Privacy Policy

1. Scope and Overview

This Privacy Policy applies to your use of the entire Tellus platform, including:

• Tellus Dashboard - Web-based database management interface
• Tellus API - Programmatic platform access
• Tellus Mobile Applications - Mobile apps (iOS/Android)
• Tellus Documentation - Integration guides and API documentation
• Tellus Support Services - Customer support and services
• All Tellus-owned properties and services

Tellus ("we," "us," "our," or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use any aspect of the Tellus platform.

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use the Tellus Platform.

2. Information We Collect

A. Account and Profile Information

• Registration Data: Username, email address, password hash, company name, and profile information
• Account Settings: Preferences, notification settings, theme selections, and security settings
• Billing Information: Subscription plan, billing address, and payment method (if applicable)

B. Database and Configuration Data

• Database Credentials: When you connect databases, you provide credentials, API keys, and connection strings. These are encrypted and critically protected.
• Project Configuration: Database names, table structures, schema information, project settings, and metadata
• Query History: Queries you execute through the Tellus Dashboard (may include aggregated/anonymous data)

C. Platform Usage Information

• Dashboard Activity: Features accessed, databases queried, tables viewed, reports generated
• API Usage: API calls made, endpoints accessed, request timestamps, request parameters (non-credential)
• Mobile App Data: App events, feature usage, crash reports, performance metrics
• Interaction Data: Clicks, scrolls, form submissions, navigation patterns

D. Technical Information Collected Automatically

• Device Information: Device type, OS version, browser type, unique device identifiers
• Connection Data: IP address, ISP, location (country/region level), connection type
• Log Data: Timestamps, error logs, performance metrics, API response times
• Cookies and Identifiers: Session cookies, tracking pixels, analytics identifiers, advertising IDs

E. Communication Data

• Support Communications: Messages, emails, chat logs with our support team
• Feedback: Feature requests, bug reports, surveys, user feedback
• Contact Information: Name, email, phone number if provided in support requests

F. Third-Party Information

• Data from database providers about your usage patterns
• Information from analytics vendors about your interactions
• Data from payment processors about transaction status

3. How We Use Your Information

We use the information we collect for the following comprehensive purposes:

Service Delivery and Operation

• Providing, maintaining, and improving the Tellus Dashboard, API, and mobile apps
• Processing API requests and database connections
• Managing user accounts and authentication
• Storing and retrieving your project configurations
• Executing database queries and returning results
• Processing payments and managing subscriptions

Support and Communication

• Responding to support inquiries and providing technical assistance
• Investigating and resolving technical issues or complaints
• Sending administrative messages and account notifications
• Providing updates about the Platform and new features

Analytics and Improvement

• Understanding how users interact with the Platform
• Identifying usage patterns and feature popularity
• Improving user experience and interface design
• Developing new features based on user needs
• Analyzing Platform performance and optimization

Security and Compliance

• Detecting and preventing fraud, abuse, and cyberattacks
• Protecting against data breaches and unauthorized access
• Enforcing terms of service and legal agreements
• Complying with legal obligations and court orders
• Conducting security audits and vulnerability assessments

Marketing and Business Development

• Sending newsletters and promotional materials (with your consent)
• Understanding market trends and user preferences
• Conducting product research and surveys
• Developing new products and services

4. Protection of Database Credentials

⚠️ CRITICAL: Database credentials and API keys are extremely sensitive information. You are responsible for protecting this information.

Our Practices

• We use industry-standard encryption to protect credentials in transit and at rest.
• We never log or store your credentials in plain text.
• Access to stored credentials is restricted to authorized personnel only.
• We regularly audit our security practices and update our defenses against threats.

Your Responsibilities

• Never share your credentials via email, chat, or unsecured channels.
• Rotate your credentials regularly, especially if you suspect compromise.
• Use separate credentials for different environments (development, staging, production).
• Implement IP whitelisting on your databases to restrict access.
• Monitor your database activity logs for suspicious access.
• Immediately revoke credentials if you believe they have been compromised.

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. However, we may disclose information in the following circumstances:

• Service Providers: We may share information with vendors who assist us in operating our website and conducting our business, subject to confidentiality agreements.
• Legal Requirements: We may disclose information when required by law, to comply with legal process, protect our rights, or investigate potential violations.
• Business Transfers: If Tellus is acquired or merged, your information may be transferred as part of that transaction.
• With Your Consent: We may disclose information with your explicit consent for specific purposes.

6. Data Retention

We retain your information for as long as necessary to provide our services and fulfill the purposes outlined in this policy. You may request deletion of your data, but we may retain certain information if required by law or for legitimate business purposes.

• Credentials: Stored only while your account is active. Deleted upon account closure.
• Usage Data: Typically retained for 12 months for analytics purposes.
• Log Data: Typically retained for 3-6 months for security audit trails.
• Contact Information: Retained until you request deletion.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

• Access: You can request access to the personal data we hold about you.
• Correction: You can request that we correct inaccurate data.
• Deletion: You can request deletion of your data under certain circumstances ("Right to be Forgotten").
• Portability: You can request your data in a portable, machine-readable format.
• Opt-Out: You can opt-out of marketing communications at any time.
• Withdraw Consent: You can withdraw consent for data processing at any time.

To exercise any of these rights, please contact us using the information provided in the Contact section below.

8. Security Measures

We implement comprehensive security measures to protect your information:

• Encryption: Data is encrypted in transit using TLS/SSL and at rest using AES-256.
• Access Control: Only authorized personnel have access to sensitive information.
• Firewalls: Our systems are protected by firewalls and intrusion detection systems.
• Regular Audits: We conduct regular security audits and penetration testing.
• Incident Response: We have procedures in place to respond to and report security incidents.
• Updates: We regularly update our systems with security patches.

Note: No system is 100% secure. While we take extensive precautions, we cannot guarantee absolute security of your data.

9. Third-Party Services

Our website may contain links to third-party websites and services. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any information.

Database providers (Supabase, MongoDB, Firebase, Neon, MySQL) have their own privacy policies that govern how they handle your data. Please review their policies directly:

• Supabase Privacy Policy
• MongoDB Privacy Policy
• Firebase Privacy Policy
• Neon Privacy Policy

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our site. You can control cookie preferences through your browser settings. However, disabling cookies may affect the functionality of our site.

• Essential Cookies: Required for site functionality (authentication, security).
• Analytics Cookies: Help us understand how users interact with our site.
• Preference Cookies: Remember your preferences and settings.

11. Contact Us

If you have privacy concerns, questions about this policy, or want to exercise your privacy rights, please contact us:

• Email: privacy@tellus.io
• Phone: Available through our contact form on the website
• Mail: Address available upon request

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by updating the "Last updated" date at the top of this policy.

Your continued use of Tellus after any modifications constitutes your acceptance of the updated Privacy Policy. We encourage you to review this policy periodically.

Your Privacy Matters

We are committed to protecting your privacy and maintaining transparency about how we handle your data. If you have any questions or concerns, please don't hesitate to contact us.