Privacy Policy / Datenschutzerklärung

Last updated: December 7, 2025

Our Philosophy

Your privacy matters. QueryGlow is self-hosted software — your database credentials, queries, and data stay on YOUR servers. We never see them. This privacy policy explains what we do collect when you visit our website and purchase a license.

1. Data Controller

The data controller responsible for this website is:

Max Fischer
Lammersdorfer Straße 2
52159 Roetgen, Germany
Email: [email protected]
Phone: +49 2471 6100070

2. What We Collect

2.1 Website Analytics (PostHog EU)

We use PostHog (hosted in the European Union) to understand how visitors use our website. This helps us improve the user experience and fix bugs.

We capture basic usage data (pages visited, buttons clicked, device type).
We do not use cookies for cross-site tracking.
All analytics data is stored in the EU and is not shared with advertising networks.
Legal basis: Legitimate interest (Art. 6(1)(f) GDPR).

2.2 Google Search Console

We use Google Search Console to monitor our website's performance in Google Search. This tool provides aggregate, anonymized data about search queries. No personal data is collected directly by us through this service.

2.3 Purchase Information

When you purchase a license, we collect:

Email address: To deliver license access, product updates, and support.
Name: For personalized communication and invoicing.
GitHub username: To grant access to the private code repository.
Billing address & country: For invoice generation and tax compliance.

We do NOT store your payment card information. All payment processing is handled securely by Stripe. See Stripe's privacy policy: stripe.com/privacy

Legal basis: Contract performance (Art. 6(1)(b) GDPR) and legal obligations (Art. 6(1)(c) GDPR).

2.4 Support Emails

When you contact us via email, we store the correspondence to provide support and improve our service.

Legal basis: Contract performance and legitimate interest.

3. What We Do NOT Collect

Zero Access to Your Databases

The QueryGlow software runs entirely on your infrastructure. It does not transmit any data back to us. We cannot see your database credentials, schemas, queries, or any data you work with — even if we wanted to.

4. How We Use Your Information

To process your payment and deliver repository access.
To provide customer support via email.
To send critical product updates (e.g., security patches).
To comply with legal obligations (tax records, invoices).
To improve our website based on aggregated, anonymized usage statistics.

We do NOT send marketing emails unless you explicitly opt in. You will only receive transactional emails (purchase confirmation, access instructions) and critical security updates.

5. Data Sharing

We do not sell, trade, or rent your personal data. We share data only with these service providers:

Provider	Purpose	Location
Stripe	Payment processing	USA (EU SCCs)
GitHub	Repository access	USA (EU SCCs)
Resend	Transactional emails	USA (EU SCCs)
PostHog	Website analytics	EU (Frankfurt)

"EU SCCs" = Standard Contractual Clauses approved by the European Commission for international data transfers.

6. Data Retention

Purchase records: 10 years (German tax law requirement: §147 AO).
Support emails: 3 years after last contact, then deleted.
Analytics data: 26 months, then automatically deleted.
GitHub access: Maintained as long as your license is valid.

7. Your Rights (GDPR)

Under the EU General Data Protection Regulation, you have the right to:

Access: Request a copy of the personal data we hold about you.
Rectification: Request correction of inaccurate data.
Erasure: Request deletion of your data ("Right to be forgotten"), subject to legal retention requirements.
Restriction: Request limited processing of your data.
Portability: Receive your data in a structured, machine-readable format.
Objection: Object to processing based on legitimate interest.

To exercise these rights, contact: [email protected]

You also have the right to lodge a complaint with a supervisory authority. For Germany, this is the Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW).

8. Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encrypted connections (HTTPS), secure payment processing via Stripe, and access controls on our systems.

9. Changes to This Policy

We may update this privacy policy from time to time. Significant changes will be communicated via email to existing customers. The "Last updated" date at the top indicates when the policy was last revised.

10. Contact

For questions about this privacy policy or your personal data:

Max Fischer
Email: [email protected]
Phone: +49 2471 6100070

See also: Terms & Conditions | Impressum | License