Trust center
Trust.
The operational face of Relay: who touches your data, what we commit to on uptime, how incidents are communicated, and where to report a security issue.
Subprocessors
Relay shares data with the subprocessors below strictly to deliver the Service. Each operates under a data processing agreement. We will notify account owners at least 30 days before adding a new subprocessor with materially different access.
| Vendor | Role | Data | Region |
|---|---|---|---|
| Neon | Managed Postgres | All persistent application data at rest | US |
| Vercel | Application hosting + edge network | Compute, request logs, built artifacts, env vars | US |
| Resend | Outbound transactional email | Email addresses, OTP codes, confirmation links | US |
| SendGrid | Inbound email parsing | Raw inbound email headers + body | US |
| Stripe | Billing (integrator subscriptions + overage) | Customer records, card numbers, invoices | US |
| Sentry | Error and performance monitoring | Stack traces, request metadata (PII-redacted) | US |
Reliability
We target 99.5% monthly availability on the Builder, Starter, and Growth tiers and 99.9% on the Scale tier. Enterprise customers can contract to 99.95%. Availability excludes scheduled maintenance windows announced in advance via email. Scale tenants also get the internal-latency benchmark probe run against their deployment every 5 minutes.
Incident response
For severity-1 incidents (data exposure, broad authentication bypass, total service outage) we aim for an initial customer-facing acknowledgment within 1 hour and a written post-incident report within 7 days. Public status for major incidents is emailed to account owners and posted on /trust.
Security contact
Report vulnerabilities to security@cumulush.com. Please do not include exploit details in the subject line. PGP key available on request; see the repo's SECURITY.md for the full disclosure policy.
Changelog
We publish a user-visible changelog in the repo's CHANGELOG.md.