Privacy Policy

Last updated: 2026-06-23

1. Scope

This Privacy Policy explains how we collect, use, store and protect your personal data when you use the dbgaze service. Our KVKK disclosure obligation regarding the processing of personal data is additionally set out in the KVKK Notice.

2. Data We Collect

  • Account data: name, email address, company/organization name and (if provided) profile data (industry, organization size).
  • Usage and technical data: session logs, IP address, browser/device information, activity and audit logs, consent records.
  • Service data: numeric performance metrics and counters collected from the monitored databases.
  • Payment data: on paid plans, plan and billing information (card data is processed by the payment provider and not stored by us).

3. Data We Do Not Collect

Query text / SQL content from your monitored databases is NOT collected. The agent collects only aggregate numeric metrics; it does not send query bodies, row data or table contents. This is a deliberate data-minimization choice under the KVKK.

4. How We Use Data

  • To create and manage your account and provide the Service (monitoring, alerting, reporting).
  • For billing and subscription management.
  • To ensure security, prevent abuse and fraud, and troubleshoot.
  • To meet our legal obligations and respond to requests.
  • Only with your explicit consent, to send product announcements and marketing messages.

5. Cookies and Similar Technologies

We use strictly necessary cookies and browser local storage to maintain your session and remember your preferences (such as language and theme). These technologies are required for the Service to function.

6. Retention and Security

Database passwords are encrypted server-side with AES-256-GCM and delivered to the agent via an X25519 sealed box; the agent uses a read-only database user. Access is isolated per tenant (organization) and subject to authorization checks. Metrics are kept for your plan's retention period; your account data is kept while the account is active and within legal retention obligations.

7. Sharing and Third Parties

We do not sell your personal data. We share data only with infrastructure and payment providers strictly necessary to operate the Service, under contractual confidentiality and to the extent required. Legally mandated requests from authorities are an exception.

8. International Transfers

Data is kept in a single region and is not transferred abroad. If a cross-border transfer becomes relevant in the future, the conditions required by the KVKK will be met and this policy updated.

9. Your Rights

You have rights to access, correct, delete, object to processing of, and port your personal data. The KVKK Article 11 details of these rights and the application method are set out in the KVKK Notice.

10. Children's Privacy

The Service is intended for business use and is not directed at persons under 18; we do not knowingly collect data from them.

11. Changes and Contact

We may update this policy from time to time; for material changes we will notify you. For questions, contact us at kvkk@dbgaze.com.