Last updated: April 2025 · Effective: April 1, 2025
This Privacy Policy describes how Relynk Inc. collects, uses, discloses, and protects personal information when you visit our website at relynk.org, use our operational intelligence platform, or otherwise interact with us. Please read this policy carefully before using our services. By accessing or using our services, you acknowledge that you have read and understood this Privacy Policy.
Relynk Inc. ("Relynk", "we", "us", or "our") is the data controller responsible for processing personal information described in this policy.
Registered Address:
Relynk Inc.
180 N Wacker Drive, Suite 1400
Chicago, IL 60606
United States
Privacy Contact:
Email: privacy@relynk.org
For all privacy-related inquiries, data subject requests, and questions about this policy, please contact our Privacy team at the address above. We aim to respond to all requests within 30 days of receipt.
For users located in the European Economic Area (EEA) or the United Kingdom, Relynk Inc. serves as the data controller under the General Data Protection Regulation (GDPR) and UK GDPR respectively. We are committed to handling your personal data in accordance with applicable data protection laws.
We collect personal information in several categories depending on how you interact with our platform and services.
When you register for an account, request a product demonstration, complete a contact form, or otherwise communicate with us, we collect:
When you access our website or use the Relynk platform, we automatically collect technical and behavioral information, including:
As part of delivering our core service, the Relynk platform processes industrial operational data transmitted from your facility's connected equipment and systems. This may include:
Industrial operational data is processed exclusively to provide the services described in your Service Agreement with Relynk. This data is never sold to third parties, used for purposes outside of service delivery, or used to train general machine learning models without your explicit written consent.
When you subscribe to a paid Relynk plan, billing and payment transactions are processed through Stripe, our PCI-DSS compliant payment processor. We collect:
Relynk does not store full credit card numbers, CVV codes, or other sensitive financial data on our systems. All payment card information is tokenized and handled directly by Stripe in accordance with PCI-DSS Level 1 standards.
When you contact our support team, participate in webinars, or complete surveys, we may collect:
We use the personal information we collect for the following purposes, each supported by a legal basis as described below:
You may withdraw consent at any time by contacting privacy@relynk.org or using the unsubscribe link in any marketing email.
Relynk does not sell personal information to third parties. We share data only in the following circumstances:
Amazon Web Services (AWS) â€" Our primary cloud infrastructure provider. Customer data is hosted in AWS data centers located in the United States (us-east-1 and us-west-2 regions by default). AWS processes data as our data processor under a Data Processing Addendum consistent with GDPR requirements. AWS is certified under ISO 27001, SOC 2 Type II, and FedRAMP.
Stripe, Inc. â€" Handles all payment card transactions. Stripe is a PCI-DSS Level 1 certified payment processor. Stripe may collect and process payment card data and billing information directly. Stripe's privacy policy is available at stripe.com/privacy.
We use analytics tools to understand website and platform usage. These providers may process IP addresses and usage data. We maintain Data Processing Agreements with all analytics providers and configure them to anonymize IP addresses where possible.
We use third-party helpdesk software to manage support tickets and customer communications. Support agents access only the data necessary to resolve your inquiry.
We may disclose personal information if required by law or if we believe in good faith that such disclosure is necessary to comply with legal obligations, protect our rights, or prevent harm. In the event of a merger, acquisition, or sale of assets, personal information may be transferred as part of that transaction, with notice provided to affected users.
Relynk does not sell, rent, lease, or trade personal information or industrial operational data to any third party for commercial or marketing purposes.
We retain personal information only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law.
| Data Category | Retention Period | Rationale |
|---|---|---|
| Account and profile data | Duration of subscription + 30 days | Required for service delivery; deleted upon account closure |
| Industrial sensor data (Starter plan) | 12 months rolling | Per plan terms; older data purged automatically |
| Industrial sensor data (Professional plan) | 36 months rolling | Per plan terms; extended historical analysis |
| Industrial sensor data (Enterprise plan) | Custom, per contract | Negotiated retention aligned with customer compliance needs |
| Billing and invoice records | 7 years | Tax and accounting compliance (US law) |
| Security and access logs | 12 months | Security incident investigation and audit compliance |
| Support ticket records | 3 years | Quality assurance and dispute resolution |
| Marketing communication records | Until opt-out + 3 years | Compliance with opt-out requests |
You may request deletion of your personal data at any time by contacting privacy@relynk.org. We will process deletion requests within 30 days, subject to retention obligations imposed by law.
If you are located in the European Economic Area or the United Kingdom, you have the following rights regarding your personal data under the General Data Protection Regulation (Regulation (EU) 2016/679) and UK GDPR:
You have the right to request confirmation of whether we process personal data about you, and if so, to receive a copy of that data along with information about the purposes, categories, recipients, and retention periods of that processing.
You have the right to request correction of inaccurate personal data we hold about you, and to have incomplete personal data completed, without undue delay.
You have the right to request deletion of your personal data when it is no longer necessary for the purposes for which it was collected, when you withdraw consent, when you object to processing and there are no overriding legitimate grounds, or when data has been unlawfully processed. This right is subject to legal retention obligations.
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or when you have objected to processing pending verification of our legitimate grounds.
Where processing is based on consent or contract and carried out by automated means, you have the right to receive your personal data in a structured, commonly used, machine-readable format (such as CSV or JSON), and to transmit that data to another controller.
You have the right to object at any time to processing of your personal data based on legitimate interests or for direct marketing purposes. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests.
You have the right not to be subject to decisions based solely on automated processing that produce significant effects on you. Relynk does not make automated decisions that significantly affect individuals based solely on personal data, without human oversight.
To exercise any of the above rights, submit a written request to privacy@relynk.org with your full name, email address associated with your account, and a description of the right you wish to exercise. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection supervisory authority.
If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides you with additional rights regarding your personal information.
In the past 12 months, we have collected the following categories of personal information as defined by the CCPA: identifiers (name, email, IP address), commercial information (purchase history, subscription records), internet or other electronic network activity (browsing and platform usage data), geolocation data (approximate location from IP address), professional or employment-related information (company name, job title), and inferences drawn from this information to create a profile about a user's preferences.
You have the right to request disclosure of the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, our business or commercial purpose for collecting it, and the categories of third parties with whom we share it.
You have the right to request deletion of personal information we have collected from you, subject to certain exceptions permitted by law.
Relynk does not sell personal information as defined under the CCPA, nor do we share personal information for cross-context behavioral advertising purposes.
We will not discriminate against you for exercising your CCPA rights. We will not deny services, charge different prices, or provide a different level of service based on your exercise of privacy rights.
To submit a verifiable consumer request under the CCPA, contact us at privacy@relynk.org. We will respond within 45 days of receipt, with a potential 45-day extension if required, and will provide notice of any extension within the initial period.
The Relynk platform is purpose-built for industrial operational environments. The processing of industrial IoT data raises considerations that go beyond typical consumer data practices.
All industrial operational data â€" including sensor readings, SCADA outputs, maintenance records, and derived analytics â€" remains the property of the customer organization at all times. Relynk processes this data exclusively as a data processor acting on your instructions, as defined in the Data Processing Addendum incorporated into your Service Agreement.
Relynk accesses SCADA and industrial control system data through read-only API connections only. We do not write to, modify, or issue control commands to any operational technology (OT) system. Our integration architecture is specifically designed to maintain the integrity and safety of your industrial control environment.
Industrial data is transmitted from your facility to Relynk cloud infrastructure through encrypted, authenticated data connectors that operate in a unidirectional or tightly controlled manner. We do not require changes to your OT network firewall rules that would expose control system interfaces to the internet.
We recognize that operational data from industrial facilities may be safety-critical. Our platform is designed as a monitoring and intelligence layer â€" it does not control physical processes. Any alerts or recommendations generated by Relynk require human review and action by qualified personnel before affecting physical operations.
Upon termination of your service agreement, all industrial operational data associated with your account will be deleted from Relynk systems within 30 days of account closure, unless a longer period is required by applicable law or agreed upon in writing. You may request an export of your operational data in standard formats (CSV, JSON, or Parquet) prior to account closure.
Relynk does not use customer industrial data to train, fine-tune, or improve general machine learning models that are shared across customers. Anomaly detection and baseline modeling features are built per-customer using only that customer's own historical data, and these models remain associated exclusively with that customer's account.
We use cookies and similar tracking technologies on our website and platform. Cookies are small text files stored on your device that help us recognize returning users, maintain session state, and understand how our services are used.
We use the following categories of cookies:
For detailed information about the cookies we use, including their names, purposes, and durations, please see our Cookie Policy. You can manage your cookie preferences through our consent banner or through your browser settings.
Relynk implements comprehensive technical and organizational security measures to protect personal data and industrial operational data against unauthorized access, disclosure, alteration, or destruction.
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify affected users and relevant supervisory authorities within 72 hours of becoming aware of the breach, as required by GDPR Article 33. We will provide information about the nature of the breach, categories of data affected, likely consequences, and remediation measures taken.
Relynk is a US-based company and our primary data processing infrastructure is located in the United States. If you are located in the European Economic Area, the United Kingdom, or other jurisdictions with data transfer restrictions, your personal data may be transferred to and processed in the United States, which may not provide the same level of data protection as your home country.
We take the following measures to ensure adequate protection for international transfers:
A copy of our Standard Contractual Clauses is available upon request by contacting privacy@relynk.org.
The Relynk platform is designed for use by business professionals in industrial and manufacturing environments. We do not knowingly collect personal information from children under the age of 16. If you believe that a child under 16 has provided us with personal information, please contact us at privacy@relynk.org and we will promptly delete such information.
Our website may contain links to third-party websites or services that are not operated by Relynk. We are not responsible for the privacy practices of those third parties, and this Privacy Policy does not apply to their sites. We encourage you to review the privacy policy of any third-party service you access through links on our website.
We may update this Privacy Policy from time to time to reflect changes in our data processing practices, applicable law, or business operations. When we make material changes, we will:
Your continued use of the Relynk platform after the effective date of a revised policy constitutes your acceptance of the updated terms. If you do not agree with material changes, you may close your account before the changes take effect.
For any questions, concerns, or requests related to this Privacy Policy or our data processing practices, please contact our Privacy team:
Email: privacy@relynk.org
Mail: Relynk Inc., Attn: Privacy Team
180 N Wacker Drive, Suite 1400
Chicago, IL 60606
United States
We take privacy inquiries seriously and will respond to all requests within 30 days. For complex requests, we may require an additional period of up to 60 days in total, and will notify you of any extension within the initial 30-day period.
If you are located in the EEA or UK and are not satisfied with our response to your privacy inquiry, you have the right to lodge a complaint with your local data protection supervisory authority (such as the ICO in the UK, or your relevant EU national DPA).