Privacy Policy
1. Introduction
WaveQuery Ltd ("WaveQuery," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal data when you use our website and services. By accessing or using WaveQuery, you agree to this policy.
2. Data We Collect
2.1 Data You Provide
- Account Information: When you sign up, we collect your name, email address, company details, and authentication credentials.
- Payment Information: We use Stripe to process payments, and we do not store credit card details.
- Customer Support & Feedback: If you contact us via Linear (for support tickets) or Productlane (for roadmap & feedback), we store your communications.
2.2 Data Collected Automatically
- Usage Data: We collect query execution logs, metadata, and timestamps for security and service improvements. Logs are automatically deleted after 90 days.
- Device & Browser Data: We collect IP addresses, browser type, and device identifiers for analytics and fraud prevention.
- Cookies & Tracking: We use Posthog for analytics and Cloudflare for DNS protection. See our Cookie Policy for more details.
2.3 Data from Third-Party Integrations
- Email Communications: We use Resend for transactional emails, Brevo for marketing emails, and Superhuman (via Google) for client email management.
- LLM Processing: If you enable an AI integration (e.g., OpenAI, Anthropic, Google Gemini, or self-hosted Llama), query contents may be processed by the selected provider. WaveQuery does not store these queries.
- Logging & Security: We use Sentry to monitor application performance and errors.
3. How We Use Your Data
We use collected data to:
- Provide & improve our services (including AI-assisted queries and analytics).
- Monitor security & compliance (prevent fraud, unauthorized access, or malicious usage).
- Process payments & subscriptions (via Stripe).
- Communicate with users (for account notifications, service updates, or support tickets).
- Send marketing emails (via Brevo, with an opt-out option in each email).
4. Data Sharing & Third Parties
We do not sell your personal data. However, we may share data with:
- Service Providers: We use third-party vendors (see below) to operate WaveQuery.
- Legal Compliance: We may disclose data if required by law, regulatory request, or to protect against fraudulent activities.
4.1 Third-Party Service Providers
| Service | Provider | Purpose |
|---|---|---|
| Payment Processing | Stripe | Subscription payments |
| Ticketing System | Linear | Customer support requests |
| Changelog & Roadmap | Productlane | Feature tracking & updates |
| DNS & Security | Cloudflare | DDoS protection & security |
| Analytics | Posthog | Product usage insights |
| Email & Calendar | Email, document storage | |
| Transactional Email | Resend | Service notifications |
| Marketing Email | Brevo | Customer marketing emails |
| Client Email Management | Superhuman | Business email management |
| Error Monitoring | Sentry | Application logging |
5. Data Retention
- Query Logs: Retained for 90 days for security and performance monitoring, then deleted.
- Account Data: Retained for the duration of your contract. Deleted upon termination.
- Email & Support Communications: Retained indefinitely for customer support and service improvements.
6. Your Responsibilities & Rights
- Customer Responsibility: Customers are responsible for ensuring that any data exposed via WaveQuery complies with applicable data protection laws, including GDPR and CCPA. WaveQuery does not control or store customer query results.
- Access & Correction: You have the right to access and update your personal data.
- Request Deletion: You may request data deletion by contacting [email protected].
- Marketing Opt-Out: You can opt-out of marketing emails via the link at the bottom of each email.
7. Security Measures
- All data is encrypted in transit (TLS 1.2+).
- Role-based access controls (RBAC) prevent unauthorized access.
- Our infrastructure follows AWS security best practices.
8. International Data Transfers
WaveQuery operates globally. We use Standard Contractual Clauses (SCCs) for data transfers outside the EU, in compliance with GDPR.
9. Updates to This Policy
WaveQuery reserves the right to update this Privacy Policy at any time. Updates will be communicated via email or platform notifications. Continued use of the Services after an update constitutes acceptance of the modified Policy.
10. Contact Us
For privacy-related inquiries, please email [email protected].
Last Updated: 1st March, 2025