Privacy Policy
Last Updated: February 15, 2026
Supaview ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Supabase analytics and monitoring platform available at supaview.co (the "Service").
1. Information We Collect
1.1 Account Information
When you create an account, we collect:
- •Identification Data: Name, email address, and profile picture (if provided via OAuth)
- •Authentication Data: Password (hashed and encrypted) or OAuth tokens from providers like GitHub or Google
- •Account Preferences: Settings, notification preferences, and display preferences
1.2 Usage Data
When you use our Service, we automatically collect:
- •Analytics Data: Queries executed, dashboards created, alerts configured, and features used
- •Performance Metrics: Response times, error rates, and service reliability data
- •Device Information: Browser type, operating system, device type, and screen resolution
- •Log Data: IP address, access timestamps, pages viewed, and referring URLs
1.3 Supabase Project Data
When you connect your Supabase projects to Supaview:
- •Connection Metadata: Project IDs, connection settings, and configuration preferences
- •Schema Information: Table names, column names, and relationship structures (for visualization and AI features)
- •Query Results: Aggregated and anonymized query results used to generate your dashboards and reports
Important: We do not store your Supabase database credentials. Authentication is handled through secure tokens that you can revoke at any time through your Supabase dashboard.
1.4 Payment Information
For paid subscriptions, we collect:
- •Billing Information: Name, email, and billing address
- •Payment Data: Payment method details (processed securely by Stripe)
We do not store your complete credit card numbers or bank account details. Payment processing is handled by Stripe, which is PCI DSS compliant.
2. How We Use Your Information
We use the information we collect to:
- •Provide Our Service: Operate and maintain your dashboards, execute queries, and deliver alerts
- •Improve Our Platform: Analyze usage patterns to enhance features and user experience
- •Communicate With You: Send service updates, security alerts, and respond to support requests
- •Process Payments: Handle subscription billing and payment transactions
- •Ensure Security: Detect and prevent fraud, abuse, and security vulnerabilities
- •Comply With Legal Obligations: Respond to lawful requests and legal proceedings
- •Power AI Features: Use schema information and query patterns to provide AI-powered SQL assistance
3. Data Storage and Security
3.1 Data Storage
Your data is stored securely using Supabase, our infrastructure partner. Supabase provides enterprise-grade security with:
- •Data encryption at rest and in transit (TLS 1.3)
- •Regular security audits and compliance certifications
- •Geographic data residency options
- •Automated backups and disaster recovery
3.2 Security Measures
We implement robust security practices including:
- •End-to-end encryption for data in transit
- •Row-level security policies to isolate customer data
- •Regular security assessments and penetration testing
- •Access controls and audit logging
- •Incident response procedures
While we take extensive measures to protect your data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
4. Third-Party Services
We use the following third-party services that may collect and process your data:
4.1 Stripe
Payment processing is handled by Stripe, Inc. Stripe collects and processes your payment information in accordance with their privacy policy. We only receive confirmation of successful payments and basic billing information necessary for account management.
4.2 Authentication Providers
When you sign in using OAuth providers (GitHub, Google), these providers may share your public profile information with us. Each provider handles your data according to their respective privacy policies.
4.3 Analytics Services
We may use analytics services to understand how our Service is used. These services collect anonymized or pseudonymized data about your interactions with our platform.
5. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to:
- •Essential Cookies: Maintain your session and authentication state
- •Preference Cookies: Remember your settings and preferences
- •Analytics Cookies: Understand how you use our Service
- •Security Cookies: Detect and prevent security threats
You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of our Service.
6. Data Retention
We retain your data for as long as necessary to:
- •Provide our Service to you
- •Comply with legal obligations
- •Resolve disputes and enforce agreements
- •Support business operations and analytics
When you delete your account, we will delete or anonymize your personal data within 30 days, unless retention is required by law. Some data may be retained in aggregated, anonymized form for analytics purposes.
7. Your Rights
7.1 General Rights
You have the right to:
- •Access: Request a copy of your personal data
- •Correction: Request correction of inaccurate data
- •Deletion: Request deletion of your data ("right to be forgotten")
- •Portability: Receive your data in a structured, machine-readable format
- •Restriction: Request limitation of data processing
- •Objection: Object to certain types of processing
7.2 GDPR Rights (European Users)
If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including:
- •Right to withdraw consent at any time
- •Right to lodge a complaint with a supervisory authority
- •Right to not be subject to automated decision-making, including profiling
7.3 CCPA Rights (California Users)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including:
- •Right to know what personal information is collected, used, and shared
- •Right to delete personal information
- •Right to opt-out of the sale of personal information (we do not sell personal information)
- •Right to non-discrimination for exercising your CCPA rights
8. Data Sharing and Disclosure
We may share your data:
- •With Your Consent: When you authorize us to do so
- •Service Providers: With third parties who perform services on our behalf
- •Legal Requirements: When required by law or to protect our rights
- •Business Transfers: In connection with a merger, acquisition, or sale of assets
We do not sell your personal data to third parties for their marketing purposes.
9. International Data Transfers
Your data may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We implement appropriate safeguards for international transfers, including:
- •Standard Contractual Clauses (SCCs) approved by the European Commission
- •Data processing agreements with our service providers
- •Transfer impact assessments where required
10. Children's Privacy
Our Service is not intended for children under the age of 16 (or 13 in certain jurisdictions). We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date. Your continued use of our Service after changes become effective constitutes acceptance of the revised policy.
12. Contact Information
If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:
- •Email: privacy@supaview.co
- •Website: supaview.co
We will respond to your request within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.