Nexoxa BridgeNEXOXA BRIDGE
  • WHAT WE DO
  • FEATURES
  • DOCS
  • PRICING
  • BLOG
  • CONTACT
DOWNLOAD NOWDOWNLOAD

) Privacy Policy

Privacy Policy

NexoxaBridge is local-first. Your database connection strings, SSH keys, and query history stay encrypted on your device — not on our servers. Web analytics from @nexoxa/analytics stays on your server too. This policy explains exactly what we do and do not collect, how AI features use external APIs, your rights under the GDPR and India's Digital Personal Data Protection Act (DPDP), and how to delete your account.

Last updated July 6, 2026

Privacy Policy

On this page

  • 1. Who we are (Data Controller)
  • 2. Summary — what we store vs. what we never touch
  • 3. Local-first studio — how your credentials are protected
  • 4. Legal bases for processing (GDPR Article 6)
  • 5. Account data we process in detail
  • 6. Optional Pro/Enterprise cloud features & AI
  • 7. Pro workspace collaboration — encrypted sharing & team pulse
  • 8. Server logs, cookies, website analytics & Bridge SDK
  • 9. Processors, subprocessors & international transfers
  • 10. How long we keep data
  • 11. Your rights (GDPR & similar laws)
  • 12. India — Digital Personal Data Protection Act (DPDP)
  • 13. Security measures
  • 14. Children
  • 15. Automated decision-making
  • 16. Changes to this policy
  • 17. Contact

Product features

  • PostgreSQLRLS, GUC, replication
  • MySQL / MariaDB
  • MongoDB
  • Redis
  • LibSQL / Turso
  • Primary keys & indexesSchema browser
  • Foreign keys & ER graphFK community map
  • GUC & server settingsPostgres GUC panel
  • Data grid & SQL editor
  • Knowledge graphSchema + FK communities
  • nexoxa-mcpCursor / Claude MCP
  • nexoxa-bridge-sdk
  • nexoxa-sdkPlatform accounts
  • @nexoxa/analytics
  • @nexoxa/speed-insights
  • @nexoxa/seo
  • Integrations hub

1. Who we are (Data Controller)

Nexoxa ("we", "us", "our") operates the NexoxaBridge website (asteron.nexoxa.com and related domains), account services, and the NexoxaBridge Database & Server Studio desktop application ("Software").

We provide developer platform software — desktop workbench with optional cloud subscriptions for platform features (not ai tokens). Nexoxa is established in India. For the purposes of the EU General Data Protection Regulation ("GDPR"), UK GDPR, India's Digital Personal Data Protection Act, 2023 ("DPDP Act"), and similar laws, Nexoxa is the data controller / Data Fiduciary for personal data processed through our website and account platform.

Contact[email protected] — privacy, support, billing, GDPR and DPDP requests
FounderYasharka, Founder & operator

This policy applies to visitors of our website, registered account holders, and signed-in users of the Software when it communicates with our platform (authentication, billing, and tier-gated features). It does not govern third-party sites you connect to through the Software — those systems have their own policies.

2. Summary — what we store vs. what we never touch

You can trust us with this distinction

We built NexoxaBridge so that production secrets never reach our servers in readable form. Your saved postgres://, ssh://, s3://, and similar connection URLs stay on your computer, encrypted with AES-256-GCM in your operating system's secure credential store. We cannot read them and cannot retrieve them — even if you ask us to. Pro workspace sharing is the one exception: teammates may upload end-to-end encrypted blobs so others can connect — see section 7. We still cannot decrypt those blobs ourselves.

Stored on NexoxaBridge servers (account & platform only)

  • First name and last name
  • Email address (used as your account identifier)
  • Password (stored as a one-way cryptographic hash — we never store plaintext passwords)
  • Subscription tier (Free, Pro, Enterprise) and account status
  • Authentication session tokens and session expiry
  • Workspace membership, invites, roles, and activity summaries for Pro collaboration
  • End-to-end encrypted connection blobs and encryption key material for Pro workspace sharing (ciphertext and public keys only — see section 7)
  • Account creation date and last activity timestamps
  • Support emails and correspondence you send us voluntarily
  • Billing status (payment card details are handled by our payment processor — we do not store full card numbers)

Never stored on NexoxaBridge servers in readable (plaintext) form

  • Database connection URLs, passwords, ports, or full connection strings — except inside end-to-end encrypted blobs that we cannot decrypt (Pro workspace sharing only; see section 7)
  • SSH private keys, SFTP/FTP credentials, or saved-connection secrets from your local vault
  • S3 access keys, secret keys, or bucket credentials in plaintext
  • SMTP mail credentials or message content
  • SQL queries, query results, schema files, or migration scripts (except optional Pro team-pulse metrics and truncated activity metadata — see section 7)
  • Copilot conversation history, prompts, or AI context from your databases (Pro/Enterprise; processed via your BYOK key or Enterprise-hosted Copilot — not stored on our platform)
  • Knowledge-graph snapshots or FK graph data from your databases (unless you explicitly enable Pro cloud sync)
  • File transfer queues, audit logs, or server dashboard telemetry from your infrastructure
  • Web analytics and speed-insights events from sites where you install @nexoxa/analytics or @nexoxa/speed-insights — those stay on your server in .nexoxa/ JSONL files (see section 8)
  • Contents of your local workspace, saved queries, or UI layout preferences
  • RSA private keys used for workspace encryption — these remain on your device only

Even if someone compromises your computer

Connection credentials are sealed in your OS keychain (Windows Credential Manager, macOS Keychain, or Linux secret service) using AES-256-GCM. They are not stored in plaintext files, browser localStorage, or readable config on disk. A hacker who gains access to your machine still faces OS-level encryption and access controls — they cannot simply open a text file and read your postgres:// URL. You should still use full-disk encryption, a strong login password, and keep your OS updated — but NexoxaBridge is designed so secrets are not left lying around in the clear.

3. Local-first studio — how your credentials are protected

The NexoxaBridge desktop application is local-first by design. When you save a connection, the Software encrypts the connection string and stores it in your operating system's secure credential vault — not in our cloud.

EncryptionAES-256-GCM with a key derived from your OS keychain / credential manager
WindowsWindows Credential Manager
macOSKeychain Access
LinuxSecret Service API (e.g. GNOME Keyring, KWallet)
In transitWhen the Software talks to your database or SSH host, connections use that host's TLS/SSH encryption — NexoxaBridge does not proxy your traffic through our servers for normal local use

Account required: You must create an NexoxaBridge account (Free, Pro, or Enterprise) and sign in to use the Software and Platform. There is no anonymous or login-free mode — every tier requires registration and authentication to open the studio, enforce plan limits, and access Copilot and connection features.

What remains local-first: after you sign in, your saved database connection URLs, SSH keys, and local workspace data stay on your device, encrypted in your OS credential vault — not in readable form on our servers. Sign-in verifies your account; it does not upload your production secrets unless you explicitly use Pro collaboration features described in section 7.

Uninstalling the Software removes NexoxaBridge-managed entries from your local credential store. We cannot uninstall or wipe data on your device remotely because we never had your connection data in the first place.

4. Legal bases for processing (GDPR Article 6)

We process personal data only where we have a valid legal basis:

Account registration & loginContract (Art. 6(1)(b)) — necessary to provide the service you signed up for
Billing & subscription managementContract (Art. 6(1)(b)) and Legal obligation (Art. 6(1)(c)) for tax and accounting records where applicable
Security logs (IP, user agent)Legitimate interests (Art. 6(1)(f)) — protecting our platform and users from abuse, fraud, and attacks; balanced against your privacy rights
Support emailsLegitimate interests (Art. 6(1)(f)) or Contract depending on the request
Optional marketing (if ever offered)Consent (Art. 6(1)(a)) — you may withdraw at any time
Pro workspace collaboration (shared connections, team pulse)Contract (Art. 6(1)(b)) — only when you or your workspace uses Pro collaboration; encrypted blobs and optional team metrics as described in section 7
Pro cloud features (knowledge graph sync, platform Copilot)Contract (Art. 6(1)(b)) — only for data you explicitly enable to sync; Free tier does not use this

We do not rely on consent as the sole basis for processing that is required to use core account features. Where we ask for consent (e.g. non-essential cookies), you can refuse without losing access to paid features you have already purchased, except where a feature inherently requires that processing.

5. Account data we process in detail

When you register at asteron.nexoxa.com — required for Free, Pro, and Enterprise — we process:

IdentityFirst name, last name, email address
AuthenticationPassword hash (scrypt), session token, session expiry date
SubscriptionTier ID (free/pro/enterprise), workspace limit, feature flags (e.g. cloud Copilot, knowledge graph entitlement)
Account statusActive or suspended; joined date; last active date
PaymentBilling status and customer ID from our payment processor — not your full card number, CVV, or PIN

We use this information solely to authenticate you, enforce plan limits, process payments, provide support, and comply with law. We do not use your email for unrelated advertising without consent.

6. Optional Pro/Enterprise cloud features & AI

Free tier: Requires sign-in. After authentication, the studio runs locally. Copilot can use your own API key stored locally. No schema or connection data is uploaded to NexoxaBridge servers.

Pro/Enterprise: Also requires sign-in. May include platform-hosted Copilot (OpenRouter) and knowledge-graph features. In these cases:

  • Only data required for the feature is transmitted — e.g. schema metadata or graph summaries you trigger, not your raw connection strings
  • Passwords, SSH private keys, and S3/SMTP credentials are never sent to AI providers
  • Transmission uses TLS 1.2+ encryption in transit
  • You can disconnect from the platform and continue using local-only features

AI uses external APIs

Copilot sends schema context, SQL you include, and error messages to AI providers when you ask — never your connection vault secrets. See our Security & AI data page for details.

Default is local

Nothing syncs to our servers unless the feature requires it and your plan includes it. Saved connection vault data remains on your device regardless of tier. Pro collaboration uploads encrypted blobs only when a workspace owner or editor chooses to share a connection.

7. Pro workspace collaboration — encrypted sharing & team pulse

Pro and Enterprise workspaces may invite teammates and optionally share database access or live database metrics. This section describes exactly what is uploaded, what stays encrypted, and what we can and cannot read.

We do not store your connection URLs in plaintext

When you share a connection with a workspace, the Software encrypts the connection details on your device before upload. Our servers receive only ciphertext (an AES-256-GCM encrypted blob). NexoxaBridge staff and platform administrators cannot decrypt that blob — only workspace members who hold the correct private key on their own device can.

End-to-end encryption model

Connection payloadAES-256-GCM encrypted JSON (may include a connection URL, label, and engine type). Encrypted on your device; stored on our platform as ciphertext only.
Workspace encryption keyA random AES key per workspace, wrapped separately for each member using RSA-OAEP (2048-bit) with that member's public key.
Public keysEach user's RSA public key is stored on the platform so teammates can wrap keys for them. Public keys alone cannot decrypt shared connections.
Private keysStored only on your device, encrypted in your local vault. Never uploaded to NexoxaBridge servers.
In transitTLS 1.2+ between the Software and our platform API.

What we store for collaboration (platform database)

  • Workspace name, membership, roles, and invite status
  • Collaboration activity log entries you generate (e.g. "connection shared", schema actions synced by teammates)
  • Editor change proposals — encrypted JSON (cell edits, SQL, CSV rows, DDL specs). Readable metadata (schema/table names, change type) is stored separately for review UI.
  • Encrypted connection blobs (encrypted_payload) — ciphertext only; no readable hostname, username, password, or URL
  • RSA public keys and per-member wrapped workspace keys (required for E2E key distribution)

In-app disclosure & consent

Before you create or join a workspace, the Software shows a collaboration data disclosure describing encrypted vs. readable sync. You must accept the disclosure and agree to these Terms and this Privacy Policy (including this section) before collaboration features activate on that device. Consent is stored locally per account; we may ask you to re-accept if the disclosure changes materially.

Team pulse (optional live metrics)

If a connected workspace member publishes team pulse, we may store non-secret metadata in readable form to show teammates a live dashboard:

  • Database engine type (e.g. PostgreSQL)
  • Database label or name (not your password)
  • Hostname or IP address of the connected server (not the full connection URL)
  • Aggregate metrics (database size, connection count, table counts, cache hit ratio)
  • Optional session snapshots (e.g. active query text, database user name) — only what the publisher's connected session exposes; you control this by staying connected and using live sync

Team pulse does not include your connection password or full connection string. To avoid publishing hostname or query snippets, do not enable live sync or disconnect before teammates view pulse data.

If our platform were breached

An attacker with access only to our database would obtain ciphertext, public keys, and wrapped keys — not usable connection URLs or passwords without also compromising a workspace member's device and unlocking their local private key. This is materially stronger than storing connection strings in plaintext, but no system is risk-free: protect your device, use strong passwords, and rotate credentials if you suspect compromise.

Your controls

  • Sharing is opt-in — only workspace owners/editors who choose "Share" upload encrypted blobs
  • Remove a shared connection or leave a workspace to stop future access for teammates
  • Rotate database passwords at the source if a teammate's device may be compromised
  • Free tier does not use workspace connection sharing or team pulse

Privacy summary for your own policies

You may tell your team and customers: "NexoxaBridge does not store our connection URLs in readable form. Pro sharing uses end-to-end encryption — only our workspace members can decrypt shared credentials on their devices." If you enable team pulse, disclose that hostname and live query metadata may be visible to invited teammates.

8. Server logs, cookies, website analytics & Bridge SDK

Platform API & website logs

Our servers may temporarily log:

  • IP address and approximate region (derived from IP)
  • Browser user agent and request path
  • Timestamp and HTTP status code
  • Authentication success/failure (without logging your password)

Logs are used for security monitoring, debugging outages, and abuse prevention — not for advertising profiles. Retention is limited (typically 30–90 days unless needed for an incident investigation).

Cookies & local storage

  • Strictly necessary: Session tokens for account login and admin authentication
  • Functional: Preferences you set on the website (e.g. theme), stored in localStorage on your browser
  • We do not use third-party advertising cookies or sell data to brokers

Under the GDPR and ePrivacy rules, strictly necessary cookies do not require consent. For any non-essential cookies we may add in the future, we will request consent via a clear banner before setting them.

@nexoxa/analytics & @nexoxa/speed-insights (self-hosted SDK)

NexoxaBridge ships optional npm packages — @nexoxa/analytics and @nexoxa/speed-insights — that you may install on any website or app you operate — for every SSH deployment in Bridge where that SDK is integrated. This is the default, production-ready integration model:

Data stays on the connected server — not on Nexoxa cloud

For each deployment, visitors send events to same-origin API routes on that app (e.g. /api/nexoxa-analytics/collect). The app persists them under .nexoxa/analytics/ and .nexoxa/speed-insights/ on that server's disk. When you connect that host in NexoxaBridge over SSH, dashboards read those files — Bridge is a viewer only and does not copy events to Nexoxa servers or require Bridge to be open 24/7.

What the SDK may collect (on your server)

Web AnalyticsPage path (query strings stripped), hostname, referrer, UTM parameters, anonymous visitor ID (localStorage), browser user-agent, optional custom event names/values you send via track()
Speed InsightsCore Web Vitals (LCP, FCP, INP, CLS, TTFB, RES), page path and route segment, device class (desktop/mobile/tablet), connection type when available, anonymous visitor ID
Server-side enrichmentYour collect route may append visitor IP from reverse-proxy headers (X-Forwarded-For) for country breakdown in Bridge — stored in your JSONL files only
RetentionBounded by NEXOXA_RETENTION_DAYS (default 30) and NEXOXA_MAX_MB (default 8 MB per site) on your server

What Nexoxa does not do with SDK data

  • We do not receive SDK events on Nexoxa platform servers or any Nexoxa-hosted analytics pipeline
  • We do not sell visitor data or share it with ad networks
  • We do not fingerprint visitors across unrelated sites
  • Bridge does not upload your .nexoxa/ files to our platform by default

Your responsibilities if you install the SDK

If you operate a public website with our SDK, you are typically the data controller for visitor analytics on that site. You should:

  • Disclose analytics in your own privacy policy (what you collect, why, retention, and rights)
  • Use requireConsent and setAnalyticsConsent() / setSpeedInsightsConsent() with your cookie banner where EU/UK ePrivacy consent is required
  • Avoid sending personal data in custom events or URLs (e.g. email in query strings) — paths are sanitized but you control what you pass to track()
  • Optionally set NEXOXA_COLLECT_SECRET on your server to reject unsigned POST abuse
  • Mount NEXOXA_DATA_DIR in Docker so data survives restarts and Bridge SSH can read it

Privacy snippet for your site policy

Example disclosure you may adapt: "We use Nexoxa analytics scripts that store anonymous usage and performance data on our own servers (not on Nexoxa's cloud). Data includes page views, referrers, device type, and Core Web Vitals. We retain it for up to 30 days. You may opt out via our cookie settings. Contact us to exercise GDPR rights regarding data we control."

NexoxaBridge desktop (local dev only)

When developing with Bridge locally, collect routes may also exist on 127.0.0.1:47821 for testing. Production sites should use the SDK + @nexoxa/*/node routes on your deployment, not the developer laptop.

9. Processors, subprocessors & international transfers

We use trusted service providers ("processors" under GDPR) who process data only on our instructions and under contractual safeguards:

  • Cloud hosting and database providers (account data storage)
  • Payment processors (billing)
  • Email delivery (support and transactional messages)
  • AI inference providers for Pro Copilot (prompt/response handling — not your connection vault)

If personal data is transferred outside the European Economic Area (EEA) or UK, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs), adequacy decisions, or equivalent mechanisms required by GDPR Chapter V.

You may request a list of key subprocessors by emailing [email protected].

10. How long we keep data

Active accountFor the lifetime of your account while you use our services
After account deletionAccount profile and sessions deleted within 30 days; billing/tax records retained up to 7 years where law requires
Security logsTypically 30–90 days, longer if investigating abuse
Support ticketsUp to 2 years after resolution unless you ask us to delete sooner
Pro workspace collaborationEncrypted connection blobs, public keys, and wrapped keys for the lifetime of the workspace (or until you remove them); collaboration activity logs while the workspace exists; all removed when the workspace is deleted
Team pulse snapshotsOverwritten on each publish; removed when the workspace is deleted or live sync stops updating
Local studio dataControlled by you on your device — we do not hold copies

11. Your rights (GDPR & similar laws)

If you are in the EEA, UK, or Switzerland (or another jurisdiction with similar laws), you have the following rights regarding your personal data:

  • Right of access — obtain a copy of personal data we hold about you
  • Right to rectification — correct inaccurate name or email
  • Right to erasure ("right to be forgotten") — request deletion of your account data, subject to legal retention obligations
  • Right to restriction — ask us to limit processing in certain circumstances
  • Right to data portability — receive account data in a structured, machine-readable format
  • Right to object — object to processing based on legitimate interests
  • Right to withdraw consent — where processing is consent-based, without affecting prior lawful processing
  • Right to lodge a complaint with your local supervisory authority (e.g. your national Data Protection Authority in the EU, or the ICO in the UK)

How to exercise your rights

Email [email protected] from the address linked to your account, or use Delete account on your dashboard for erasure. We respond within one month as required by GDPR Article 12 (extendable by two months for complex requests, with notice). We may need to verify your identity before fulfilling a request.

Note: We cannot export or delete data that exists only on your device (connection vault, local queries) because we do not possess it. You control that data through the Software and your OS.

12. India — Digital Personal Data Protection Act (DPDP)

Nexoxa operates from India and serves users worldwide, including Data Principals in India. Where the DPDP Act applies, Nexoxa acts as a Data Fiduciary for account and platform personal data described in this policy (name, email, billing metadata, session tokens, workspace membership, and related records). We do not act as Data Fiduciary for personal data inside databases, servers, mailboxes, or files you access through the Software — you remain responsible for lawful processing of that data.

Lawful processing & consent

We process personal data for specified purposes: providing accounts, authentication, billing, collaboration features you enable, security, and support. Where consent is required, we obtain it through sign-up, checkout, or explicit in-product choices. You may withdraw consent for optional processing by contacting us or deleting your account; withdrawal does not affect prior lawful processing.

Rights of Data Principals (India)

Subject to the DPDP Act and applicable rules, you may have the right to:

  • Access information about personal data we process about you and how to exercise your rights
  • Correction and completion of inaccurate or incomplete personal data
  • Erasure when retention is no longer necessary for the stated purpose or when you withdraw consent (subject to legal retention for tax and billing)
  • Grievance redressal — raise concerns about our processing (see below)
  • Nominate another individual to exercise your rights in the event of death or incapacity (contact us to register a nominee)

Grievance & DPDP requests

For DPDP-related questions, corrections, or erasure requests, email [email protected] with the subject line DPDP request. We aim to acknowledge grievances within a reasonable period and resolve them in line with the DPDP Act. For immediate erasure of your platform account, use Delete account on your dashboard (password confirmation required).

Children

Our services are intended for developers and IT professionals. We do not knowingly process personal data of children in a manner that requires verifiable parental consent under the DPDP Act. If you believe a child has provided us data without appropriate consent, contact [email protected] and we will delete it promptly.

Cross-border transfers

Where personal data is transferred outside India, we implement safeguards required by applicable law, including contractual clauses with processors and limiting transfers to what is necessary to provide the service.

13. Security measures

We implement technical and organizational measures appropriate to the risk, including:

  • TLS encryption for data in transit to our platform
  • Password hashing (scrypt) — passwords are never stored in plaintext
  • Access controls and least-privilege for production systems
  • Session tokens with expiry for admin and user authentication
  • Local AES-256-GCM encryption for credentials in the desktop app
  • End-to-end encryption (AES-256-GCM + RSA-OAEP) for Pro workspace shared connections — platform stores ciphertext only
  • Regular dependency updates and security monitoring on platform infrastructure

No method of transmission or storage is 100% secure. If you believe your account has been compromised, contact [email protected] immediately. For compromise of your local machine, rotate database passwords and SSH keys at the source — NexoxaBridge cannot do that on your behalf.

14. Children

Our services are intended for developers and IT professionals aged 16 and over. We do not knowingly collect personal data from children under 16. If you believe a child has provided us data, contact [email protected] and we will delete it promptly.

15. Automated decision-making

We do not use automated decision-making or profiling that produces legal or similarly significant effects on you within the meaning of GDPR Article 22. Copilot suggestions in the Software are assistive tools — you decide whether to run any query or migration.

16. Changes to this policy

We may update this Privacy Policy to reflect product changes or legal requirements. Material changes will be posted on this page with a revised "Last updated" date. For significant changes affecting existing users, we will provide notice by email or in-app where appropriate. Continued use after the effective date constitutes acknowledgment; if you disagree, you may delete your account.

17. Contact

Privacy and data protection inquiries: [email protected]

See also our Terms of Use for the contractual rules governing the Software and website.

NexoxaBridge exists so developers can work on production systems without handing secrets to yet another cloud. If anything in this policy is unclear, email us — we would rather explain plainly than hide behind vague legalese.

Product

Explore platform features

Primary keys & indexes

See every PK and index without digging through DDL

SSH dashboards

VPS health score in one ssh:// connect

SFTP dual-pane studio

Dual-pane SFTP beside your SQL tabs

SMTP connect & verify

AUTH + TLS check before you send

Local-first infrastructure for developers.

One Windows studio. Databases, SSH, SFTP, S3, SMTP, MCP, and analytics SDKs — credentials encrypted on your machine.

Product

  • All features
  • Databases
  • SSH dashboards
  • SFTP & S3
  • SMTP mail
  • Pricing
  • Integrations

Guides & comparisons

  • All best-of guides
  • Best PostgreSQL GUIs
  • Best Redis GUIs
  • Best MySQL GUIs
  • Best MongoDB GUIs
  • Best multi-DB GUIs
  • Best SFTP clients (Windows)
  • Best SSH clients (Windows)
  • Best DB tools (Windows)
  • DBeaver vs Nexoxa Bridge
  • TablePlus vs Nexoxa Bridge
  • pgAdmin vs Nexoxa Bridge
  • DataGrip vs Nexoxa Bridge
  • Redis Insight vs Nexoxa
  • DBeaver alternatives
  • TablePlus alternatives
  • Postgres + Redis + SFTP
  • Cursor MCP + databases
  • MCP servers for databases
  • Local-first credentials
  • Stop using five apps
  • FileZilla alternatives
  • SMTP testing tools
  • How I built Nexoxa Bridge

Resources

  • Documentation
  • Blog
  • llms.txt
  • What is Nexoxa?
  • Use cases
  • Vision showcase

Company

  • Contact
  • Privacy
  • Terms
  • Refunds
  • Security

Connect

[email protected]Featured on Twelve Tools

© 2026 • NEXOXA • ALL RIGHTS RESERVED

Nexoxa Bridge.

Nexoxa Bridge