This Privacy Policy describes how Simon Mathewson ("we", "us", or "our") collects, uses, and shares information in connection with your use of the SmartQuery application, including the website (https://smartquery.dev) and related services (collectively, the "Service"). We are committed to protecting your privacy and handling your data in an open and transparent manner, in compliance with the General Data Protection Regulation (GDPR).
1. Data Controller
The data controller responsible for your personal data is:
Simon Mathewsonc/o Postflex #9085
Emsdettener Str. 10
48268 Greven
Germany
Email: support@smartquery.dev
2. General Principles of Data Processing
SmartQuery is 100% local. The application does not use user accounts or cloud sync—all connection data and credentials stay on your device. This privacy policy applies to your use of our website (about.smartquery.dev) and, where applicable, to data processed when you use AI features within the application (e.g. when schema information is sent to third-party AI providers). We do not collect or store your database connections or credentials.
3. Data We Collect, Purpose, and Legal Basis
a) When You Visit Our Website
When you access our website, your browser automatically transmits server log data, including your IP address, browser type, and time of access. This data is processed for the legitimate interest of ensuring the security and stability of our system (Art. 6(1)(f) GDPR).
b) When You Use AI Features in the Application
When you use integrated AI features (e.g. powered by third-party APIs such as OpenAI), your prompt and database schema definitions (table structures, column names, types) may be sent to the relevant provider. We never send your actual database content or records. This processing is necessary to provide the AI feature (Art. 6(1)(b) GDPR).
c) Analytics and Performance Monitoring
We may use tools such as Google Analytics and AWS CloudWatch RUM to understand website usage and monitor performance. These tools are only activated if you provide your explicit prior consent (Art. 6(1)(a) GDPR) via our cookie/consent banner. You can withdraw your consent at any time. We have enabled IP anonymization for Google Analytics where applicable.
4. Sharing Your Data & Third-Party Processors
We do not sell your personal data. We only share data with trusted third-party service providers (data processors) who help us operate our website and, where you use them, AI features—under strict data processing agreements where required.
- Hosting: Our website may be hosted on infrastructure such as Amazon Web Services (AWS), with servers in regions such as Frankfurt, Germany.
- AI providers: When you use AI features, data (prompt and schema only, as described above) may be sent to providers such as OpenAI, which may process it in the U.S. under appropriate legal safeguards.
- Analytics: With your consent, we may use services such as Google Analytics for website analytics.
5. Data Storage Location
We do not store user account data (there are no user accounts). Website and server log data may be processed and stored on infrastructure such as AWS in Germany. Your database connections and credentials remain only on your device.
6. Your Rights Under GDPR
As a data subject, you have the right to access, rectify, erase, restrict processing of, and port your personal data. You also have the right to object to processing, withdraw consent, and lodge a complaint with a supervisory authority. To exercise your rights, please contact us using the details provided in Section 1.
7. Data Security
We use appropriate technical and organizational security measures, such as encryption and access controls, to protect your data against accidental or intentional manipulation, loss, destruction, or unauthorized access.
8. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on our website or by other means of contact.