Privacy Policy
Last updated: March 29, 2026
Basegraph, Inc. (“Basegraph,” “we,” “us”) builds developer tools including the Relay plugin for Claude Code and the Relay agent. This policy explains what data we collect, why, and what we do with it.
What we collect
Account data (on install)
Name, email address, role, and work style preference.
Session data (on each session end)
- Session count and timestamp
- Repository origin (remote URL)
- Phase reached (intent, approach, plan, or implementation)
- Number of decisions made
- File paths changed during the session
Decision data (on each decision)
- Structured decision summary: what was decided, what was rejected, reasoning, and category
- Who made the decision and when
Payment data
Processed entirely by Stripe. We store your Stripe customer ID and subscription status. We never see or store your card number.
What we never collect
- Source code or file contents
- Conversation transcripts
- Terminal output or command history
- Environment variables
- Credentials, secrets, or API keys
Transcripts are stored locally on your machine and are never sent to our servers. Session files in .relay/sessions/ live in your repository and are shared with teammates through git, not through us.
Why we collect it
- Account data: to identify you and personalize the plugin experience
- Session data: to enforce the free trial, improve the product, and understand usage patterns
- Decision data: to power decision continuity across sessions and, in the future, to provide team-level insights through the Relay agent
Legal basis (GDPR)
- Contract necessity: account data and decision data are required to provide the Relay service
- Legitimate interest: session analytics to improve the product and detect abuse
AI model training
We never use your data — decisions, session metadata, file paths, or any other information collected by Relay — to train, fine-tune, or improve AI models. Your data is used solely to provide and improve the Relay service.
Data processors
Your data is processed by the following third parties:
- Railway — infrastructure hosting (servers and database)
- Stripe — payment processing
- WorkOS — authentication
We do not sell your data to anyone.
Data retention
We retain account and session data for as long as your account is active. Decision data is retained for 24 months after creation. You can request deletion at any time.
Your rights
You have the right to:
- Access the data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Export your data in a portable format
- Object to processing based on legitimate interest
- Opt out of decision sync:
relay config sync_decisions false - Remove the plugin entirely:
relay uninstall
Security
All data is encrypted in transit (TLS) and at rest. Access to production systems is restricted to Basegraph engineering. We do not store credentials, secrets, or source code.
A note on file paths
We collect file paths changed during a session to link decisions to code areas. File paths may reveal project structure or internal naming. We use this data solely to improve decision context and never share raw file paths with third parties.
Changes to this policy
We may update this policy as the product evolves. Material changes will be communicated through the plugin or by email.
Contact
For privacy questions or data requests: privacy@basegraph.co
Basegraph, Inc.
Delaware, United States