agent, and we'll verify your request before acting on it.
10. Changes to this policy
We may update this Privacy Policy from time to time. We'll update the date above and, for material changes, notify you in the app or by email where appropriate.
11. Contact
Relay is operated by Relay Server Hosting, the data controller. Questions about your privacy or this policy? Email [email protected].