Security at RelayOS

Last updated: 30 June 2026

RelayOS handles real customer conversations, so security is built into the platform rather than bolted on. This page summarizes the measures in place today.

Encryption

  • At rest — AES-256-GCM with per-tenant keys. Customer message content, attachment references, contact identifiers (Messenger PSID, Instagram-scoped ID, WhatsApp number), knowledge-base content, AI session data, and related personal data are encrypted at the application layer using AES-256-GCM. Each tenant has its own data-encryption key (envelope encryption), and keys carry a version tag to support rotation.
  • In transit — TLS. All traffic to the Service is encrypted with TLS.
  • Searchable fields stay encrypted. Where a field must be searchable, we store a keyed HMAC blind index instead of plaintext, so lookups work without exposing the underlying value.

Tenant isolation

RelayOS is multi-tenant with PostgreSQL row-level security (RLS). Every query runs in a tenant-scoped context, so one business's data cannot be read or written in another business's context — isolation is enforced by the database, not just application code.

Data handling and AI

  • No training on your data. We do not use Customer Data to train our models, and any optional AI provider (Google Gemini, OpenAI, Anthropic) is used under terms that prohibit training on your data.
  • Optional self-hosting of AI. A business can run AI inference on our own infrastructure so that conversation data is never sent to a third-party model provider.
  • Minimal third-party sharing. We do not sell data. Sub-processors are limited to what's needed to run the Service (see the Privacy Policy).

Infrastructure

  • EU data residency. Application and database are hosted with Hetzner Online GmbH in Falkenstein, Germany (EU).
  • Least-privilege access. Administrative access follows least-privilege principles and is audit-logged.
  • Verified encryption-at-rest scope across the platform, including denormalized identifier copies and quarantined webhook payloads, so personal data is not left in plaintext in secondary stores.

Reporting a vulnerability

If you believe you've found a security issue, email privacy@relayos.xyz with details and steps to reproduce. Please give us a reasonable opportunity to address it before any public disclosure.

Roadmap (transparency)

RelayOS is operated by an independent team and is not yet SOC 2 or ISO 27001 certified. We follow the practices above today and will pursue formal certifications as the business grows. We're happy to discuss specific security requirements with enterprise customers — contact privacy@relayos.xyz.