Skip to main content
Legal

Privacy Policy

Last updated: June 12th, 2025/privacy@modernrelay.com

Who We Are

ModernRelay is a trade name of EQTR, Inc., a Delaware C-Corp headquartered in San Francisco, California. The company provides an AI-native knowledge management platform designed for pharmaceutical and life sciences organizations, focusing on global medical affairs teams.

For questions or concerns about your privacy, contact us at: privacy@modernrelay.com

Information We Collect

This policy applies only to data collected and processed by ModernRelay. It does not cover data stored within customer-managed platforms.

2.1 Information You Provide Directly

  • Name
  • Email address
  • Notes, calendar entries, and CRM activity logs

2.2 Automatically Collected Information

  • IP address
  • Device/browser identifiers
  • Usage metadata
  • Timestamps of interactions

2.3 Data via Integrated Platforms

  • Supabase (authentication, database storage)
  • Stripe (payment metadata, invoicing)
  • Vercel (website, backend API hosting, and delivery)
  • PostHog (product analytics and usage metrics)

How We Collect Information

  • User-submitted forms
  • Platform interactions and telemetry
  • API-based integrations with email, calendar, and CRM systems
  • Authentication and analytics services from Supabase and Vercel
  • Data syncs explicitly authorized by clients via connected services

How We Use the Information

  • Provide, maintain, and improve our services
  • Authenticate users securely
  • Manage billing and subscriptions
  • Support product development and analytics
  • Respond to user inquiries or support requests
  • Fulfill contractual or legal obligations

Sharing of Information

We do not sell or rent your data. Limited data is shared with trusted third-party services under contractual agreements:

  • Supabase: Auth, DB, Storage (US)
  • Vercel: Hosting & API runtime (US)
  • Stripe: Billing & payments (US)
  • PostHog: Product analytics (US)
  • Google: Email/calendar integration (US/EU)

All vendors are required to meet industry-standard security and confidentiality obligations.

Data Retention and Security

Data is retained only as long as needed to fulfill the purposes described above or as legally required.

Security Overview

  • All data is encrypted in transit via TLS
  • Supabase encrypts data at rest by default
  • Role-based access control is enforced for internal systems
  • Supabase Auth is used for secure authentication (password and third-party OAuth)
  • Access to production data is restricted to authorized personnel and is logged
  • Development and production environments are isolated
  • ModernRelay's servers and backend APIs are hosted and deployed via Vercel's serverless infrastructure
  • Monitoring and alerting are in place to detect anomalies
  • We are aligning our practices with SOC 2 Trust Service Criteria and continuously assess risk

Your Privacy Rights

The company supports global privacy principles and complies with applicable rights under the GDPR, CCPA/CPRA, and similar laws. You may:

  • Access your personal data
  • Request correction or deletion of your data
  • Export your data in a portable format (data portability)
  • Object to certain types of processing

To exercise your rights, email: privacy@modernrelay.com with the subject line: Privacy Request. Identity verification may be required.

Children's Privacy

Our services are not directed to individuals under 13. The company does not knowingly collect data from children. If such data is discovered, it will be deleted promptly.

International Users

Data is processed and stored in the United States. If you access the services from outside the U.S., you consent to transferring your data to the U.S. where different privacy protections may apply.

Changes to This Policy

The policy may be updated to reflect changes to practices or for legal reasons. The latest version will always be available at modernrelay.com/en/privacy. Revisions are effective upon posting.

Cookies and Tracking

The site and platform may use cookies or similar technologies to improve performance and analyze usage. You can control cookie preferences via your browser settings. Disabling cookies may affect functionality. Vercel and Supabase services do not currently respond to "Do Not Track" browser signals.

Data Breach Notification

In the event of a data breach, affected individuals and regulators will be notified as required under applicable law.

Use of Subprocessors

We do not currently use subcontractors, but subprocessors may be engaged (e.g., for hosting or payments) bound by confidentiality and data protection terms.

For enterprise customers requiring a formal data processing agreement, please review the Data Processing Agreement.

Governing Law

This policy is governed by the laws of the State of Delaware, United States. Any disputes will be resolved in courts located in Delaware.

Client System Access & Data Handling

ModernRelay does not directly access or store customer-controlled system data unless explicitly authorized for support purposes. All such access is time-limited, logged, and governed by internal controls. All client data remains the property of the client. ModernRelay does not claim ownership or reuse rights over any uploaded content or activity logs unless explicitly authorized.

When ModernRelay integrates with client systems, data access is governed by explicit client authorization. Clients must provide permission to initiate and define the scope of such data syncs. Clients may revoke access or modify permissions at any time through the integration settings or by contacting the support team. Only data necessary to support functionality will be accessed or stored, and all synced data is treated as confidential.

For additional questions, reach out to: privacy@modernrelay.com