Privacy Policy

Last updated: 28 June 2026

This policy explains what CrescoDB ("CrescoDB", "we", "us") collects, why, and what choices you have. CrescoDB is a local-first developer tool: most of your work — your database, code, and the cresco dev server — stays on your own machine. We only receive data when you use the hosted parts of the product (an account, the AI features, cloud backups, shared projects, the module registry, or billing).

1. Who we are

CrescoDB provides a command-line tool, an admin dashboard, and a hosted account platform at crescodb.com. For privacy questions, contact support@crescodb.com.

2. What stays on your machine

When you run CrescoDB locally, the following never leave your computer unless you explicitly use a hosted feature:

  • Your project database (SQLite file, or your own/remote Postgres/MySQL server you connect to).
  • Your schema.cresco, source code, and project files.
  • Your local dev server and dashboard session.

3. Information we collect

CategoryWhatWhy
AccountEmail, name, username, timezone, optional avatar, and — if you sign in with GitHub/Google — your provider profile (id, email, public username).Create and operate your account, sign-in, support.
AI usageThe prompts/code you send to the AI features, and token/usage counts.Provide the AI assistant and coding agent, meter usage, and enforce per-account limits.
BillingPlan, transaction references, amounts, currency. Card details are handled by our payment processors — we never see or store full card numbers.Process subscriptions and module purchases.
Cloud backupsDatabase snapshots you choose to upload, plus a separate backup-retrieval password (stored only as a hash).Store and restore backups you request.
Shared projectsProject name, schema, and the database connection string you choose to share with your team.Let teammates open the same shared project.
RegistryModules you publish (metadata + code) and your install activity.Operate the package registry and entitlement checks.
TechnicalStandard request logs (IP, timestamps, user agent) on the hosted platform; local-storage values in the dashboard for your preferences and session.Security, abuse prevention, and reliability.

4. AI processing

The AI assistant and coding agent run on our model provider keys (you don't supply your own). To generate responses, the prompts and relevant project context you submit are sent to our model providers (currently OpenAI and Anthropic) solely to return a result to you. We meter usage to operate the service and apply plan limits. Don't paste secrets or sensitive personal data into AI prompts.

5. Service providers (subprocessors)

We share the minimum necessary data with providers that help us run CrescoDB:

  • OpenAI, Anthropic — AI model processing.
  • Resend — transactional email (verification, password reset, notifications you've opted into).
  • Paystack, Flutterwave — payment processing.
  • Hosting/infrastructure — the providers that host our platform and website.

Each processes data under its own terms and only as needed to provide its function.

6. How we use your information

  • To provide, maintain, and improve CrescoDB.
  • To authenticate you and secure the service.
  • To process payments and manage plans/entitlements.
  • To send essential account emails, and product/marketing emails only where you've opted in (you can change this in Settings → Notifications).
  • To detect, prevent, and address abuse, fraud, or technical issues.

7. Security

We protect account data with measures appropriate to its sensitivity: passwords and the backup-retrieval password are stored only as salted hashes (never plaintext), email links use single-use expiring tokens, and access to shared projects and backups is checked on every request. No method of transmission or storage is 100% secure, but we work to safeguard your data and improve continuously.

8. Data retention

We keep account data while your account is active. Cloud backups, shared-project records, and published modules are kept until you delete them or close your account. We may retain limited records as required for legal, accounting, or security purposes.

9. Your rights & choices

  • Access & export — you can view your account data and export your project database as .sql at any time.
  • Correction — edit your profile in Settings.
  • Deletion — request account deletion via support@crescodb.com. Your local files and databases are never touched by us.
  • Email preferences — manage notification emails in Settings → Notifications.

10. Children

CrescoDB is not directed to children under 16, and we do not knowingly collect their personal data.

11. International transfers

Our providers may process data in other countries. Where we transfer data internationally, we rely on appropriate safeguards offered by those providers.

12. Changes to this policy

We may update this policy as the product evolves. We'll revise the "Last updated" date above and, for material changes, give notice through the product or by email.

13. Contact

Questions or requests: support@crescodb.com. See also our Terms of Service.