Legal Notice

Privacy Policy

We are committed to protecting your privacy and ensuring transparency in how we handle your data.

Last Updated: June 12th, 2025

Who We Are

ModernRelay is a trade name of EQTR, Inc., a Delaware C-Corp headquartered in San Francisco, California. We provide an AI-native knowledge management platform designed specifically for pharmaceutical and life sciences organizations, with a focus on global medical affairs teams.

For questions or concerns about your privacy, contact us at:

Email:

privacy@modernrelay.com

Information We Collect

This policy applies only to data collected and processed by ModernRelay. It does not cover data stored within customer-managed platforms.

2.1 Information You Provide Directly

Name
Email address
Notes, calendar entries, and CRM activity logs

2.2 Automatically Collected Information

IP address
Device/browser identifiers
Usage metadata
Timestamps of interactions

2.3 Data via Integrated Platforms

Supabase (authentication, database storage)
Stripe (payment metadata, invoicing)
Vercel (website, backend API hosting, and delivery)
PostHog (product analytics and usage metrics)

How We Collect Information

User-submitted forms
Platform interactions and telemetry
API-based integrations with email, calendar, and CRM systems
Authentication and analytics services from Supabase and Vercel
Data syncs explicitly authorized by clients via connected services

How We Use the Information

Provide, maintain, and improve our services
Authenticate users securely
Manage billing and subscriptions
Support product development and analytics
Respond to user inquiries or support requests
Fulfill contractual or legal obligations

Sharing of Information

We do not sell or rent your data. We share limited data with trusted third-party services under contractual agreements:

Subprocessor	Purpose	Region	Link
Supabase	Auth, DB, Storage	US	View →
Vercel	Hosting & API runtime	US	View →
Stripe	Billing & payments	US	View →
PostHog	Product analytics	US	View →
Google	Email/calendar integration	US/EU	View →

All vendors are required to meet industry-standard security and confidentiality obligations.

Data Retention and Security

We retain data only as long as needed to fulfill the purposes described above or as legally required.

Security Overview

All data is encrypted in transit via TLS.
Supabase encrypts data at rest by default.
Role-based access control is enforced for internal systems.
Supabase Auth is used for secure authentication (password and third-party OAuth).
Access to production data is restricted to authorized personnel and is logged.
Development and production environments are isolated.
ModernRelay's servers and backend APIs are hosted and deployed via Vercel's serverless infrastructure.
Monitoring and alerting are in place to detect anomalies.
We are aligning our practices with SOC 2 Trust Service Criteria and continuously assess risk.

Your Privacy Rights

We support global privacy principles and comply with applicable rights under the GDPR, CCPA/CPRA, and similar laws. You may:

Access your personal data
Request correction or deletion of your data
Export your data in a portable format (data portability)
Object to certain types of processing

To exercise your rights, email: privacy@modernrelay.com with the subject line: Privacy Request. Identity verification may be required.

Children's Privacy

Our services are not directed to individuals under 13. We do not knowingly collect data from children. If such data is discovered, we will delete it promptly.

International Users

Data is processed and stored in the United States. If you access our services from outside the U.S., you consent to transferring your data to the U.S. where different privacy protections may apply.

Changes to This Policy

We may update this policy to reflect changes to our practices or for legal reasons. The latest version will always be available at https://modernrelay.com/privacy-policy. Revisions are effective upon posting.

Cookies and Tracking

Our site and platform may use cookies or similar technologies to improve performance and analyze usage. You can control cookie preferences via your browser settings. Disabling cookies may affect functionality. Vercel and Supabase services do not currently respond to "Do Not Track" browser signals.

Legal Basis for Processing

We process personal data based on:

Your consent
Contractual necessity
Legitimate interests (e.g., service improvement, security)
Legal obligations

Data Breach Notification

In the event of a data breach, we will notify affected individuals and regulators as required under applicable law.

Use of Subprocessors

We do not currently use subcontractors, but we may engage subprocessors (e.g., for hosting or payments) bound by confidentiality and data protection terms.

For enterprise customers requiring a formal data processing agreement, please review our Data Processing Agreement.

Governing Law

This policy is governed by the laws of the State of Delaware, United States. Any disputes will be resolved in courts located in Delaware.

Client System Access & Data Handling

ModernRelay does not directly access or store customer-controlled system data unless explicitly authorized for support purposes. All such access is time-limited, logged, and governed by internal controls. All client data remains the property of the client. ModernRelay does not claim ownership or reuse rights over any uploaded content or activity logs unless explicitly authorized.

When ModernRelay integrates with client systems, data access is governed by explicit client authorization. Clients must provide permission to initiate and define the scope of such data syncs. Clients may revoke access or modify permissions at any time through the integration settings or by contacting our support team. Only data necessary to support functionality will be accessed or stored, and all synced data is treated as confidential.

For additional questions, reach out to:

privacy@modernrelay.com

Have questions about your data?

Our privacy team is here to help.

Contact Privacy Team