Skip to main content
Back to Home

Privacy Policy

Last updated: March 2, 2026

1. Introduction

MorphDB ("we", "us", or "our") operates the MorphDB website and service. This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our service and the choices you have associated with that data.

2. Information We Collect

2.1 Account Information

When you create an account, we collect your email address, name, and optionally your company name. This information is used to provide our service, communicate with you, and comply with legal obligations.

2.2 Usage Data

We automatically collect information about how you use our service:

  • Migration batches and metadata (not the actual SQL content)
  • Token usage and API calls
  • IP address and browser information
  • Login times and general location

2.3 Payment Information

Payments are processed by Stripe. We do not store credit card details. We only retain Stripe customer IDs and subscription status.

3. How We Use Your Data

  • To provide and maintain our service
  • To process transactions and send related information
  • To send technical notices and support messages
  • To respond to your comments and questions
  • To analyze usage and improve our service
  • To detect, prevent, and address technical issues

4. Data Security

We implement industry-standard security measures including:

  • SSL/TLS encryption for all data in transit
  • Database encryption at rest
  • Secure authentication via Supabase
  • Strict access controls and security headers

5. Data Retention

  • Account data: Retained while your account is active; deleted within 30 days of account deletion
  • Migration history: Retained for 12 months
  • Login logs: Retained for 90 days
  • Billing records: Retained for 7 years for legal compliance

6. Third-Party Services

We use the following third-party services:

  • Supabase: Authentication and database
  • Stripe: Payment processing
  • OpenAI/Anthropic: AI APIs for SQL translation
  • Vercel: Hosting and CDN

7. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Opt out of marketing communications

To exercise these rights, visit our support page.

8. Cookies

We use essential cookies for authentication and security. You can control cookie settings through your browser preferences.

9. GDPR & CCPA

For EU users (GDPR): You have rights including access, rectification, erasure, and data portability under the General Data Protection Regulation.

For California users (CCPA): You have the right to know, delete, and opt-out of the sale of your personal information. We do not sell personal information.

10. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "last updated" date.

11. Contact Us

If you have questions about this privacy policy, visit our support page.