Relay runs in a single-customer boundary. Your data stays yours.
Data leaves your firewall only through configured integrations, is encrypted in transit and at rest, is retained on schedules you control, and is never used to train models for other customers.
GDPRSupported
Risk and evidence
- Single-customer isolated environment; no shared compute or data plane, so blast radius stays contained.
- Customer data is never used for cross-customer model training.
- Encrypted in transit and at rest, with traceable, auditable outcomes.
- SOC 2 Type II and ISO 27001, GDPR support, and a maintained subprocessor list.
Controls and mechanics
- Egress only through configured integrations over allowlisted network paths.
- Customer-controlled identity with SSO/MFA and least-privilege access.
- TLS in transit and AES-256 at rest inside the isolated environment.
- Retention defaults to 365 days, configurable to 30; US default hosting, EU region available.
Paste-ready summary
BackOps Relay runs as a single-customer isolated environment. Data leaves the customer firewall only through configured integrations, is encrypted in transit and at rest, and is retained on a 365-day default schedule with custom retention available by request. OpenAI and Anthropic are used for scoped service delivery, never for cross-customer model training. Relay provides audit traces, QA gates, and action-approval thresholds, and holds SOC 2 Type II, ISO 27001, GDPR support, and a maintained subprocessor list.
Where your data goes
Follow a request through Relay's pipeline. Each stop is labeled with where it runs; the AI model call is a single scoped step, and nothing acts until it clears the QA and approval gate. Select a stop for detail.
The platform, mapped
The same pipeline as a system map: channels enter, the supervisor routes work to specialist agents inside your isolated environment, connected systems are reached through scoped integrations, and every task lands as a delivered response, an executed action, or a human escalation.
What persists, for how long, under which controls
Source systems stay customer-owned; Relay receives only the operational data a configured workflow needs. Default retention is 365 days and is configurable by request, including shorter windows such as 30 days.
| Data class | Examples | Persists | Default | Configurable | Protection |
|---|---|---|---|---|---|
| Customer messages | Email, chat, SMS, voice transcript, ticket thread | Yes | 365 days | Custom, incl. 30-day windows | TLS in transit, AES-256 at rest, isolated environment |
| SOP knowledge | Escalation rules, workflows, account-specific handling | Yes | Customer term | Custom by agreement | Customer-specific only; not used for cross-customer training |
| Operational telemetry | Inquiry class, route, action result, resolution path | Yes | 365 days | Custom by request | PII masked before observability; least-privilege access |
| AI traces | LLM call trace, agent input/output, prompt version | Yes | 365 days | Custom by request | Queryable audit trail, scoped prompts, output filtering |
| Approvals and feedback | Dry-run approval, QA result, human rating, rejection reason | Yes | 365 days | Custom by request | Human review, version history, controlled channels |
One customer boundary, not a pooled plane
Each customer runs in a dedicated, isolated deployment. There is no shared customer data plane between deployments.
- Dedicated compute and storage per customer
- Allowlisted paths, least privilege, SSO/MFA
- Action approval thresholds before high-impact work
Model calls are scoped to the task
OpenAI, Anthropic, Gemini, and BackOps self-hosted models are used for scoped reasoning and drafting as part of service delivery.
- Customer data is not sold, licensed, or used to train models for other customers.
Technical controls for IT review
TLS in transit, AES-256 at rest. Applied across the isolated customer environment.
Customer-controlled. SSO/MFA and least-privilege access to systems and actions.
Configured egress only. Allowlisted network paths and per-workflow integration scoping.
365-day default. Configurable by request down to 30-day windows.
US by default. EU region available for GDPR-sensitive deployments.
Dry-run and QA gates. Human approval thresholds with full audit traces.
What a reviewer can verify
SOC 2 Type II
Certified for security, availability, and confidentiality controls.
ISO 27001
Information security management certification for vendor review.
GDPR support
US default hosting, EU region, and GDPR-aligned handling where applicable.
Subprocessors
Current list and details maintained for vendor-risk review.
Vulnerability program
Remediation SLAs, continuous dependency scanning, third-party pen testing.
AI governance
Model evaluation, monitoring, incident response, and human review thresholds.
BackOps Relay runs as a single-customer isolated environment. Data leaves the customer firewall only through configured integrations, is encrypted in transit and at rest, and is retained on a 365-day default schedule with custom retention available by request. OpenAI and Anthropic are used for scoped service delivery, never for cross-customer model training. Relay provides audit traces, QA gates, and action-approval thresholds, and holds SOC 2 Type II, ISO 27001, GDPR support, and a maintained subprocessor list.