Privacy Policy

Last updated July 18, 2026

Ray works inside your team’s chat. That means it handles real team conversations, so this page is specific about what it reads, what it keeps, who processes it, and how you delete it. Ray is operated by Creako Inc. (“we”, “us”). Questions: support@heyray.io.

What Ray reads

Ray sees messages in the channels and threads it has been invited to, and direct messages sent to it. It cannot see channels it isn’t a member of. When your team connects an integration (an issue tracker, email, a calendar), Ray reads from and writes to it only through that connection, and anything consequential — creating a ticket, sending an email — happens only after someone on your team approves it.

What Ray stores

  • Conversation context. Ray keeps the threads it actually participated in — the messages it engaged with and its own replies, plus rolling summaries of long threads — so follow-ups make sense. It does not archive your workspace: messages Ray stayed out of never enter durable storage (a short-lived context window, minutes-scale, is covered below).
  • Team memory. Durable facts your team tells Ray or that it learns from conversations it engaged in (preferences, constraints, who owns what), stored with embeddings so it can recall them later. Memory can be switched off by an admin at any time; corrections supersede rather than silently overwrite.
  • Action history. A record of the actions Ray performed (tool, title, a pointer to the created artifact) so it can answer “what did you do?” honestly.
  • Schedules and settings. Digest schedules, reminders, timezone, admin list, and the memory switch.
  • Governance records. A content-free audit trail of sensitive events (installs, approvals, admin changes, purges) — identifiers and hashes, not message text.
  • Billing state. Your plan and monthly task counts. Card details never touch our systems — payment runs entirely through Stripe.

How long it’s kept

Stored conversation context and team memory have no automatic expiry — they persist until your team deletes them (below) or uninstalls Ray. We’re explicit about this because it’s what makes Ray useful: an assistant that forgets your conventions every week isn’t a teammate. Around that durable core, the operational stores are short-lived:

  • In-flight coordination state (message buffers, recent-context windows, pending approvals) and platform caches (channel names, member display names and avatars) live in Redis with TTLs from seconds to a few days and clean themselves up.
  • Run records on our task infrastructure (Trigger.dev) — including debugging snapshots of what Ray was shown for a turn — expire with the platform’s retention window, at most 30 days.
  • Product analytics are metadata only — token counts, latency, cost, feature and model names. Message content is never sent to analytics.

Who processes it

Ray is built on infrastructure and AI providers. The list is short and deliberate; each receives only what its job requires:

  • OpenAI runs Ray's reasoning model (the conversations, memory, and tool results Ray works with) and generates memory embeddings.
  • Google (Gemini) decides whether Ray should respond to a message, extracts memory facts, and summarizes long threads.
  • Anthropic alternate reasoning model route, used only if we switch Ray's model — listed so the list stays true if we do.
  • Composio executes integration actions and holds the OAuth tokens for the tools you connect.
  • Exa web search queries, only when Ray searches the web.
  • Slack the platform Ray lives in.
  • Neon (Postgres) stores conversation context, memory, actions, schedules, and settings.
  • Upstash (Redis) short-lived coordination state and the encrypted Slack workspace token.
  • Vercel receives workspace events in transit (webhooks and web pages).
  • Trigger.dev runs Ray's background work; run records expire within at most 30 days.
  • PostHog (EU) product analytics — metadata only, never message content.
  • Stripe billing only — we never see card details.

Our AI providers process conversation content to generate Ray’s responses under API terms that do not permit using your content to train their models. We don’t sell your data, show ads, or train models of our own on it.

Deleting data

  • One fact: tell Ray to forget it (“Ray, forget that”). Retired memories stop being used immediately.
  • Everything: a workspace admin can ask Ray to purge all stored memory and conversation context. Because it’s irreversible, the purge asks for an in-channel approval first, visible to the team.
  • Memory off: an admin can switch durable memory off — Ray keeps working in the moment but stops remembering across conversations, and existing memory stays paused, not consulted.
  • Uninstall: removing Ray from your workspace stops all processing immediately, disconnects integrations, and deactivates schedules. Stored workspace data is deleted after a 30-day grace window; reinstalling within that window cancels the deletion. The content-free governance trail survives as our record that the deletion happened.

Integration credentials

When your team connects a tool, the OAuth tokens are held by Composio, our integration provider, scoped to your workspace. Your Slack workspace token is stored encrypted (AES-256-GCM) and deleted when you uninstall. Credentials are never placed in model context.

Your rights

Depending on where you are, you may have legal rights to access, correct, export, or erase personal data. The controls above cover the common cases instantly; for anything else, email support@heyray.io and we’ll handle it directly.

Changes

If we make material changes — a new subprocessor, a new data store — we’ll update this page and the date above.