Legal

Privacy Policy

Last updated: July 6, 2026

Draft — pending legal review. This is placeholder boilerplate provided for launch readiness and has not been reviewed by counsel. Replace with a reviewed policy (and confirm GDPR/CCPA obligations) before relying on it.

1. Overview

This Privacy Policy explains how LeafSQL Inc. ("LeafSQL", "we", "us") collects, uses, and protects information when you use our platform and website. We aim to collect only what we need to operate the Service.

2. Information we collect

  • Account information — name, email, and authentication data you provide when signing up.
  • Database connection metadata — connection details you configure so we can operate on your databases on your behalf.
  • Usage data — queries run, features used, and diagnostic logs needed to provide and improve the Service.
  • Billing data — handled by our payment processor (Stripe); we do not store full card numbers.

3. How we use information

We use information to provide, maintain, secure, and improve the Service, to process payments, to communicate with you, and to comply with legal obligations. We do not sell your personal information.

4. Your database content

When you connect a database, LeafSQL accesses schema and data as needed to fulfill your requests. We do not use your database content to train models. Access is governed by the permissions and confirmation gates configured in your account.

5. Analytics

Our website may use privacy-friendly, cookieless analytics (Plausible) to understand aggregate traffic. This does not track individuals across sites or build advertising profiles.

6. Sub-processors

We rely on trusted third parties to operate the Service, including cloud hosting, our payment processor (Stripe), and AI model providers used for query generation. Each is bound by its own security and privacy commitments.

7. Data retention and security

We retain information for as long as your account is active or as needed to provide the Service and meet legal obligations. We apply reasonable technical and organizational measures to protect your data, though no system is perfectly secure.

8. Your rights

Depending on your location, you may have rights to access, correct, export, or delete your personal data. To exercise these rights, contact us at the email below.

9. Contact

Questions about privacy? Email [email protected].