Privacy Policy

1. What Information We Collect

Account Information

When you sign up, we collect basic information like your name, email address, and profile picture (from Google/GitHub OAuth). This helps us create and manage your account.

Payment Information

If you subscribe to a paid plan, our payment processor, Stripe, collects your payment information. We never see or store your full credit card details. Stripe is PCI-DSS compliant and handles all payment data securely.

Usage Information

We collect metadata about how you use our service, such as:

• API requests and response times
• CLI commands executed (not the data within them)
• Dashboard activity and feature usage
• IP addresses and browser information
• Database connection metadata (not the content)

This helps us improve our service, optimize performance, and prevent abuse.

Website Analytics

We use simple, privacy-focused analytics to understand website traffic and how users interact with our marketing site. We do not use invasive tracking or advertising pixels.

3. How We Use Your Information

We use the information we collect to:

• Provide and maintain the Service
• Process your transactions and send you related information
• Send you technical notices, updates, security alerts, and support messages
• Respond to your comments, questions, and customer service requests
• Monitor and analyze trends, usage, and activities in connection with our Service
• Detect, prevent, and address technical issues, fraud, and abuse
• Improve and personalize your experience with AgenticSQL

4. How We Share Your Information

We share your information only in the following limited circumstances:

With Service Providers

We work with trusted third-party services that help us operate our platform:

• Stripe for payment processing
• AWS for infrastructure and hosting
• Email service providers for transactional emails

These providers are contractually obligated to protect your data and use it only for the services they provide to us.

For Legal Reasons

We may disclose your information if required by law, such as to comply with a subpoena, court order, or other legal process. We will notify you of such requests unless prohibited by law.

What We Will Never Do

We will never sell your personal information to advertisers or other third parties.

Your trust is more valuable to us than any advertising revenue could ever be.

5. Data Security

We implement industry-standard security measures to protect your data, including:

• Encryption in transit (TLS/SSL) and at rest
• Regular security audits and penetration testing
• Access controls and authentication mechanisms
• Automated backups and disaster recovery procedures
• Network isolation and firewall protection

You can read more about our specific security architecture on our Security page.

While we take every reasonable precaution, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your data with the best tools and practices available.

6. Your Rights (GDPR & CCPA)

Depending on your location, you may have certain rights regarding your personal information:

Access and Portability

You have the right to request a copy of the personal information we hold about you. We'll provide this in a structured, commonly used format.

Correction

You can update your account information at any time through your dashboard. If you need help, contact us.

Deletion

You have the right to request deletion of your account and associated personal information. Note that this will permanently delete your databases and cannot be undone. We may retain certain information as required by law or for legitimate business purposes (like preventing fraud).

Opt-Out

You can opt out of marketing communications at any time by clicking the unsubscribe link in our emails or updating your preferences in your account settings.

How to Exercise Your Rights

To exercise any of these rights, email us at privacy@agenticsql.ai. We'll respond within 30 days.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. If you close your account, we will delete your personal information within 90 days, except where we are required to retain it for legal, tax, or regulatory purposes.

Your database backups are retained according to your plan's backup retention policy (typically 7-30 days). After that period, they are permanently deleted.

8. International Data Transfers

AgenticSQL is based in the United States, and our infrastructure is primarily hosted on AWS in US regions. If you are accessing our service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States.

We comply with applicable data protection laws and use standard contractual clauses approved by the European Commission for transfers of personal data from the EU/EEA.

9. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@agenticsql.ai, and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make changes, we will:

• Update the "Last updated" date at the top of this page
• Notify you via email if the changes are material
• Post a notice on our website or dashboard

Your continued use of the Service after any changes indicates your acceptance of the updated Privacy Policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: