Releem Privacy and Data Processing Policy

At Releem, Inc. ("Releem," "Company," "Us," "We," or "Our"), we are committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your Personal Information when you use our website, available at releem.com ("Site"), and our services ("Service"). The Service provides database monitoring and optimization services.
By accessing our Site or our Service, you accept this Privacy and Data Processing Policy and our Terms of Use, and you consent to our collection, storage, use, and disclosure of your Personal Information as described herein.

"Site" refers to the Company's website, accessible at releem.com. "Service" refers to the Company's services accessed via the Site, where users can monitor and tune the configuration of database servers. "You" or "Customer" refers to you, as an authorized user of our Site or our Service, typically an employee or representative of an organization that subscribes to Releem's services. "Personal Information" includes data that can be used to identify an individual. For Releem's Service, this primarily refers to customer-provided email addresses, name, and related authentication data of authorized users of the Releem platform. Important: We do not collect or process any personal data from end-users of your services or applications. "Non-Personal Information" includes information that cannot be used to personally identify you, such as anonymous usage data, general demographic information, referring/exit pages and URLs, platform types, preferences you submit, preferences generated based on submitted data, and the number of clicks.

We collect both "Non-Personal Information" and "Personal Information."

To activate and use the Service, we track information provided by your browser or by our software application when you view or use the Service. This includes:

• The website you came from (referring URL).
• The type of browser you use.
• The device from which you connected to the Service.
• The time and date of access.
• Your IP address (collected to screen for potential risk and fraud, and to improve/optimize the Site or Service).
• Other usage data that does not personally identify you.

We track this information using cookies and similar tracking technologies to track the activity on our Website or Service Platform, which are small text files including an anonymous unique identifier. Cookies are sent to your browser from our servers and stored on your computer's hard drive. They enable us to collect Non-Personal Information and record your preferences, both individually and in aggregate. We may use both persistent and session cookies; persistent cookies remain on your computer after you close your session until you delete them, while session cookies expire when you close your browser.

To become a subscriber to the Service, you will need to create a personal profile. This involves registering with the Service and entering your email address, name, and creating a username and password. By registering, you authorize us to collect, store, and use this Personal Information in accordance with this Privacy Policy.
Releem's Services primarily involve the processing of technical data related to database performance and configuration, and do not involve collecting or processing personal data from the end-users of our customers' applications. The personal data we do collect is limited to the authorized users of the Releem platform itself, which is necessary for authentication, authorization, notifications, reporting, support, and user access control.

Our Site and Service are not directed to anyone under the age of 13. We do not knowingly collect or solicit information from anyone under the age of 13, nor do we allow anyone under the age of 13 to sign up for the Service. If we learn that we have gathered personal information from anyone under the age of 13 without parental or guardian consent, we will delete that information as soon as possible. If you believe we have collected such information, please contact us at hello@releem.com.

We do not sell, trade, rent, or otherwise share your Personal Information for marketing purposes with third parties without your explicit consent, nor do we intend to do so.

We share Personal Information only with vendors who perform services for the Company (sub-processors), such as email communication servers or payment gateways. These vendors are provided access to your email address or other necessary Personal Information solely for purposes of delivering services to us and only at our direction and in accordance with our Privacy Policy and relevant Data Processing Agreements.

In general, the Personal Information you provide to us is used to help us communicate with you. For example, we use Personal Information to:

• Respond to your questions and solicit feedback.
• Provide technical support.
• Inform you about promotional offers related to our services.
• Provide notices about your account and/or subscription, including expiration and renewal notices.
• Carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
• Manage authentication, authorization, and user access control within the Releem platform.

We may share Personal Information with outside parties if we have a good-faith belief that access, use, preservation, or disclosure of the information is reasonably necessary to:

• Meet any applicable legal process or enforceable governmental request.
• Enforce applicable Terms of Service, including investigation of potential violations.
• Address fraud, security, or technical concerns.
• Protect against harm to the rights, property, or safety of our users or the public as required or permitted by law.

We use Non-Personal Information to help us improve the Service and customize the user experience. We also aggregate Non-Personal Information to track trends and analyze usage patterns on the Site. This Privacy Policy does not limit our use or disclosure of Non-Personal Information, and we reserve the right to use and disclose such Non-Personal Information to our partners, advertisers, and other third parties at our discretion.

Releem engages third-party sub-processors to provide our Service. A list of our current sub-processors includes:
Amazon Web Services (AWS): Cloud infrastructure
Google Cloud Platform (GCP): Cloud infrastructure
Microsoft Azure: Cloud infrastructure
Crisp: Support services
Posthog: Product analytics
Plausible: Traffic analytics
Paddle: Payment gateway and analytics

We operate under standard Data Processing Agreements (DPAs) with all major sub-processors, ensuring that data protection obligations compatible with our commitments are in place. These agreements restrict data use to authorized purposes only.

Data is processed and stored on AWS, GCP, and Azure infrastructure. The location of data storage may be subject to variation, with potential sites including either the US or EU region.
Unless otherwise agreed the default location is: United States (e.g., AWS us-west-2 - Oregon; Azure West US 2 - Quincy, WA). In instances where the General Data Protection Regulation (GDPR) is applicable, Standard Contractual Clauses (SCCs) are employed when necessary to ensure sufficient protection for transferred personal data.

We implement security measures designed to protect your information from unauthorized access.

• Account Protection: Your account is protected by your account password, and we urge you to take steps to keep your personal information safe by not disclosing your password and by logging out of your account after each use.
• Technological Security Measures: We protect your information from potential security breaches by implementing certain technological security measures including encryption, firewalls, and secure socket layer (SSL) technology.
• Data Encryption: The data is encrypted both during storage and during transmission.
• Access Controls: Role-based access control is enforced, restricting access to your Personal Information solely to personnel who need it to perform their duties in accordance with our agreement.
• Cloud Infrastructure Security: We leverage the robust security measures provided by our cloud infrastructure providers (AWS, GCP, Azure), including physical security of data centers, network controls, and monitoring.
• Backup and Recovery: Automated cloud-based daily backups with configurable geo-redundancy and recovery.
• Incident Detection and Response: Monitoring and internal alerting in place to detect data breaches across our data stores. We commit to immediate notification of any data breaches affecting client data.
• Ongoing Security: We conduct internal reviews and maintain continuous security monitoring through cloud provider tools and internal processes to regularly test, assess, and evaluate our organizational and technical security measures.

However, these measures do not guarantee that your information will not be accessed, disclosed, altered, or destroyed by a breach of such firewalls and secure server software. By using our Service, you acknowledge that you understand and agree to assume these risks.

We recognize and are working towards supporting the data protection rights afforded to individuals under applicable laws like the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

If you are a resident of the European Union (EU) or European Economic Area (EEA), you have certain data protection rights under GDPR. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information. These rights include:

• The right to access: To be informed about and request access to your Personal Information we process.
• The right to rectification: To request that we amend or update your Personal Information if it is inaccurate or incomplete.
• The right to erasure ("right to be forgotten"): To request that we delete your Personal Information.
• The right to restrict processing: To request that we temporarily or permanently stop processing all or some of your Personal Information.
• The right to object to processing: To object to us processing your Personal Information.
• The right to data portability: To request a copy of your Personal Information in electronic format and to transmit that Personal Information for use in another party’s service.
• The right to withdraw consent: Where we rely on your consent to process your Personal Information, you have the right to withdraw that consent at any time.

Please note that we may ask you to verify your identity before responding to such requests. We may not be able to provide the Service without some necessary data. You also have the right to complain to a Data Protection Authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority in the EEA.

If you are a California resident, you are entitled to learn what data we collect about you, ask to delete your data, and not to sell or share it.

• Right to Know: You can request to know the categories and specific pieces of Personal Information we have collected about you, the categories of sources from which it was collected, the business or commercial purpose for collecting it, and the categories of third parties with whom we share it.
• Right to Delete: You can request that we delete the Personal Information we hold about you. In some cases, deletion may be accomplished through de-identification. If you choose to delete your Personal Information, you may not be able to use certain functions that require it.
• Right to Opt-Out of Sale/Sharing: We do not sell or rent your Personal Information to any third parties for any purpose.

We honor Do Not Track signals and do not track, plant cookies, or use advertising when a Do Not Track browser mechanism is in place. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.
To exercise any of these data protection rights, please contact us at hello@releem.com.

Your Personal Information is retained for the duration of your account’s active use. Deletion of production data is performed immediately upon account termination or explicit request. Backup deletion occurs as part of our standard backup rotation. We may retain your Personal Information for our compliance with a legal, accounting, or reporting obligation or for archiving purposes in accordance with applicable law.

The Company reserves the right to change this policy and our Terms of Service at any time. We will notify you of significant changes to our Privacy Policy by sending a notice to the primary email address specified in your account or by placing a prominent notice on our site. Significant changes will go into effect 30 days following such notification. Non-material changes or clarifications will take effect immediately. You should periodically check the Site and this privacy page for updates.

If you have any questions or concerns regarding this Privacy Policy or our privacy practices, please contact us by sending an email to hello@releem.com or by mail at: Releem, Inc., 500 Westover Drive #11329 Sanford, NC 27330 USA

Last Updated: September 4, 2025