Privacy Policy

Effective date: 2026-05-09 (date of first publication on relaymetry.com) Last updated: 2026-05-09 (initial publication)

This Privacy Policy explains how Relaymetry ("the Service", "we", "us", "our") collects, uses, shares, and protects personal data of visitors and users.

The Service is not directed at, marketed to, or intended for residents of the European Economic Area or the United Kingdom. Users access the Service at their own initiative and at their own risk regarding compliance with their local law. We do not knowingly collect personal data from residents of jurisdictions where doing so would require local registration or representation we have not obtained. Such residents may contact privacy@relaymetry.com for deletion.

1. Who we are (Data Controller)

Relaymetry is currently operated by an individual founder (a natural person). The Service is not yet incorporated as a legal entity. The named data controller responsible for the processing of your personal data is:

Name: Vadim Ivanov.
Contact email: privacy@relaymetry.com.
Postal address: 16 Old Queen St, London SW1H 9HP, United Kingdom.

If we incorporate as a legal entity in the future, the entity will replace the individual as data controller.

1.1 Pre-launch operating model

Relaymetry is in a pre-launch phase. Operating as a natural-person data controller is a legitimate model and will be revisited on incorporation.

2. What this Policy covers

This Privacy Policy applies to:

The website at https://relaymetry.com and all subdomains operated by us.
The free domain-health check tools (Mail Exchange, SPF, DKIM, DMARC, blacklist, TLS).
The waitlist sign-up form and the subsequent confirmation email exchange ("Double Opt-In").
Any future paid features, subject to additional disclosures specific to those features at the time they are introduced.

It does not apply to:

Third-party websites we link to from our pages — those are governed by their own privacy policies.
The personal email accounts of our founder used outside the Service.
Internal sub-processor activities not directed by us (their processing on their own behalf is governed by their own policies).

3. Personal data we collect

We collect the minimum personal data needed to operate the Service. The categories below correspond to specific processing activities (called P1 through P9 in our internal records).

When you submit our waitlist form, we collect:

The email address you enter.
The domain name you optionally associate with your sign-up (used to send you future relevant updates).
A hashed source IP address (SHA-256(your IP || a server-side salt that rotates monthly)) for abuse prevention and rate limiting. The raw IP address is discarded immediately after hashing.
The User-Agent header sent by your browser.
The timestamp of your submission.
A cryptographically random Double Opt-In token that we send to you in a confirmation email. The token is stored in our database in hashed form; we never persist its plaintext after issuance.

We send you a single confirmation email asking you to click a link to confirm your sign-up (this is the Double Opt-In). If you do not confirm within 48 hours, we delete the pending record automatically.

3.2 Free domain-health check tools (P2)

When you submit a domain to one of our tools (/tools/mx-lookup, /tools/spf-checker, /tools/dkim-checker, /tools/dmarc-checker, /tools/blacklist-lookup, /tools/tls-check) or to the homepage snapshot form, we collect:

The domain name you enter. Domain names are usually not personal data of the submitter, but please note: by submitting a domain, you may reveal a third-party relationship (for example, your employer's domain). Please do not submit domains whose existence you consider confidential.
A hashed source IP address (same as P1) for abuse prevention.
The User-Agent header.
A request identifier (UUID) for our internal correlation.
Cached DNS query results for the submitted domain (this is technical data about the domain, not about you).

Publication of third-party domain data: We render the DNS metadata you submitted to public, search-indexable URLs (such as /report/<domain> and /tools/<tool>/<domain>) so that other users can reference and share diagnostic results. This is public information queryable from any DNS resolver. We redact identified personal data fields (such as the SOA RNAME zone-administrator email) before display. Domain owners may request removal through the takedown procedure described in our Terms of Service §10.

3.3 Anti-abuse and rate-limiting (P3)

To protect the Service against denial-of-wallet attacks, scraper abuse, and waitlist spam, we maintain:

Rate-limit counters keyed by hashed IP and a time-window timestamp. These counters live in Redis with a short Time-To-Live and contain no identifying information beyond the hashed IP.
An abuse-bans table containing entries inserted by us in response to detected abuse. Entries record the kind of ban (ip / email / domain), the value (hashed where applicable), the reason, and an expiry date.

3.4 Outbound transactional email (P4)

We send you a transactional email when:

You submit the waitlist form (Double Opt-In confirmation email).
You request a re-send of the confirmation email.
(Future, in our Ship 1.5 release) You receive your weekly domain-health diff email.

For each outbound email we record send-status data returned by our email service provider (delivered / bounced / soft-bounced / complained) and link it to your subscription record.

3.5 The privacy@ inbox (P5)

When you email privacy@relaymetry.com, we receive the full content of your email, including:

Your email address.
Subject line.
Message body.
Any attachments you include.

This mailbox is operated through Cloudflare Email Routing, which forwards messages to the founder's personal inbox where they are read and answered manually.

3.6 Web analytics (P6)

We use a privacy-friendly analytics service (Plausible) that does not set cookies, does not retain your IP address, and does not track you across sites. The service collects:

The page path you visit on our site.
The country and region derived from your IP at the time of the page view (the IP itself is then discarded).
Your browser type, operating system, and device class.
The referrer URL if your visit came from a link on another site.
A small set of custom events that we trigger when you submit forms, click "Recheck", or copy share-links.

These statistics are aggregated and anonymous; no individual visitor record is retained.

3.7 Error tracking (P7)

To diagnose production errors quickly, we send error reports to a Sentry-protocol-compatible error tracker that we self-host on our own infrastructure (Fly.io, Frankfurt). Each error report contains:

The error stack trace.
The request identifier (matching our server-side logs).
Your User-Agent header.
The URL of the page where the error occurred, with sensitive query parameters (such as email addresses and tokens) stripped before transmission.
A breadcrumb log of the most recent server-side calls preceding the error.

We do not include raw user input, email addresses, or token values in error reports.

3.8 Operational logs (P8)

We log technical information about each request to help us debug issues and audit security events. Each log entry contains:

A request identifier.
The route (URL path).
The HTTP method and status code.
Response timing.
The hashed IP (where logged).
Any error category raised during the request.
Operator-defined contextual fields with no personal data included.

Sensitive keys are scrubbed before logs are written, by the same mechanism described in Section 3.7.

3.9 Cloudflare DNS and Email Routing (P9)

The relaymetry.com domain is hosted on Cloudflare's authoritative DNS infrastructure, and inbound mail to privacy@relaymetry.com is processed through Cloudflare Email Routing. Cloudflare may collect operational metadata about DNS queries and email delivery (request IPs, timing, geolocation) according to their own published privacy practices.

3.10 What we do not collect

We do not request or store your real name unless you voluntarily include it in a message you send us.
We do not use cookies on our website. We do not set tracking pixels.
We do not collect special-category data (data revealing racial or ethnic origin, political opinions, religious beliefs, trade-union membership, genetic data, biometric data for identification, health data, or sex life or sexual orientation).
We do not knowingly collect data from children under 16. The Service is not directed at children.
We do not perform automated decision-making that produces legal or similarly significant effects on you.
We do not sell your personal data. We do not share your personal data with advertisers.

4. How we use your data

We process personal data only for the purposes described in Section 3 above and only as needed to operate the Service. We do not use data for purposes you have not been informed of. Where we rely on your consent (waitlist sign-up), you may withdraw consent at any time by clicking the unsubscribe link in any email we send you, or by emailing privacy@relaymetry.com.

5. Sub-processors

We use the following sub-processors to operate the Service. Each is bound by a Data Processing Agreement (or equivalent contractual instrument) requiring them to process your personal data only for the purposes we specify, with appropriate technical and organisational safeguards.

Sub-processor	Purpose	Region
Cloudflare, Inc.	Authoritative DNS for `relaymetry.com`; inbound mail routing for `privacy@`; future CDN.	Global anycast network (US-affiliated).
Resend (Resend Labs Inc.)	Outbound transactional email (Double Opt-In confirmation; future weekly diff alerts).	EU-West-1 (Ireland).
Plausible Insights OÜ	Anonymous, cookieless web analytics.	EU (Estonia / Germany).
Fly.io, Inc.	Application hosting and self-hosted error tracker (GlitchTip).	EU (Frankfurt).
Upstash, Inc.	Redis hosting for rate-limit counters and ephemeral cache.	AWS eu-west-1 (Ireland).
Neon (Databricks, Inc.)	Serverless PostgreSQL primary database.	AWS Europe Central 1 (Frankfurt).

Some of the sub-processors above rely on their own backend providers (for example, AWS for compute or Google for delivery) per their published sub-processor disclosures. We do not share your personal data with any third party other than the sub-processors above, except where required by law.

6. How long we keep your data

Data category	Retention
Pending (unconfirmed) waitlist sign-up	48 hours, then automatically deleted by a nightly cleanup job.
Confirmed waitlist sign-up	Until you unsubscribe, OR until 24 months of inactivity (whichever is earlier).
Unsubscribed waitlist record	30 days for audit, then permanently deleted.
Hashed IP and abuse-prevention records	Rolling 30-90 days. The salt used for hashing rotates monthly, so older hashes become unlinkable to your current IP after one rotation cycle.
DNS query results (cached)	1 hour to 24 hours per zone type. These are technical results about a domain, not about you.
Outbound email logs	Per the email provider's retention (typically 30-90 days).
Inbox messages to privacy@	Retained for the duration of the inquiry plus a reasonable archive period for audit (typically up to 5 years), unless you request earlier deletion.
Web analytics (Plausible)	Aggregate retention per Plausible's default; no individual records stored.
Error reports (GlitchTip)	90 days (GlitchTip 6.1.6 default `event_retention_days` setting on our self-hosted instance; configurable downward on erasure request).
Operational server logs	Approximately 30 days.

When the retention period for a category expires, the data is hard-deleted from our systems and from the relevant sub-processor where we have direct control.

7. Your rights

Regardless of your jurisdiction, you may at any time request access to, correction of, or deletion of personal data we hold about you by contacting privacy@relaymetry.com. We will respond within 30 days on a good-faith basis. We do not charge for handling such requests, except where a request is manifestly unfounded or excessive (typically because of repetitive nature), in which case we may charge a reasonable fee or refuse the request. Where we rely on your consent (for example, waitlist sign-up), you may withdraw it at any time via the unsubscribe link in any email we send you.

8. Cookies

We do not set cookies on the relaymetry.com website. We use a privacy-friendly analytics service (Plausible) that operates without cookies and without persistent identifiers.

If we ever introduce a service that requires cookies, we will publish a separate Cookie Policy and (where required by law) display a granular consent banner. Until then, no cookie banner is shown because none is legally required.

9. Security

We protect your personal data using the following safeguards:

Encryption in transit: all connections to and from our servers use TLS 1.2 or higher.
Encryption at rest: sub-processor-level disk encryption is required and verified at our Data Processing Agreement review.
Access controls: only the founder accesses production systems, via authenticated SSH and an internal admin command-line interface.
Pseudonymisation: source IP addresses are hashed at ingestion with a salt that rotates monthly; older records become unlinkable to current IPs.
Data minimisation: the waitlist captures email and (optionally) a domain — nothing else. Free-tool usage logs minimal session metadata only.
Vulnerability management: automated dependency scanning (npm audit, Dependabot weekly) and prompt patching of critical advisories.
Operational discipline: secrets stored in our hosting provider's secret manager and rotated quarterly. Deployment via reproducible builds.

We are committed to notifying you of a personal data breach affecting you within 72 hours of becoming aware of it.

10. Changes to this Privacy Policy

We may update this Policy from time to time to reflect changes in our processing, in the law, or in our sub-processor relationships. The current version is identified by the "Last updated" date at the top.

For material changes (changes that affect your rights or expand the scope of processing), we will:

Update the "Last updated" date.
Publish a change-summary at the top of this page for at least 30 days.

Non-material changes (typo corrections, formatting, sub-processor additions that do not materially expand processing) are reflected by updating the date alone.

A change-history of this Privacy Policy is available in our public repository at https://gitlab.com/evilmorte/relaymetry under docs/legal/privacy-policy.md — the git commit log of that file is the authoritative record of every change.

11. Contact

For any privacy inquiry:

Email: privacy@relaymetry.com.
Postal address: available on request.

We will respond to all good-faith inquiries.

This Privacy Policy was authored by the controller and is maintained in version control. The latest version is always available at https://relaymetry.com/privacy. The full edit history is publicly accessible in the project's source repository.