Privacy Policy

How we collect, use, and protect your personal data

Data Collected

This Privacy Policy explains how pgEnterprise ("we", "us", "our") collects and processes personal data when you visit our website, contact us or use our managed PostgreSQL services (the "Services"). If you are located in the European Economic Area ("EEA") or the United Kingdom ("UK"), this Privacy Policy is intended to provide you with the information required under the EU General Data Protection Regulation ("GDPR") and similar data protection laws.

We primarily provide business-to-business services. However, some information that relates to your role within a company (for example your business email address) may still be considered personal data under applicable law. We process such data in accordance with this Privacy Policy and applicable data protection legislation.

Depending on how you interact with us, we may collect the following types of data:

  • Contact and identification data – such as your name, job title, business email address, phone number and the company or organization you represent, when you submit our contact form or communicate with us.
  • Business and project information – such as details about your current infrastructure, PostgreSQL deployments, technical requirements, use cases and any other information you choose to share so that we can understand your needs and prepare proposals.
  • Communication data – including the contents of your messages, emails or inquiries, as well as our replies and notes necessary to manage our relationship with you.
  • Usage and analytics data – when you visit our website, certain information may be collected automatically, such as IP address (where possible in an anonymized or truncated form), browser type, device information, pages visited, time spent on pages and navigation patterns. This is typically collected via cookies and similar technologies (for example, Google Analytics), as described in our Cookie Policy.
  • Technical and log data – in the context of the Services, we may process technical logs, monitoring data and configuration information related to the PostgreSQL environments we manage, where necessary to provide and secure the Services. These logs may contain limited personal data (for example, user identifiers used in your systems).

We do not intentionally collect sensitive categories of personal data (such as health information, political opinions, or similar) through this website. Please do not submit such information via our contact forms unless it is strictly necessary and you are authorized to do so.

These practices apply to all visitors and customers using our PostgreSQL managed services.

How We Use Your Data

We use the personal data we collect for clearly defined purposes and only where we have a valid legal basis to do so. Depending on the context, we may process your data for one or more of the purposes listed below.

We may use your data to:

  • Respond to inquiries and provide information – to process your contact form submissions, answer questions, schedule calls and provide information about our Services that you request.
  • Prepare and perform contracts – to create and manage proposals, service agreements and ongoing engagements, including provisioning and operating managed PostgreSQL environments, providing support and fulfilling our contractual obligations.
  • Operate, secure and improve our website and Services – to analyze how visitors use our website, detect and prevent abuse (including via CAPTCHA), monitor performance, troubleshoot issues and improve the content and user experience.
  • Maintain records and manage our relationship – to keep appropriate business records, manage your preferences, maintain contact histories and support long-term client relationships.
  • Comply with legal obligations – to comply with applicable laws and regulations, respond to lawful requests from authorities, and maintain security, audit and compliance records where required.

If you are located in the EEA or the UK, we will process your personal data only where we have one of the legal bases permitted by GDPR, namely:

  • Performance of a contract – where processing is necessary to enter into or perform a contract with you or the organization you represent.
  • Compliance with a legal obligation – where we must process data to comply with laws and regulations that apply to us.
  • Legitimate interests – where we have a legitimate interest in operating, securing and developing our business and Services, and this interest is not overridden by your rights and interests.
  • Consent – where you have given us your consent for specific processing activities (for example, certain types of analytics or optional communications). You may withdraw your consent at any time.

If we intend to use your data for a new purpose that is not compatible with the purposes described here, we will inform you and, where necessary, obtain your consent before doing so.

Data Protection

We take the security and confidentiality of your data seriously and implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration or destruction.

These measures may include, for example, access controls based on the need-to-know principle, secure configurations, encryption in transit and at rest where appropriate, network and infrastructure security measures, logging and monitoring, regular updates and patching, and staff awareness on data protection and security practices.

We only give access to personal data to those employees, contractors and service providers who need it to perform their duties and who are bound by confidentiality and data protection obligations. Where we use third-party providers (for example, hosting, analytics or security tools), we seek to ensure that they provide adequate safeguards in line with applicable data protection laws.

We generally retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy or to comply with legal, accounting or reporting obligations. The exact retention period may vary depending on the type of data and the context in which it was collected (for example, inquiry history, contractual relationship, technical logs).

If we transfer personal data to recipients located outside your country or outside the European Economic Area (EEA), we will do so in compliance with applicable data protection requirements and will implement appropriate safeguards where required (such as standard contractual clauses or equivalent mechanisms).

Your Rights

Depending on your location and the applicable data protection laws, you may have certain rights in relation to the personal data we hold about you. These rights are typically exercised by contacting us using the details provided in the "Contact Information" section below.

Subject to legal conditions and limitations, your rights may include:

  • Right of access – to obtain confirmation as to whether we process your personal data and, if so, to receive a copy of that data along with certain related information.
  • Right to rectification – to request correction of inaccurate or incomplete personal data.
  • Right to erasure – to request deletion of your personal data in certain circumstances, for example where the data is no longer needed for the purposes for which it was collected or where you withdraw consent (if consent was the legal basis).
  • Right to restriction of processing – to request that we restrict the processing of your data in certain situations, for example while we verify the accuracy of the data or our legitimate interests.
  • Right to data portability – to receive personal data you have provided to us in a structured, commonly used and machine-readable format and to transmit it to another controller, where technically feasible and where the legal basis is consent or contract.
  • Right to object – to object, on grounds relating to your particular situation, to processing based on our legitimate interests. We will stop such processing unless we have compelling legitimate grounds to continue or the processing is necessary for legal claims.
  • Right to withdraw consent – where we rely on your consent, you have the right to withdraw that consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

If you are located in the EEA or the UK, these rights arise in particular from the GDPR and related national data protection laws. You also have the right to lodge a complaint with a competent data protection authority, in particular in the EEA or UK country where you live or work, or where you believe a violation has occurred.

We encourage you to contact us first so we can try to resolve any concerns directly before you approach a supervisory authority.

Contact Information

If you have any questions about this Privacy Policy, about how we process your personal data or if you wish to exercise your data protection rights, you can contact us using the contact form below and mention "Privacy" or "Data Protection" in your message.

We will review and respond to your request within a reasonable timeframe, taking into account the nature and complexity of your inquiry and our legal obligations under GDPR and other applicable data protection laws.

Get in Touch

Have questions about our Privacy Policy? Fill out the form below and we'll get back to you promptly.