Answer for how things are today, not how they should be. Nothing is sent anywhere unless you choose to.
See what REL would contain and remediate in your environment
Every line above is part of the loop REL closes: it contains the threat, applies the approved fix, validates it held, and rolls back automatically if it did not, with every action authorized by you and written to a tamper-evident audit log. The assessment maps that to your stack and the findings you are sitting on, and the authorization model and kill switch we would configure first. Month-to-month, scoped to you, no calls.
This is a directional self-check, computed in your browser from your own answers. It does not connect to, scan, or change any system, and it is not an audit. "Not sure" is counted as a gap on purpose: a control you cannot evidence is one you cannot yet claim. REL itself acts only inside your environment, under authorization you grant, and every action it takes is reversible and audited.