← Query2Mail

Privacy Policy

Last updated: March 24, 2025

Query2Mail ("we", "us", or "our") operates query2mail.com. This Privacy Policy explains how we collect, use, and protect your information when you use our service.

Information We Collect

We collect information you provide directly to us:

  • Account information — email address used to sign in via magic link
  • Database credentials — host, port, username, password, and database name for connections you create. All credentials are encrypted with AES-256 at rest and never exposed client-side.
  • Query content — SQL queries you write and schedule within the app
  • Recipient email addresses — email addresses you configure to receive reports
  • Waitlist email — if you submit your email on our early access form

How We Use Your Information

  • To run your scheduled SQL queries and deliver reports to the inboxes you specify
  • To authenticate you and maintain your session
  • To send you transactional emails (magic link sign-ins, report delivery confirmations)
  • To notify waitlist subscribers when paid tiers launch
  • To monitor service health and debug execution failures

Data Storage & Security

Your data is stored in Supabase (PostgreSQL), hosted on AWS infrastructure in the United States. Database credentials are encrypted with AES-256 before storage. We do not sell, rent, or share your personal information or your database credentials with third parties.

Query results are processed in memory to generate Excel files and are not stored permanently. Large files may be temporarily stored in Supabase Storage with signed URLs and are automatically cleaned up.

Third-Party Services

We use the following third-party services to operate Query2Mail:

  • Supabase — database, authentication, and file storage
  • Resend — transactional email delivery
  • Vercel — hosting and serverless functions

Each of these services has its own privacy policy. We only share the minimum data necessary for each service to function.

Cookies & Tracking

We use cookies only for session authentication (Supabase Auth). We do not use advertising cookies or cross-site tracking. If analytics are present, they are privacy-preserving (aggregated, no personal data).

Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request deletion of your account and associated data
  • Export your query and connection configuration
  • Unsubscribe from waitlist emails at any time

To exercise these rights, email us at privacy@query2mail.com.

Data Retention

We retain your account data for as long as your account is active. Job execution logs are retained for 90 days. If you delete your account, all associated data — including database credentials, queries, and logs — is permanently deleted within 30 days.

Children's Privacy

Query2Mail is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of significant changes via email. Continued use of the service after changes constitutes acceptance of the updated policy.

Contact

Questions about this Privacy Policy? Contact us at privacy@query2mail.com.