Privacy Policy

TablePro is the data controller for personal information described in this policy. For privacy questions, email [email protected].

Anonymous usage analytics (desktop app)

The Application can send anonymous usage analytics. It is enabled by default and can be turned off in Settings > General > "Share anonymous usage data".

When enabled, a 24-hour heartbeat sends three things to https://api.tablepro.app/v1/analytics:

• Anonymous machine ID: SHA-256 hash of your hardware UUID. The raw UUID is never sent.
• Environment: app version, macOS version, CPU architecture (arm64/x86_64), language.
• Usage: which database engine types you connect to (e.g. "mysql", "postgresql") and the number of open connections.

That's it. No connection details, no hosts, no credentials, no queries, no database contents. All payloads are signed with HMAC-SHA256.

Update checks

The Application uses Sparkle to check for updates. This sends your app version, macOS version, and CPU architecture to our update server. Update checks cannot be disabled separately.

License validation

If you have entered a paid License Key, the Application sends the License Key to our server when it starts and periodically afterward to confirm it is valid. No other data is sent in that request.

License purchase and account portal

When you purchase a License Key, our payment processor (LemonSqueezy or Polar, depending on your region) collects the data needed to complete the transaction: your email address, billing address, and payment information. We receive your email, License Key, and order metadata; we do not see your full payment details.

The account portal at tablepro.app/account uses magic-link authentication. We store your email and an authentication token for that purpose.

Newsletter and beta signup

If you subscribe to the newsletter or apply for beta access, we store your email address for that purpose only. You can unsubscribe at any time from any email we send.

Server logs

Our servers record standard request logs (IP address, user agent, timestamp, URL) for security and abuse prevention. These logs are retained for up to 90 days.

• No database contents or queries. SQL you write and data you fetch never leave your machine.
• No connection credentials. Database hosts, usernames, and passwords stay in the macOS Keychain.
• No personal information in the desktop app beyond the email used at purchase.
• No crash reports sent to any third party.
• No third-party trackers. No Google Analytics, Mixpanel, Sentry, or similar SDK in the desktop app.

• Anonymous analytics: understand which app versions, OS versions, and database types our users run, to prioritise compatibility and bug fixes.
• License validation: confirm a License Key is valid and active.
• Updates: deliver new versions of the Application.
• Customer support: respond to questions and refund requests.
• Newsletter and announcements: only if you subscribed.
• Security: detect abuse and unauthorised access attempts.

For users in the European Economic Area or the United Kingdom, the legal bases under GDPR / UK GDPR are:

• Contract (Art. 6(1)(b)): processing payment, providing the License Key, account portal access.
• Legitimate interest (Art. 6(1)(f)): anonymous analytics, abuse detection, server logs, retention of business records.
• Consent (Art. 6(1)(a)): newsletter subscriptions, optional features you enable.
• Legal obligation (Art. 6(1)(c)): tax records, responses to lawful requests.

We share personal data only with the providers needed to operate the Services:

• LemonSqueezy or Polar: payment processing for License Key purchases.
• Email delivery providers: transactional emails (magic links, receipts, newsletter). We use providers that do not sell or share contact data.
• Hosting providers: server infrastructure for the Website, account portal, and analytics endpoint.
• Plausible Analytics (self-hosted): aggregate, cookie-less Website analytics. No personal identifiers, no IP storage.

We do not sell, rent, or share personal data with advertisers.

Our servers operate in multiple regions. When you interact with TablePro, your data may be transferred to or processed in countries outside your own. Where required, transfers from the EEA / UK rely on Standard Contractual Clauses or other approved mechanisms.

• Anonymous analytics: aggregated indefinitely; the SHA-256 machine ID has no link to your identity.
• Account and license data: kept while your license is active and for up to 7 years afterward for tax and audit purposes.
• Newsletter subscribers: until you unsubscribe.
• Server logs: 90 days.
• Support emails: 2 years from the last interaction.

Subject to local law, you have the right to:

• Access: request a copy of personal data we hold about you.
• Rectification: correct inaccurate data.
• Erasure: ask us to delete your data, subject to legal retention obligations.
• Restriction: ask us to limit how we process your data.
• Portability: receive your data in a structured, machine-readable format.
• Object: object to processing based on legitimate interest.
• Withdraw consent: at any time, where processing is based on consent.
• Lodge a complaint: with your local data protection authority.

To exercise any of these rights, email [email protected]. We respond within 30 days.

If you are a California resident, the California Consumer Privacy Act gives you the right to know what personal information we collect, to request deletion, to opt out of "sale" of personal information, and to non-discrimination for exercising these rights. We do not sell personal information.

TablePro is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us and we will delete it.

We use industry-standard measures to protect data: HTTPS for all network traffic, password hashing with modern algorithms, scoped API tokens, and least-privilege access for our team. No system is perfectly secure; if you suspect a vulnerability, email [email protected].

The marketing site uses two functional cookies. No tracking, no advertising, no third-party SDKs.

• nl_dismissed_at (90 days): records when you dismissed the newsletter prompt so we don't reshow it. Lawful basis: legitimate interest.
• nl_subscribed (365 days): records that you subscribed so we don't reprompt. Lawful basis: legitimate interest, performance of a subscription you initiated.

Sensitive data stays on your Mac:

• Database credentials: macOS Keychain.
• Query history: local SQLite database.
• App settings: standard macOS UserDefaults.
• Tab state: local JSON files for session restore.

The Application source is on GitHub under the AGPLv3. The analytics code is in TablePro/Core/Services/AnalyticsService.swift. You can verify what is sent.

We may update this policy. Material changes will be posted on this page with a new "Last updated" date and, where required by law, notified to users.

For privacy questions, security reports, or anything else, email [email protected].