Sign in

1. Introduction

This Data Retention Policy outlines how Query Fast collects, uses, stores, and deletes user data. It also explains the duration for which different types of data are retained and the procedures for users to access or request deletion of their data. Query Fast is committed to protecting user privacy and handling all personal data in compliance with applicable laws, including GDPR and CCPA.

2. Data Collection and Usage

2.1. Personal Data

  • Collected Data: Name, email address.
  • Usage: For authentication, access control, and organization management.

2.2. Database Credentials

  • Collected Data: Database connection strings and credentials.
  • Usage: To securely connect to users' databases and provide the service.

2.3. Chat and Query History

  • Collected Data: Chat logs, user-generated queries, interactions.
  • Usage: To allow users to continue previous chats.

2.4. Product Usage Data

  • Collected Data: Usage metrics, logs, anonymized analytics.
  • Usage: To enhance user experience, ensure uptime, and improve the service.

2.5. Cached Schemas

  • Collected Data: Database schemas cached for query generation.
  • Usage: To facilitate quick and accurate SQL query generation.

3. Data Storage and Security

  • User and Organization Data: Managed by Clerk (clerk.com).
  • Database Credentials: Stored using AES-256 encryption with double encryption, at application level and database level.
  • Cached Schemas: Encrypted using AES-256 encryption in Redis (Upstash).
  • Hosting: All data is hosted on AWS Europe (Frankfurt) servers.
  • Query Results: Query Fast does not store any results from queries made towards the end user's database. Query results are processed in memory and returned directly to the user during the session. Once delivered, results are not retained or saved on our servers.
  • Encryption Key Management: The encryption key used at the application level to encrypt database credentials is unknown to everyone at Query Fast, ensuring that the credentials are unreadable to all personnel. Only Query Fast servers can decrypt and utilize the credentials securely during service operations.
  • Security Measures:
    • All data is encrypted at rest using AES-256 encryption.
    • All communications occur over HTTPS and TLS protocols.
    • Access to sensitive data is restricted and controlled.
  • No Data Sharing with External AI: Query Fast does not share user data—including query results—with any external AI or language-model services. By default, the only database-related information sent for query generation is the database schema itself, not the database contents. If a user voluntarily inputs any additional data into the chat (for example, by typing or pasting it directly), that data may be processed by the AI outside of Query Fast's secure environment.

4. Data Retention Periods

4.1. Cached Data

  • Retention Period: Cached schemas and related data are retained for a maximum of 6 hours.
  • Deletion: Automatically deleted after the retention period expires.

4.2. User Data, Chat History, Queries, and Credentials

  • Retention Period: Retained indefinitely unless deleted by the user or upon account termination.
  • Purpose: To provide continuity of service, allow users to access past queries, and improve the service.

4.3. Query Results

  • Retention Period: Query results are not stored. They are processed and delivered during the session, after which they are discarded from memory.
  • Purpose: To ensure privacy and prevent any retention of sensitive end-user database information.
  • No External Sharing: Query Fast does not transmit these results to any third parties or external AI services, unless the user explicitly inputs such data into the chat.

5. User Rights and Data Requests

5.1. Accessing Your Data

  • Users can request access to their personal data, chat history, and other information by contacting us at support@query-fast.com.
  • We will provide the requested information within a reasonable timeframe, in accordance with applicable laws.

5.2. Deletion of Data

Individual Users

  • Users may request deletion of their personal data at any time by contacting support@query-fast.com.
  • Upon verification, we will permanently delete the user's personal data and directly tied data.
  • Entities created by a user (e.g., queries, chat history) that are shared within an organization may remain accessible to other authorized users unless explicitly requested for deletion by an organization admin.

Organization Admins

  • Organization admins can request deletion of the organization's data, resulting in permanent deletion of all related data for that organization.
  • Requests should be sent to support@query-fast.com.
  • We will process the deletion promptly, ensuring all associated user data within the organization is permanently removed.

5.3. Retention of Data After Deletion Requests

  • Legal Obligations: We may retain certain data if necessary to comply with legal obligations, resolve disputes, or enforce our agreements.
  • Anonymized Data: Non-identifiable aggregate data may be retained for analytical purposes.

6. Procedures for Data Deletion

  • Verification: We may require verification of identity before processing data deletion requests to protect user privacy.
  • Timeframe: Data deletion requests will be processed within 30 days of receipt.
  • Confirmation: Users will receive confirmation once their data has been deleted.

7. Data Security Measures

  • Encryption: All sensitive data, including database credentials, is encrypted using AES-256 encryption.
  • Secure Access: Only authorized personnel have access to user data.
  • Infrastructure Security: Protected by Vercel Firewall, which includes DDoS mitigation, IP blocking, and other advanced features.

8. Changes to the Data Retention Policy

  • We may update this Data Retention Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons.
  • Notification: Users will be notified of significant changes via email or through announcements on the Query Fast platform.
  • Effective Date: The updated policy will include the date of the most recent revision.
  • Continued Use: Continued use of the service after changes constitutes acceptance of the updated policy.

9. Contact Information

If you have any questions or concerns about this Data Retention Policy or wish to request access to or deletion of your data, please contact us at:

10. Compliance with Data Protection Laws

  • GDPR Compliance: Users in the European Union have additional rights under the General Data Protection Regulation (GDPR), including the right to erasure, data portability, and to restrict processing.
  • CCPA Compliance: Users in California have rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected and the right to request deletion.

11. User Consent

  • By using Query Fast, users consent to the collection, use, storage, and deletion of their data as described in this policy.
  • Users have the right to withdraw consent at any time by requesting deletion of their data and terminating their account.

Effective Date: 2024-11-20

Data Requests and Deletion

At Query Fast, we respect your privacy and provide you with control over your personal data.

How to Request Your Data

  • Access Request: To request a copy of your personal data, please email us at support@query-fast.com with the subject line “Data Access Request.”
  • Information Provided: We will supply you with a copy of your personal data that we hold, including personal information, chat history, and query logs associated with your account.

How to Request Data Deletion

  • Deletion Request: To request deletion of your personal data, please email us at support@query-fast.com with the subject line “Data Deletion Request.”
  • Process:
    1. We will verify your identity to ensure the security of your data.
    2. Upon verification, we will permanently delete your personal data from our systems.
    3. Deletion will include personal information, database credentials, chat history, and any other data directly tied to your account.
  • Confirmation: You will receive a confirmation email once your data has been deleted.

Notes on Data Deletion

  • Shared Data: Data shared within an organization may remain accessible to other authorized users unless an organization admin requests its deletion.
  • Backup Systems: Some data may remain in backup archives for a limited period before being overwritten; this data is not accessible during this period.
  • Legal Requirements: We may retain certain data if required by law or for legitimate business purposes, such as fraud prevention or security.

Commitment to Data Privacy

We are committed to ensuring the privacy and security of your data. If you have any questions about this policy or your data, please do not hesitate to contact us at support@query-fast.com.

Effective Date: 2024-11-20

Query Fast
© Query Fast 2025.
All rights reserved.

Content

Legal

Register

Query Fast