Privacy Policy
Last updated: June 25, 2026
DataLaxe ("we", "us", "our") operates the Bridge data integration platform at datalaxe.com. This policy explains what data we collect, how we use it, and your rights. If you have questions, email harpreet@datalaxe.com.
1. Information we collect
We collect information you provide directly:
- Account information — name, email address, password (stored hashed), workspace name
- Connection credentials — API keys, database credentials, OAuth tokens for third-party services you connect (stored encrypted with AES-256-GCM)
- Job configuration — SQL queries, scheduling settings, destination configurations you create in Bridge
- Usage data — job run logs, error messages, timestamps of activity
We also collect automatically:
- IP address and browser information when you access the platform
- Audit log entries of actions taken within your workspace
2. How we use your information
- To operate and maintain the Bridge platform
- To authenticate you and secure your account
- To execute your scheduled data jobs
- To send service-related emails (job failure alerts, trial expiry notices, invite emails)
- To respond to your support requests
- To improve the platform based on usage patterns
We do not sell your data. We do not use your data for advertising.
3. Third-party services
Bridge integrates with the following third-party services on your behalf:
- Google (OAuth login, Google Sheets) — governed by Google's Privacy Policy
- HubSpot (CRM data connector) — governed by HubSpot's Privacy Policy
- Resend (transactional email) — your email address is shared to send you notifications
- Amazon Web Services (infrastructure hosting) — your data is stored on AWS servers in the us-east-1 region
- Stripe (payment processing, future) — payment data is handled by Stripe and not stored by us
We only share data with third parties as necessary to operate the service you have requested.
4. Data security
- All connection credentials are encrypted at rest using AES-256-GCM
- Passwords are hashed using SHA-256 with a random salt
- OAuth tokens are stored encrypted and refreshed automatically
- All traffic is encrypted in transit using TLS 1.2+
- Access to your workspace data is restricted to members you have explicitly invited
5. Data retention
- Job run logs are retained according to your plan (30 days on Starter, 90 days on Growth, unlimited on Scale)
- Account data is retained for the duration of your account
- Upon account deletion, your data is removed within 30 days
6. Your rights
You have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Request deletion of your account and associated data
- Export your job configurations and connection names
- Disconnect any third-party OAuth connection (Google, HubSpot) at any time from within Bridge
To exercise any of these rights, email harpreet@datalaxe.com.
7. Cookies
Bridge does not use tracking cookies. We use browser sessionStorage to maintain your login session. No advertising cookies or third-party trackers are used.
8. Children
Bridge is not intended for users under 18. We do not knowingly collect personal information from minors.
9. Changes to this policy
We may update this policy periodically. We will notify you by email and update the "Last updated" date above. Continued use of Bridge after changes constitutes acceptance.
10. Contact
DataLaxe is operated by Harpreet Singh, India.
Email: harpreet@datalaxe.com
Phone: +91 84376 08535