Know what Relayne can read before you grant access.

Relayne needs Windows permissions to work beside other applications. This page explains the intended boundaries, the two processing modes, and the security work still in progress.

Technical architecture draftUpdated 14 July 2026Windows private beta

The short version

Selected sources, an active workflow, and a clear processing choice.

You choose the documents, tabs, and applications Relayne can use for a task. Relayne reads the active destination context so it can place a suggestion beside the right field. It is not designed to create a permanent archive, monitor browsing history, or submit work on your behalf.

Draft
This is the public security architecture draft, not a certification report.

Exact retention windows, encryption details, hosting regions, subprocessors, and permission names will be confirmed against the shipping Windows build before a public download is offered.

You choose

The sources Relayne may use

A Relayne task begins with documents, tabs, or applications selected for that workflow.

You can see

The suggestion and its source

The field-side popup keeps the proposed value, warning, and source reference visible for review.

You decide

What enters the destination

Relayne does not submit forms, save records, or send messages without the user taking the final action.

Windows permissions

Powerful access needs narrow rules.

Relayne needs enough Windows access to understand a selected source, identify the destination context, and keep its popup beside the active field. The shipping app must explain every permission at the moment it is requested.

  1. 01

    Read selected source content

    Relayne needs access to the documents, browser tabs, or application surfaces the user has chosen for the current task.

  2. 02

    Recognize the active destination

    Relayne needs to understand which field or writing context is active so the correct suggestion appears in the correct place.

  3. 03

    Place a popup beside the work

    Relayne uses the active window geometry to position a small overlay. It is not intended to replace or take ownership of either application.

  4. 04

    Stop when the task stops

    Source access and temporary task context should end when the Relayne workflow ends. Exact lifecycle behavior remains a pre-release verification item.

  5. 05

    Never turn permissions into surveillance

    The product policy prohibits browsing-history tracking, background keystroke collection, and the sale of processed work.

Processing modes

AI Powered and Local are different data paths.

Security copy must always identify which mode it describes. A Local guarantee must not be presented as an AI Powered guarantee.

AI PoweredAvailable in beta

Maximum recognition accuracy

Task-relevant content is processed using Relayne-controlled model infrastructure to interpret difficult layouts and changing document structures.

Processing
Relayne-controlled model infrastructure
Content scope
Selected source content required for the active task
Model training
Customer content is not used to train models
Data sale
Customer data is never sold
Retention
Exact transient-processing window to be confirmed before public download
Best fit
Irregular layouts and maximum recognition accuracy
LocalPremium

Maximum on-device privacy

Selected source content is processed on the Windows device without a cloud document-processing dependency.

Processing
On the user’s Windows device
Content scope
Selected source content required for the active task
Cloud upload
No upload of source content for document processing
Internet
Designed for offline processing; licensing behavior to be confirmed
Trial
Not included in the private-beta trial
Best fit
Sensitive, isolated, and offline workflows

AI Powered data flow

Four boundaries the shipping system must make testable.

This is the intended sequence for an active AI Powered task. The technical implementation and retention evidence must be validated before general availability.

  1. 01

    User selects sources

    Relayne limits the task to the documents, tabs, and applications the user chose.

  2. 02

    Relevant context is prepared

    Only the content needed to answer the active field or writing context should enter the processing request.

  3. 03

    Private processing runs

    Relayne-controlled model infrastructure returns likely values or passages. Content is not used for model training.

  4. 04

    User reviews the result

    The suggestion and source reference return to the popup. The user chooses whether to use or reject them.

What Relayne does not do

Trust is easier when the boundaries are explicit.

These product-policy boundaries apply across Relayne unless a future organization agreement clearly states otherwise.

No sale

No selling customer data

Relayne does not sell account information, source content, destination content, or usage data.

No training

No model training on your work

Processed documents, fields, and suggestions are not used to train public or private models.

No archive

No hidden document library

Relayne is not designed as a cloud drive or a permanent database of processed documents.

No tracking

No browsing-history monitoring

Relayne works from sources selected for an active task, not a history of everything the user browses.

No keylogger

No background keystroke collection

The product is intended to interpret an active Relayne workflow, not record typing across the computer.

No autopilot

No autonomous final action

Relayne does not quietly submit a form, save a record, or send a message on the user’s behalf.

Compliance and enterprise status

No borrowed badges and no premature compliance claims.

Relayne is EU-built and privacy-first. Formal certifications and regulated-industry eligibility require technical evidence, contracts, and independent review.

AreaCurrent public statusWhat this means
GDPRPrivacy work in progressEU privacy principles guide the product. A complete data inventory, lawful-basis review, retention schedule, and processor documentation remain required.
SOC 2Not certifiedNo SOC 2 certification claim is made. Organization controls and evidence collection are part of the enterprise roadmap.
HIPAANot claimedSuitability depends on processing mode, deployment, contracts, and a formal review. Relayne does not currently claim HIPAA compliance.
Security testingPre-releasePermission boundaries, data flows, retention, update signing, and installer behavior must be tested before broad distribution.
Enterprise deploymentRoadmapMSI, Intune and MDM support, admin controls, organization policies, and offline deployment are not in the current beta.

Security contact

Questions should have a direct route.

Report a security concern privately so it can be investigated before public discussion.

  1. 01

    Email the security contact

    security@relayne.app for suspected vulnerabilities, permission concerns, or data-handling questions.

  2. 02

    Include reproducible details

    Share the Windows version, Relayne build, affected application, steps, and likely impact. Do not send real customer documents.

  3. 03

    Expect acknowledgement

    A formal response-time policy will be published before general availability. Private-beta reports receive direct triage.

Test one real Windows workflow with the boundaries clear.

The beta application asks which sources, destinations, and processing mode your work requires.

Request Windows beta access