A technical reference for IT administrators, security teams, and MSPs evaluating Relevare for deployment. Permissions, network behavior, data model, compliance posture, and managed deployment options.
Last updated: March 2026 — security@relevare.tech
Relevare is a desktop agent that observes screen and application activity on the local machine, runs an AI analysis pipeline entirely on-device, and surfaces workflow bottleneck insights and dollar-cost estimates to the user. An optional cross-organization dashboard aggregates anonymized patterns across a team for leadership visibility.
The product runs as a native desktop application on macOS and Windows.
| Permission | Why it is needed | What it accesses |
|---|---|---|
| Screen Recording | Captures the content of the focused (frontmost) window to identify which applications and workflows are in use | Foreground window content only. Background windows are never captured. |
| Accessibility API | Extracts text from application windows without OCR where supported — faster and more accurate than pixel-based capture | Text content of the active window via the macOS accessibility tree. No interaction with application logic or data outside the visible window. |
| Local Filesystem | Reads and writes to a local SQLite database and log files | Writes only to ~/.relevare/ (database, logs, configuration, automations). No access to documents, downloads, or other user directories. |
| Permission | Why it is needed |
|---|---|
| Screen capture | Same as macOS — foreground window content only |
| UI Automation API | Windows equivalent of the macOS accessibility tree for text extraction |
| Local filesystem | Equivalent local directory for database, logs, and configuration |
Relevare makes the minimum possible number of outbound calls. The full inventory is documented here.
| Call | When | Payload | Destination |
|---|---|---|---|
| Activation ping | Once, on first launch (fire-and-forget; failures do not block startup) | Signed install JWT (issued at email-gated download, contains organization context), app_version, and platform. No screen data. No captured content. |
Relevare activation function (hosted on Supabase Edge Functions) |
| Update check | Periodic background check | Current version string and platform. No user data. | relevare.tech (minisign-verified) |
| Product telemetry | Periodic batched send (free tier: on by default; Pro: off by default, toggleable; Org: controlled by org admin) | Anonymous, content-free product usage events: feature interactions, activation funnel steps, intelligence pipeline cost and latency by stage, live notification fire/dismiss/ack rates, hashed device ID, plan tier. Never screen content, OCR text, prompts, LLM outputs, URLs, file paths, raw app titles, user/host names, or any captured user content. App names bucketed by category or restricted to an allowlist of well-known apps. | Relevare telemetry endpoint |
| Crash reports | When the app crashes (toggleable separately from product telemetry; default on for support) | Sanitized stack trace with $HOME, usernames, and path components stripped. App version, OS version. No user content. |
Relevare crash reporting endpoint |
| Intelligence analysis | Each analysis cycle, when the user has connected their own ChatGPT or Claude account | Privacy-filtered workflow metadata (app names, window titles, usage durations, personal-app-filtered observations). Never raw screen content, OCR text, screenshots, or audio. | OpenAI or Anthropic API, under the user's own account |
Relevare-hosted infrastructure receives only the activation ping, content-free product telemetry, and crash reports from a free-tier installation — we operate zero customer-data infrastructure for captured content on free tier. If the user connects their own ChatGPT or Claude account, workflow metadata flows directly from their machine to their own LLM account over TLS, governed by that provider's terms. If they don't connect anything, the intelligence pipeline simply skips the LLM stages and no analysis traffic leaves the device. An in-app telemetry viewer surfaces the exact events queued for the next batch send — free users cannot disable product telemetry but can always inspect what is being sent; Pro users disable it with a single switch.
Pro bundles Deep Research (live web search) and Telemetry Control (single-switch disable of anonymous product telemetry).
| Call | When | Payload | Destination |
|---|---|---|---|
| Activation ping | Once, on first launch | Same as free tier | Relevare activation endpoint |
| Product telemetry | Off by default on Pro. Toggleable in settings. | If enabled, same content-free payload as free tier. | Relevare telemetry endpoint |
| Crash reports | Default on (toggleable separately; recommended on for support) | Same sanitized payload as free tier | Relevare crash reporting endpoint |
| Web search queries | During each analysis cycle when deep research is enabled | Search queries derived from detected bottleneck context. No screen content, no employee names, no file contents. | Relevare research proxy |
| Research synthesis | During each analysis cycle | Same query context as above | Relevare LLM endpoint |
Deep research calls contain abstracted workflow context only. They do not contain raw screen data, filenames, application content, or any personally identifiable information.
Team tier adds optional zero-knowledge encrypted sync to Relevare-hosted storage. This enables cross-device access and the aggregated org dashboard.
| Call | When | Payload | Destination |
|---|---|---|---|
| Encrypted blob sync | Periodic, when sync is enabled | Ciphertext blobs encrypted on-device with ChaCha20-Poly1305 using a key derived from the user's password via Argon2id. Search tokens are HMAC-SHA256 over the same key (revealing neither the plaintext nor the search terms). The server stores ciphertext only; it never receives the key. | Relevare sync infrastructure (hosted on Supabase, BAA available) |
| Org dashboard aggregation | Background, server-side | No additional client-to-server payload — aggregation runs over the same encrypted sync data after authorized decryption on the dashboard. Individual employees are never attributable; only cross-team patterns and dollar-cost roll-ups are surfaced. | Relevare org dashboard |
Sync is opt-in and can be disabled in app settings. When disabled, the team-tier installation makes no calls beyond the deep-research-tier inventory above.
You do not need to take our word for the network call inventory. You can verify it yourself.
# Install Wireshark or use the built-in tcpdump
# Run during a full Relevare session including first launch
sudo tcpdump -i any -w relevare_capture.pcap host [your-machine-ip]
# Or filter to Relevare's process specifically:
lsof -i -n -P | grep -i relevareOpen the capture in Wireshark and filter by the Relevare process. On a free tier installation you will see: (1) one outbound TLS connection to the activation endpoint on first launch, (2) periodic content-free product telemetry batches (typically hourly, ~1 KB each — inspectable in the local telemetry viewer before send), and (3) update-check requests to relevare.tech. If the user has connected an LLM account, you will additionally see analysis-cycle calls to OpenAI or Anthropic carrying privacy-filtered workflow metadata only. On a Pro installation with telemetry disabled, only the activation ping, update checks, and (if enabled) deep-research/LLM-analysis traffic appear.
# Database location
~/.relevare/db.sqlite
# Inspect with any SQLite browser or:
sqlite3 ~/.relevare/db.sqlite .tables
sqlite3 ~/.relevare/db.sqlite "SELECT * FROM intelligence_insights LIMIT 5;"
# Log files
~/.relevare/relevare.YYYY-MM-DD.0.log
# Watch what the pipeline is doing in real time
tail -f ~/.relevare/relevare.*.logYou can verify directly what is stored, what the intelligence pipeline produces, and confirm that no raw screen content persists beyond the retention window.
No keystrokes. No mouse movements. No clipboard contents. No background window content.
The retention scheduler runs hourly with per-layer TTLs that reflect how the intelligence pipeline actually consumes each data type:
| Data layer | Default TTL | Why this TTL |
|---|---|---|
| JPEG snapshots | 1 day | Largest disk consumer. Never read by the intelligence pipeline. |
| Accessibility tree JSON (raw) | 3 days | Forensic-only once flattened to text. |
| Frame text (accessibility text + OCR) | 14 days | Powers in-app search and recent-insight drilldown. |
| Frame metadata (timestamps, app/window, hashes) | 90 days | Cheap; enables trend analysis and profile re-inference. |
| Intelligence metadata (insights, ledger, summaries) | Forever | Product output; contains no raw captured content. |
Most layers NULL out specific columns rather than deleting rows — only the metadata layer issues row-level deletes. The intelligence tables are never touched by the retention scheduler.
The SQLite database is encrypted at rest using SQLCipher (AES-256). The key is auto-generated on first launch (32 random bytes), stored at ~/.relevare/.db-key with mode 0600 on Unix, and applied via PRAGMA key. Without it, sqlite3 ~/.relevare/db.sqlite returns file is not a database. Existing unencrypted databases from earlier releases are migrated transparently on upgrade.
password, private, incognito, or secret| Parameter | Default | Notes |
|---|---|---|
--retention-days 0 |
Tiered defaults above | 0 disables every layer (keep forever). Any non-zero value uses the tiered defaults. |
| Intelligence metadata | Kept indefinitely | Never purged automatically |
| Product analytics & error telemetry | Free: on. Pro: off by default. Org: org-admin controlled. | Anonymous, content-free product usage events and sanitized crash reports. Never contains screen content, OCR text, prompts, LLM outputs, URLs, file paths, raw app titles, or user/host names. Inspectable via in-app telemetry viewer before send. See Section 3 (Network Calls) for full payload detail. |
IT administrators can configure retention at deployment time via CLI flag or environment variable. Custom uniform TTLs are also supported by setting individual layer values in the deployment config.
The HTTP API at 127.0.0.1:3030 requires authentication for all mutation endpoints (POST, PUT, PATCH, DELETE). A 32-byte API key is auto-generated on first launch and stored at ~/.relevare/api-key.txt. Read endpoints (GET) and the /health liveness check are exempt. This prevents cross-process abuse from other local applications — including malicious browser extensions and CSRF from a logged-in tab.
API keys (BYOK), ChatGPT OAuth tokens, and Claude setup tokens are stored in the operating system's native credential store — macOS Keychain (Security.framework) or Windows Credential Manager — via the keyring crate under service name tech.relevare.desktop. Existing plain-text credentials from earlier releases are migrated on first launch and the old files are deleted. If the keychain is unavailable (CI, headless), Relevare falls back to file-based storage with a warning log.
Relevare exposes an MCP tool (deploy-pipe) that lets AI assistants like Claude Desktop install workflow automations on the user's machine. Every deploy-pipe call surfaces a desktop confirmation dialog before the automation is written to disk or enabled. The dialog has a 60-second timeout and defaults to deny. This closes the indirect-RCE surface from third-party MCP clients writing arbitrary pipe content.
The org dashboard is an optional paid feature. Understanding how it works is important for evaluating the privacy implications for employees.
Only anonymized, aggregated intelligence patterns are transmitted to the org dashboard:
Employees can see exactly what their manager sees in the org dashboard. There is no hidden view available to administrators that is not also visible to the employee. This is a product constraint, not a setting.
Current status as of March 2026:
| Framework | Status | Notes |
|---|---|---|
| Privacy policy | published | Plain-language plus formal GDPR/CCPA sections at /privacy. |
| Terms of service | published | Available at /terms. |
| SOC 2 Type II | in progress | Audit underway, not yet certified. |
| HIPAA (team tier) | architecture compatible, BAA available | Team-tier infrastructure is hosted on Supabase, which has executed a BAA with us. We can sign a BAA with team-tier customers in regulated industries. Not yet formally audited as an entity. |
| ISO 27001 | planned | Planned post-SOC 2 |
| GDPR | minimized exposure | On-device architecture minimizes exposure. Data processing addendum available on request. |
| CCPA | minimized exposure | On-device architecture minimizes exposure. Privacy policy documents consumer rights. |
We will not claim compliance we have not achieved. If your organization requires a specific certification before deployment, contact us to discuss timeline and interim controls.
All Relevare release binaries are:
Do not deploy binaries obtained from any other source. If your MDM or software distribution system requires a verified hash, contact us at security@relevare.tech and we will provide SHA-256 checksums for each release.
Relevare can be deployed silently via MDM. The signed and notarized .pkg installer accepts the following deployment configuration:
--retention-days override--intelligence-interval-secs override--host binding (for LAN-only deployments)MSI installer with equivalent silent deployment parameters. Contact it@relevare.tech for deployment documentation.
Silent deployment without employee knowledge is never acceptable. All deployment modes include a mandatory employee consent flow. Employees must be informed that Relevare is running and must have visibility into what data is being collected.
| Contact | Purpose |
|---|---|
| security@relevare.tech | Security vulnerabilities, data concerns, compliance questions |
| it@relevare.tech | IT deployment support, MDM configuration, managed deployment |
For security vulnerability disclosure, we follow a 90-day responsible disclosure policy. Please contact security@relevare.tech before public disclosure. We acknowledge reports within 48 hours and triage within 7 days.