PostgresRun ← Back to site

Privacy Policy

Last updated: 6 July 2026

This policy explains what we collect, why, who we share it with, and your rights. We are the data controller for your account and billing data, and a data processor for the content you store in your databases.

1. Who we are

PostgresRun ("we", "us") operates a managed PostgreSQL hosting service. For questions about this policy or your data, contact privacy@postgresrun.com.

2. Data we collect

  • Account data — your email address and authentication credentials (passwords are stored only as salted hashes).
  • Billing data — subscription and payment status. Card details are collected and stored by Stripe, our payment processor; we do not store full card numbers.
  • Operational data — database configuration, metrics (CPU, memory, connections, etc.), and server logs we collect to run, secure, and support your databases.
  • Customer Data — the content you store inside your databases. We process this on your behalf and do not access it except as needed to operate the Service, provide support you request, or comply with law.
  • Usage/technical data — standard request logs (e.g. IP address, timestamps) for security and troubleshooting.

3. How we use data

To provide, maintain, secure, and improve the Service; to provision and operate your databases; to process payments and prevent fraud; to send service and transactional emails (e.g. welcome, database-ready, password reset, billing notices); and to comply with legal obligations.

4. Legal bases (EEA/UK)

Where the GDPR applies, we process data on the bases of: performance of our contract with you (operating the Service and billing); legitimate interests (security, fraud prevention, service improvement); and legal obligation (accounting, tax). For Customer Data we act as your processor under your instructions.

5. Sub-processors

We rely on the following providers to deliver the Service:

ProviderPurpose
OVHcloudCloud infrastructure hosting your databases and our control plane
StripePayment processing and billing
Cloudflare (R2)Off-site backup storage and DNS
ResendTransactional email delivery

6. Retention

We keep account and billing data for as long as your account is active and as required for legal and accounting purposes. Customer Data and database backups are retained while the database exists and for a limited window afterward, then deleted. Logs and metrics are retained on a rolling basis (typically days to a few months).

7. Security

Each database runs in its own isolated instance. Traffic to backups and log/metric services is encrypted in transit (TLS). Passwords are hashed, and secrets are stored securely. No system is perfectly secure, but we take reasonable technical and organisational measures to protect your data.

8. Your rights

Subject to applicable law, you may access, correct, export, or delete your personal data, object to or restrict certain processing, and withdraw consent. You can delete databases and your account from the dashboard, or contact us to exercise these rights. EEA/UK users may lodge a complaint with their supervisory authority.

9. International transfers

Your data may be processed in the countries where we and our sub-processors operate. Where required, we rely on appropriate safeguards (such as Standard Contractual Clauses) for cross-border transfers.

10. Cookies

We use only the cookies necessary to keep you signed in and to operate the dashboard securely. We do not use advertising cookies.

11. Changes

We may update this policy; material changes will be posted here with a new date and, where appropriate, notified to you.

12. Contact

Privacy questions or data requests: privacy@postgresrun.com.

© 2026 PostgresRun Terms · Privacy