Privacy

Privacy must be honest.

Last updated: 2 June 2026. RelayHub is designed around local-first, minimum-exposure, policy-governed privacy. This page explains what is collected now, what is not collected, and what privacy cannot honestly promise.

Current website collection

What RelayHub currently collects.

The current public website collects only what is needed for early access, contact, basic security, spam protection, and privacy-preserving website analytics.

  • Early access signup details
  • Contact form submissions
  • Email addresses provided through forms
  • Community or organisation names provided by users
  • Cloudflare Web Analytics page and device metrics
  • Basic security and anti-spam signals
  • D1-stored signup and contact records

What is not collected

RelayHub does not seek sensitive operational secrets.

Do not send private keys, recovery secrets, passwords, message contents, or other sensitive material through website forms or ordinary support messages.

Private message contents

Private keys

Recovery secrets

Passwords

Device microphone recordings

Device camera access

Precise location tracking

Advertising profile data

Behavioural advertising data

Hidden remote device telemetry

Analytics

Privacy-preserving analytics, not advertising tracking.

RelayHub uses Cloudflare Web Analytics to understand broad website usage. The goal is to learn what visitors care about before launch without using advertising surveillance infrastructure.

  • Cloudflare Web Analytics is used for privacy-preserving website analytics.
  • Google Analytics is not used.
  • Advertising trackers are not used.
  • Analytics are used to understand page popularity, device types, and broad website usage.
  • Form submissions are tracked through D1 records, not invasive tracking pixels.

Support exports

Support should not become hidden telemetry.

RelayHub’s support posture is explicit export, redaction by default, and user review before sharing. Support should help diagnose problems without silently collecting private operational data.

  • Support export should require explicit user action.
  • Support information should be reviewable before sharing.
  • Support exports should be redacted by default.
  • Message content, private keys, and recovery secrets should not be included by default.
  • Automatic support upload is not part of the current posture.

Forms and records

Early access and contact submissions.

Early access

Early access forms may store your name, email address, community or organisation, message, submission time, hashed connection signal, and basic user-agent information in D1 for administration and follow-up.

Contact form

Contact forms may store your name, email address, topic, message, submission time, hashed connection signal, and basic user-agent information in D1 so RelayHub can respond and review abuse.

Third-party services

Current service providers.

Cloudflare

Used for hosting, Workers, Assets, D1, KV, Email Routing, Turnstile, Web Analytics, and security-related infrastructure.

GitHub

Used for source control and deployment workflow. Public website code and deployment history may be managed through GitHub.

Email provider

Form notifications may be delivered to a verified destination mailbox. Email content may be handled by the mailbox provider.

Privacy reality

Privacy does not mean invisibility.

RelayHub must not exaggerate privacy, anonymity, security, or censorship resistance. Local-first infrastructure can reduce dependence on central services, but it cannot remove every observable trace or human trust problem.

Privacy is not the same as anonymity.

Encryption does not make activity invisible.

Metadata may still exist.

Radio traffic may be observable.

Physical access to a device changes the threat model.

Trust relationships still matter.

Communities still need governance, judgement, and consent.

Future privacy philosophy

Privacy should be built into the architecture.

As RelayHub evolves, privacy should be governed by local-first design, explicit consent, transparent trust, support redaction, and policy-based exposure rather than hidden defaults.

Local-first operation where practical.

Minimum exposure by default.

Policy-governed sharing.

Explicit trust relationships.

Explicit federation relationships.

User-controlled support exports.

Recovery without unnecessary surveillance.

Clear distinction between implemented and planned privacy behaviour.

Use of information

RelayHub may use information to respond to enquiries, manage early access interest, improve website content, understand product interest, protect against spam or abuse, maintain website security, and comply with legal obligations.

Disclosure

RelayHub does not sell personal information. Information may be disclosed to service providers assisting RelayHub, where required by law, where necessary for security or safety, or with your consent.

Retention

Form submissions and administrative records are retained only as long as reasonably needed for early access, contact, support, security, operational, legal, or record-keeping purposes.

Access and correction

You may request access to personal information held about you and request correction where information is inaccurate, incomplete, or outdated.

Overseas processing

Some service providers may store or process information outside Australia. RelayHub seeks to use reputable providers with appropriate privacy and security practices.

Children

RelayHub is not intentionally directed toward children under the age required to provide valid consent in their jurisdiction.

Changes

This Privacy Policy may be updated from time to time. Updated versions will be published on this website.

Contact

Privacy enquiries may be directed to hello@relayhub.tech or submitted through the contact form.