Privacy Policy

Who we are. Aether Digital operates Relay — a professional multi-channel notification infrastructure platform designed to help engineering teams deliver reliable, high-throughput product notifications across Email, WhatsApp, SMS, Telegram, Slack, and more through a single, unified API. Our platform is accessible at relay-notify.com.

This Privacy Policy explains what personal data we collect, why we collect it, how we use and protect it, and what rights and choices you have regarding your data. It applies to all visitors to our website and all users of the Relay platform.

If you have questions about your privacy, want to exercise any of the rights described below, or need to contact our data protection team, please reach out at aetherdigital.contact@gmail.com. We commit to responding to all data-related inquiries within five (5) business days.

This Privacy Policy is part of and should be read alongside our Terms of Service. We recommend reviewing both documents periodically, as they may be updated to reflect changes in our practices or applicable law.

Data protection law distinguishes between two types of parties: a controller, who determines why and how personal data is processed, and a processor, who handles personal data solely on the controller's behalf and in accordance with their instructions.

When you visit our website or create a Relay account, Aether Digital acts as a controller. We determine the purposes for which data is collected and processed in those contexts.

When you use Relay to send notifications to your own end-users or customers, Aether Digital acts as a processor. In this case, you (as our customer) are the controller of your end-users' personal data, and we process that data solely to deliver the Services you have requested. See Section 5 for more details on our role as a processor.

We take both roles seriously. In each scenario, we apply appropriate safeguards and operate with full respect for applicable data protection regulations, including the GDPR where applicable.

Certain jurisdictions, particularly those subject to the EU General Data Protection Regulation ("GDPR"), require that every act of personal data processing must rest on a valid legal basis. Aether Digital only processes personal data where a legal basis has been established. The legal bases we rely upon include:

• Performance of a contract: Processing necessary to fulfill our obligations to you under our Terms of Service, such as creating and managing your account or delivering the Services you have subscribed to.
• Legitimate interests: Processing in our or a third party's legitimate interests, provided those interests are not overridden by your rights. This includes improving our platform, preventing fraud, and ensuring security.
• Consent: Where we rely on your consent (for example, for certain marketing communications), you always have the right to withdraw that consent at any time.
• Legal obligation: Processing required to comply with applicable laws, regulations, court orders, or lawful government requests.

Where specific legal bases apply to a particular processing activity, we identify them in the relevant sections below.

When our customers use Relay to send notifications to their end-users, we process personal data about those end-users solely on behalf of the customer and according to their instructions. In these circumstances, we are a processor and the customer is the controller of that data.

The personal data we may process in our capacity as a processor can include: full name, email address, phone number, device tokens for push notifications, and any additional metadata supplied by the customer through our API for the purpose of personalizing notification content.

If you are an end-user of one of our customers and have questions about how your personal data is used, or wish to exercise your privacy rights, you should contact the customer directly — they are the controller of your data and are responsible for responding to such requests.

A Data Processing Agreement ("DPA") is available to our customers upon request. The DPA governs the terms under which we process end-user data and outlines our respective obligations. Contact aetherdigital.contact@gmail.com to request a copy.

The following describes the personal data we collect directly from Visitors and Users, why we collect it, how we use it, and the legal basis for doing so.

We may use your contact information to send you product updates, feature announcements, and informational newsletters about Relay and the notification infrastructure space. We aim to keep marketing communications relevant, infrequent, and genuinely useful.

How to opt out: You can unsubscribe from marketing emails at any time by clicking the "Unsubscribe" link found in the footer of any marketing email, or by contacting us directly at aetherdigital.contact@gmail.com. Opting out of marketing communications will not affect transactional or service-related messages, which we may still need to send you as part of providing the Services (for example, billing receipts, security alerts, or critical platform notices).

We do not sell your personal data to third parties. We share personal data only in the circumstances described below:

Aether Digital and some of our service providers operate across jurisdictions, which may result in your personal data being processed in countries outside your country of residence, including countries outside the European Economic Area ("EEA").

Where we transfer personal data internationally, we implement appropriate safeguards to ensure your data receives a level of protection consistent with this Privacy Policy and applicable data protection law. These safeguards may include:

• Transferring data to countries that have been recognized by the relevant authority (e.g. the European Commission) as providing an adequate level of data protection.
• Executing Standard Contractual Clauses (SCCs) approved by the European Commission with recipients of personal data outside the EEA.
• Applying supplementary technical and organizational security measures where the circumstances require.

To learn more about the specific mechanisms used for any particular international transfer of your data, please contact us at aetherdigital.contact@gmail.com.

The security of your personal data is a fundamental priority for us. Relay applies industry-standard technical and organizational security measures to protect your data against unauthorized access, accidental loss, destruction, or disclosure. These measures include data encryption in transit (TLS) and at rest, access controls based on the principle of least privilege, secure API key management, and regular security reviews of our systems and processes.

While we invest significantly in securing the platform, no system can guarantee absolute security. The overall security of your data also depends on the precautions you take on your own side — such as keeping your account credentials confidential, using strong and unique passwords, and securing the devices you use to access the Services. We strongly recommend enabling two-factor authentication on your account where available.

If you discover or suspect a security vulnerability in the Relay platform, please disclose it responsibly by contacting us immediately at aetherdigital.contact@gmail.com. We treat all security reports with urgency and confidentiality.

Depending on the laws that apply to you, you may have certain rights over your personal data. Below is a summary of common rights, particularly those granted under the GDPR. To exercise any of these rights, contact us at aetherdigital.contact@gmail.com. We may ask for reasonable evidence of your identity before processing your request.

We retain personal data only for as long as is necessary to fulfill the purposes for which it was collected, including satisfying legal, regulatory, or reporting requirements. When a retention period has expired, we securely delete or anonymize the relevant data.

The specific retention periods we apply vary depending on the type of data and the purpose for which it was collected. Factors we consider when setting retention periods include the sensitivity of the data, the potential risk of harm from unauthorized disclosure, the purpose for which it was originally collected, and whether we can achieve the same purpose by retaining less data.

Please note that our service providers and sub-processors maintain their own independent data retention policies. To obtain details about the specific retention periods applicable to particular types of personal data we process, contact us at aetherdigital.contact@gmail.com.

Cookies are small text files that a website places on your device to store lightweight data. We, and certain third-party services we use, place cookies on your browser when you visit relay-notify.com. Similar technologies — such as local storage, pixel tags, and session tokens — may also be used for equivalent purposes.

The cookies we use fall broadly into the following categories:

Most browsers accept cookies by default, but you can adjust your browser settings to refuse all or certain types of cookies. Please note that disabling cookies may affect the functionality of parts of the Services. You can also delete existing cookies from your browser at any time.

The Relay platform is designed for professional use by businesses and developers and is not directed at children under the age of sixteen (16). We do not knowingly collect personal data from individuals under this age. If you become aware that a minor has created an account or provided us with personal data without appropriate parental consent, please notify us immediately at aetherdigital.contact@gmail.com and we will take steps to delete such data promptly.

We may update this Privacy Policy periodically to reflect changes in our data practices, legal requirements, or the features of the Services. When we make material changes, we will update the "Last updated" date at the top of this document and, where appropriate, notify you by email or via a prominent notice within the platform.

We encourage you to review this Privacy Policy from time to time to stay informed about how we are protecting your data. Your continued use of the Services after any update to this Policy constitutes your acknowledgment of the changes and, where required by law, your consent to the updated practices.