Privacy Policy

1. Introduction

This Privacy Policy explains how The ANED Group (“we,” “us,” or “our”), through ANED Development Center as the data processor, collects, uses, discloses, and protects your personal information when you use the ANED DB platform, website, dashboard, APIs, SDKs, CLI tools, and any related services (collectively, the “Service”).

The ANED Group is the data controller responsible for your personal data. ANED Development Center operates and manages the Service on behalf of The ANED Group.

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use the Service.

2. Information We Collect

We collect the following categories of information:

2.1 Account Information

When you create an account, we collect:

• Full name
• Email address
• Password (stored in hashed form)
• Organization or company name (if provided)
• Billing information (processed by our payment processor)

2.2 Usage Data

We automatically collect information about how you interact with the Service:

• API request logs (endpoint, method, status code, response time)
• Database query metrics (query count, latency, error rates)
• Dashboard activity (pages visited, features used)
• Edge function invocation logs
• Storage usage statistics

2.3 Technical Data

We collect technical information including:

• IP address
• Browser type and version
• Operating system
• Device identifiers
• Time zone and locale settings

2.4 Customer Data

You may store data in your ANED DB databases (“Customer Data”). We do not access, use, or share your Customer Data except as necessary to provide the Service, comply with applicable law, or as directed by you.

3. How We Use Your Information

We use the information we collect for the following purposes:

1. Provide and maintain the Service — provisioning databases, generating APIs, processing requests, and running edge functions.
2. Account management — authenticating your identity, managing your subscription, and processing payments.
3. Service improvement — analyzing usage patterns to improve performance, reliability, and user experience.
4. Security and fraud prevention — detecting and preventing unauthorized access, abuse, and security incidents.
5. Communication — sending service-related notifications, security alerts, and (with your consent) product updates and marketing materials.
6. Legal compliance — fulfilling legal obligations, responding to legal processes, and enforcing our terms.
7. Support — responding to your requests, troubleshooting issues, and providing technical assistance.

4. Data Retention

We retain your information for as long as necessary to fulfill the purposes described in this policy:

• Account data: Retained for the duration of your account plus 30 days after deletion.
• Customer Data: Retained for the duration of your subscription. Upon account termination, Customer Data is deleted within 30 days unless a longer retention period is required by law.
• Usage logs: Retained for up to 90 days (Pro plan) or 7 days (Free plan), then automatically purged.
• Backups: Database backups are retained according to your plan’s backup policy and deleted within 7 days of account termination.
• Billing records: Retained for 7 years as required by applicable tax and accounting regulations.

5. Third-Party Services

We use trusted third-party services to operate the platform. These providers have access only to the information necessary to perform their functions and are contractually obligated to protect your data:

• Cloud infrastructure providers — for hosting databases, APIs, and storage.
• Payment processors — for processing subscription payments and billing.
• Analytics services — for aggregated platform usage analytics (no personally identifiable information is shared).
• Email services — for transactional emails and (with consent) marketing communications.
• Security services — for DDoS protection, rate limiting, and threat detection.

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

6. Cookies and Tracking Technologies

We use the following types of cookies and similar technologies:

• Essential cookies: Required for the Service to function (authentication tokens, session management, CSRF protection). These cannot be disabled.
• Functional cookies: Remember your preferences such as dashboard layout, theme, and language settings.
• Analytics cookies: Help us understand how the Service is used so we can improve it. These are anonymized and aggregated.

We do not use advertising or third-party tracking cookies. You can manage cookie preferences through your browser settings.

7. Data Security

We implement industry-standard security measures to protect your data, including:

• Encryption of data in transit (TLS 1.3) and at rest (AES-256)
• Database isolation per project (no shared-schema multi-tenancy)
• Row Level Security (RLS) enforcement at the database level
• Regular security audits and penetration testing
• Automated vulnerability scanning
• Access controls and principle of least privilege for internal systems
• Incident response procedures and breach notification protocols

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request that we correct any inaccurate or incomplete personal data.
• Deletion: Request that we delete your personal data, subject to legal retention requirements.
• Portability: Request your data in a structured, machine-readable format.
• Restriction: Request that we restrict the processing of your personal data.
• Objection: Object to the processing of your personal data for certain purposes.
• Withdraw consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at privacy@anedcenter.com. We will respond to your request within 30 days.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. When we transfer data internationally, we implement appropriate safeguards including standard contractual clauses, data processing agreements, and compliance with applicable data protection frameworks.

10. Children’s Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete such information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the “Last updated” date. For significant changes, we will also send an email notification to the address associated with your account.

We encourage you to review this policy periodically for any changes.

12. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us: