SQL Sage · Privacy Policy
← Back to site

Privacy Policy

Last updated: 5 July 2026

This Privacy Policy is written in English, which is the authoritative version. Any translation (including the Polish section below) is provided for convenience only; the English version prevails in case of any discrepancy.

SQL Sage is a Windows extension for SQL Server Management Studio 22 — a developer productivity tool. We built it to send as little of your data through us as technically possible. This policy explains what we do and, just as importantly, what we never touch.

In one line: SQL Sage is bring-your-own-key (BYOK) developer tooling. We do not sell access to AI models or inference, we do not run your queries through our servers, and your AI credentials and license key are stored locally on your machine, encrypted — never transmitted to us.

Contents

  1. Who we are
  2. Scope of this policy
  3. What data is involved
  4. Data sent to the AI provider
  5. Local, encrypted secrets
  6. Licensing & update checks
  7. Payments & billing
  8. Legal bases (GDPR)
  9. Sub-processors
  10. Retention
  11. International transfers
  12. Your rights
  13. Security
  14. Children
  15. Changes to this policy
  16. Contact

1Who we are

SQL Sage is an independent product operated by LUMA sp. z o.o., a company established in Poland with its registered seat at [REGISTERED ADDRESS] ("we", "us", "the vendor"). We are the data controller for the limited personal data described in this policy.

SQL Sage is not affiliated with Microsoft, Anthropic, or OpenAI.

You can reach us for any privacy matter at [CONTACT EMAIL].

2Scope of this policy

This policy covers the SQL Sage extension installed on your Windows machine, our public website, and the limited backend services we operate for licensing and updates. It does not cover the AI provider you connect to (Anthropic or OpenAI), your SQL Server, or the payments provider — see the relevant sections below for how those relationships work.

3What data is involved

SQL Sage is architected to minimise the personal data that reaches us. The categories of data involved are:

DataWhere it livesDoes it reach us?
Your query text and database schema metadata (table / column / index names)Sent by the extension to your AI provider as contextNo — goes to your AI provider under your own account/key
Query result data (rows returned by your database)Stays on your machine unless you explicitly opt in per sessionNo
BYOK API key and license keyLocal, encrypted (Windows DPAPI)No — never transmitted to us
AI provider credentials (Claude / ChatGPT sign-in)Managed by the respective CLI on your machineNo — we never see, store, or transmit them
License identifierSent to our license-validation endpoint over HTTPSYes — an opaque identifier only, no personal data or query content
Update checkAnonymous HTTPS request to a static version fileStandard connection metadata only (e.g. IP in server logs)
Billing details (name, email, payment data, tax location)Handled by our payments providerNo — collected and held by the Merchant of Record, not us
Support correspondence & newsletter email (if you contact us or subscribe)Our contact / mailing systemsYes — only what you send us

4Data sent to the AI provider

When you use the chat, query help, or safe-execution features, the extension sends the following to your chosen AI provider (Anthropic or OpenAI) as context: your query text and database schema metadata — the names of tables, columns, and indexes.

Query result data (production data) is never sent unless you explicitly opt in for that session. A "Mask names" option replaces server and database identifiers with placeholders before anything leaves your machine.

Crucially, at launch the AI provider processes this data under your own account, subscription, or BYOK key. That means your direct relationship with Anthropic or OpenAI — their terms and privacy policy — governs how that data is handled. We are not an intermediary for AI inference and we do not resell access to AI models. We recommend you review your AI provider's privacy terms:

Roadmap note. A future hosted, keyless completions feature (a paid option on our roadmap) would route requests through our own infrastructure, adding Anthropic as our sub-processor. This policy will be updated before any such feature ships. It is not part of the product today.

5Local, encrypted secrets

Two kinds of secret are stored only on your machine, encrypted at rest via the Windows Data Protection API (DPAPI), scoped to your Windows user account:

These are never transmitted to us and never stored in plaintext, in the Windows registry, or in version control. Your AI provider sign-in tokens (for Claude Code or Codex) are managed entirely by those CLIs — SQL Sage only asks whether you are signed in; it never sees, stores, or transmits those credentials.

6Licensing & update checks

Trial. SQL Sage offers a 30-day free trial with no credit card required. The trial is tracked locally on your machine.

License validation. To confirm a paid license is active, the extension makes a periodic HTTPS request to our validation service (a Cloudflare Worker). This request sends only a license identifier — no personal data, no query content, no schema, no results.

Auto-update. To check for a new version, the extension makes a single anonymous HTTPS request to a static version file. Nothing about you, your machine, your database schema, or your queries is transmitted. As with any HTTPS request, our hosting provider's server logs may record standard connection metadata (such as IP address) transiently.

7Payments & billing

Purchases are processed by our payments provider, acting as Merchant of Record (MoR). The MoR is the seller of record: it collects and processes your billing information (name, email, payment method, and tax/location data), handles VAT/GST/sales tax, issues invoices, and manages chargebacks and refunds.

We do not receive or store your full payment card details. For payment-data privacy requests, the MoR acts as controller of that billing data; we will help route your request to them. See our Sub-processors page.

9Sub-processors

We use a small number of sub-processors to operate the service: Cloudflare (static hosting, the license-fulfilment Worker and its key-value store, and installer storage) and our payments provider (Merchant of Record). At launch, Anthropic and OpenAI are your providers (via your own account or BYOK), not our sub-processors. The full, current list — with roles and locations — is maintained on our Sub-processors page.

10Retention

11International transfers

Our infrastructure providers operate globally. Where personal data is transferred outside the European Economic Area, such transfers are covered by appropriate safeguards (for example, the European Commission's Standard Contractual Clauses) implemented by the relevant provider. Any data you send to your AI provider is transferred under your own agreement with that provider.

12Your rights

Under the GDPR you have the right to: access your personal data; request rectification or erasure; restrict or object to processing; data portability; and to withdraw consent where processing is based on consent. You also have the right to lodge a complaint with a supervisory authority — in Poland, the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych, UODO).

To exercise these rights, contact us at [CONTACT EMAIL]. For requests about payment and billing data, we will help you direct the request to our payments provider, which controls that data as Merchant of Record.

13Security

We follow a data-minimisation and least-custody approach: secrets stay on your machine encrypted via DPAPI, our license service transmits only opaque identifiers over HTTPS, and we never take custody of your AI provider tokens. No method of transmission or storage is perfectly secure, but we design the product so that there is very little sensitive data on our side to protect in the first place.

14Children

SQL Sage is a professional developer tool and is not directed at children. We do not knowingly collect personal data from anyone under the age of 16.

15Changes to this policy

We may update this policy as the product evolves — notably before any hosted/keyless AI feature ships (see section 4). When we make material changes, we will update the "Last updated" date and, where appropriate, notify you.

16Contact

LUMA sp. z o.o.
[REGISTERED ADDRESS]
[CONTACT EMAIL]

// The following is a Polish translation provided for convenience. The English version above is the legally binding text.

Polityka prywatności (wersja polska — informacyjnie)

Wersja angielska ma moc rozstrzygającą. Poniższe tłumaczenie na język polski ma charakter wyłącznie informacyjny; w razie rozbieżności obowiązuje wersja angielska.

SQL Sage to rozszerzenie dla SQL Server Management Studio 22 działające w systemie Windows — narzędzie zwiększające produktywność deweloperów. Działa w modelu BYOK (własny klucz): nie sprzedajemy dostępu do modeli AI ani inferencji, nie przepuszczamy Twoich zapytań przez nasze serwery, a Twój klucz API (BYOK) oraz klucz licencyjny są przechowywane lokalnie na Twoim urządzeniu, zaszyfrowane mechanizmem Windows DPAPI — nigdy nie są przesyłane do nas.

Administrator danych: LUMA sp. z o.o., z siedzibą w Polsce ([REGISTERED ADDRESS]), kontakt: [CONTACT EMAIL].

Dane wysyłane do dostawcy AI: treść Twojego zapytania oraz metadane schematu bazy (nazwy tabel, kolumn, indeksów). Dane wynikowe zapytań (dane produkcyjne) nigdy nie są wysyłane bez Twojej wyraźnej zgody dla danej sesji. Opcja „Mask names" maskuje nazwy serwera i bazy. W momencie startu produktu dostawca AI (Anthropic/OpenAI) przetwarza te dane na podstawie Twojego własnego konta lub klucza BYOK — regulują to Twoje umowy z tym dostawcą.

Licencjonowanie i aktualizacje: 30-dniowy darmowy okres próbny bez karty. Walidacja licencji wysyła przez HTTPS wyłącznie identyfikator licencji (bez danych osobowych i treści zapytań). Sprawdzanie aktualizacji to pojedyncze anonimowe zapytanie HTTPS o plik wersji.

Płatności: obsługiwane przez naszego dostawcę płatności działającego jako Merchant of Record (sprzedawca formalny) — to on pobiera dane rozliczeniowe, VAT, wystawia faktury i obsługuje zwroty.

Twoje prawa (RODO): dostęp, sprostowanie, usunięcie, ograniczenie i sprzeciw wobec przetwarzania, przenoszenie danych, cofnięcie zgody oraz skarga do Prezesa UODO. Wnioski: [CONTACT EMAIL]; wnioski dotyczące danych płatniczych kierujemy do dostawcy płatności (MoR).

Pełną, wiążącą treść znajdziesz w wersji angielskiej powyżej.