
Primary keys & indexes
See every PK and index without digging through DDL
Privacy Policy
NexoxaBridge is local-first. Your database connection strings, SSH keys, and query history stay encrypted on your device — not on our servers. Web analytics from @nexoxa/analytics stays on your server too. This policy explains exactly what we do and do not collect, how AI features use external APIs, your rights under the GDPR and India's Digital Personal Data Protection Act (DPDP), and how to delete your account.
Last updated July 6, 2026

Nexoxa ("we", "us", "our") operates the NexoxaBridge website (asteron.nexoxa.com and related domains), account services, and the NexoxaBridge Database & Server Studio desktop application ("Software").
We provide developer platform software — desktop workbench with optional cloud subscriptions for platform features (not ai tokens). Nexoxa is established in India. For the purposes of the EU General Data Protection Regulation ("GDPR"), UK GDPR, India's Digital Personal Data Protection Act, 2023 ("DPDP Act"), and similar laws, Nexoxa is the data controller / Data Fiduciary for personal data processed through our website and account platform.
| Contact | [email protected] — privacy, support, billing, GDPR and DPDP requests |
|---|---|
| Founder | Yasharka, Founder & operator |
This policy applies to visitors of our website, registered account holders, and signed-in users of the Software when it communicates with our platform (authentication, billing, and tier-gated features). It does not govern third-party sites you connect to through the Software — those systems have their own policies.
You can trust us with this distinction
postgres://, ssh://, s3://, and similar connection URLs stay on your computer, encrypted with AES-256-GCM in your operating system's secure credential store. We cannot read them and cannot retrieve them — even if you ask us to. Pro workspace sharing is the one exception: teammates may upload end-to-end encrypted blobs so others can connect — see section 7. We still cannot decrypt those blobs ourselves.@nexoxa/analytics or @nexoxa/speed-insights — those stay on your server in .nexoxa/ JSONL files (see section 8)Even if someone compromises your computer
postgres:// URL. You should still use full-disk encryption, a strong login password, and keep your OS updated — but NexoxaBridge is designed so secrets are not left lying around in the clear.The NexoxaBridge desktop application is local-first by design. When you save a connection, the Software encrypts the connection string and stores it in your operating system's secure credential vault — not in our cloud.
| Encryption | AES-256-GCM with a key derived from your OS keychain / credential manager |
|---|---|
| Windows | Windows Credential Manager |
| macOS | Keychain Access |
| Linux | Secret Service API (e.g. GNOME Keyring, KWallet) |
| In transit | When the Software talks to your database or SSH host, connections use that host's TLS/SSH encryption — NexoxaBridge does not proxy your traffic through our servers for normal local use |
Account required: You must create an NexoxaBridge account (Free, Pro, or Enterprise) and sign in to use the Software and Platform. There is no anonymous or login-free mode — every tier requires registration and authentication to open the studio, enforce plan limits, and access Copilot and connection features.
What remains local-first: after you sign in, your saved database connection URLs, SSH keys, and local workspace data stay on your device, encrypted in your OS credential vault — not in readable form on our servers. Sign-in verifies your account; it does not upload your production secrets unless you explicitly use Pro collaboration features described in section 7.
Uninstalling the Software removes NexoxaBridge-managed entries from your local credential store. We cannot uninstall or wipe data on your device remotely because we never had your connection data in the first place.
We process personal data only where we have a valid legal basis:
| Account registration & login | Contract (Art. 6(1)(b)) — necessary to provide the service you signed up for |
|---|---|
| Billing & subscription management | Contract (Art. 6(1)(b)) and Legal obligation (Art. 6(1)(c)) for tax and accounting records where applicable |
| Security logs (IP, user agent) | Legitimate interests (Art. 6(1)(f)) — protecting our platform and users from abuse, fraud, and attacks; balanced against your privacy rights |
| Support emails | Legitimate interests (Art. 6(1)(f)) or Contract depending on the request |
| Optional marketing (if ever offered) | Consent (Art. 6(1)(a)) — you may withdraw at any time |
| Pro workspace collaboration (shared connections, team pulse) | Contract (Art. 6(1)(b)) — only when you or your workspace uses Pro collaboration; encrypted blobs and optional team metrics as described in section 7 |
| Pro cloud features (knowledge graph sync, platform Copilot) | Contract (Art. 6(1)(b)) — only for data you explicitly enable to sync; Free tier does not use this |
We do not rely on consent as the sole basis for processing that is required to use core account features. Where we ask for consent (e.g. non-essential cookies), you can refuse without losing access to paid features you have already purchased, except where a feature inherently requires that processing.
When you register at asteron.nexoxa.com — required for Free, Pro, and Enterprise — we process:
| Identity | First name, last name, email address |
|---|---|
| Authentication | Password hash (scrypt), session token, session expiry date |
| Subscription | Tier ID (free/pro/enterprise), workspace limit, feature flags (e.g. cloud Copilot, knowledge graph entitlement) |
| Account status | Active or suspended; joined date; last active date |
| Payment | Billing status and customer ID from our payment processor — not your full card number, CVV, or PIN |
We use this information solely to authenticate you, enforce plan limits, process payments, provide support, and comply with law. We do not use your email for unrelated advertising without consent.
Free tier: Requires sign-in. After authentication, the studio runs locally. Copilot can use your own API key stored locally. No schema or connection data is uploaded to NexoxaBridge servers.
Pro/Enterprise: Also requires sign-in. May include platform-hosted Copilot (OpenRouter) and knowledge-graph features. In these cases:
AI uses external APIs
Default is local
Pro and Enterprise workspaces may invite teammates and optionally share database access or live database metrics. This section describes exactly what is uploaded, what stays encrypted, and what we can and cannot read.
We do not store your connection URLs in plaintext
| Connection payload | AES-256-GCM encrypted JSON (may include a connection URL, label, and engine type). Encrypted on your device; stored on our platform as ciphertext only. |
|---|---|
| Workspace encryption key | A random AES key per workspace, wrapped separately for each member using RSA-OAEP (2048-bit) with that member's public key. |
| Public keys | Each user's RSA public key is stored on the platform so teammates can wrap keys for them. Public keys alone cannot decrypt shared connections. |
| Private keys | Stored only on your device, encrypted in your local vault. Never uploaded to NexoxaBridge servers. |
| In transit | TLS 1.2+ between the Software and our platform API. |
encrypted_payload) — ciphertext only; no readable hostname, username, password, or URLBefore you create or join a workspace, the Software shows a collaboration data disclosure describing encrypted vs. readable sync. You must accept the disclosure and agree to these Terms and this Privacy Policy (including this section) before collaboration features activate on that device. Consent is stored locally per account; we may ask you to re-accept if the disclosure changes materially.
If a connected workspace member publishes team pulse, we may store non-secret metadata in readable form to show teammates a live dashboard:
Team pulse does not include your connection password or full connection string. To avoid publishing hostname or query snippets, do not enable live sync or disconnect before teammates view pulse data.
An attacker with access only to our database would obtain ciphertext, public keys, and wrapped keys — not usable connection URLs or passwords without also compromising a workspace member's device and unlocking their local private key. This is materially stronger than storing connection strings in plaintext, but no system is risk-free: protect your device, use strong passwords, and rotate credentials if you suspect compromise.
Privacy summary for your own policies
Our servers may temporarily log:
Logs are used for security monitoring, debugging outages, and abuse prevention — not for advertising profiles. Retention is limited (typically 30–90 days unless needed for an incident investigation).
Under the GDPR and ePrivacy rules, strictly necessary cookies do not require consent. For any non-essential cookies we may add in the future, we will request consent via a clear banner before setting them.
NexoxaBridge ships optional npm packages — @nexoxa/analytics and @nexoxa/speed-insights — that you may install on any website or app you operate — for every SSH deployment in Bridge where that SDK is integrated. This is the default, production-ready integration model:
Data stays on the connected server — not on Nexoxa cloud
/api/nexoxa-analytics/collect). The app persists them under .nexoxa/analytics/ and .nexoxa/speed-insights/ on that server's disk. When you connect that host in NexoxaBridge over SSH, dashboards read those files — Bridge is a viewer only and does not copy events to Nexoxa servers or require Bridge to be open 24/7.| Web Analytics | Page path (query strings stripped), hostname, referrer, UTM parameters, anonymous visitor ID (localStorage), browser user-agent, optional custom event names/values you send via track() |
|---|---|
| Speed Insights | Core Web Vitals (LCP, FCP, INP, CLS, TTFB, RES), page path and route segment, device class (desktop/mobile/tablet), connection type when available, anonymous visitor ID |
| Server-side enrichment | Your collect route may append visitor IP from reverse-proxy headers (X-Forwarded-For) for country breakdown in Bridge — stored in your JSONL files only |
| Retention | Bounded by NEXOXA_RETENTION_DAYS (default 30) and NEXOXA_MAX_MB (default 8 MB per site) on your server |
.nexoxa/ files to our platform by defaultIf you operate a public website with our SDK, you are typically the data controller for visitor analytics on that site. You should:
requireConsent and setAnalyticsConsent() / setSpeedInsightsConsent() with your cookie banner where EU/UK ePrivacy consent is requiredtrack()NEXOXA_COLLECT_SECRET on your server to reject unsigned POST abuseNEXOXA_DATA_DIR in Docker so data survives restarts and Bridge SSH can read itPrivacy snippet for your site policy
When developing with Bridge locally, collect routes may also exist on 127.0.0.1:47821 for testing. Production sites should use the SDK + @nexoxa/*/node routes on your deployment, not the developer laptop.
We use trusted service providers ("processors" under GDPR) who process data only on our instructions and under contractual safeguards:
If personal data is transferred outside the European Economic Area (EEA) or UK, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs), adequacy decisions, or equivalent mechanisms required by GDPR Chapter V.
You may request a list of key subprocessors by emailing [email protected].
| Active account | For the lifetime of your account while you use our services |
|---|---|
| After account deletion | Account profile and sessions deleted within 30 days; billing/tax records retained up to 7 years where law requires |
| Security logs | Typically 30–90 days, longer if investigating abuse |
| Support tickets | Up to 2 years after resolution unless you ask us to delete sooner |
| Pro workspace collaboration | Encrypted connection blobs, public keys, and wrapped keys for the lifetime of the workspace (or until you remove them); collaboration activity logs while the workspace exists; all removed when the workspace is deleted |
| Team pulse snapshots | Overwritten on each publish; removed when the workspace is deleted or live sync stops updating |
| Local studio data | Controlled by you on your device — we do not hold copies |
If you are in the EEA, UK, or Switzerland (or another jurisdiction with similar laws), you have the following rights regarding your personal data:
How to exercise your rights
Note: We cannot export or delete data that exists only on your device (connection vault, local queries) because we do not possess it. You control that data through the Software and your OS.
Nexoxa operates from India and serves users worldwide, including Data Principals in India. Where the DPDP Act applies, Nexoxa acts as a Data Fiduciary for account and platform personal data described in this policy (name, email, billing metadata, session tokens, workspace membership, and related records). We do not act as Data Fiduciary for personal data inside databases, servers, mailboxes, or files you access through the Software — you remain responsible for lawful processing of that data.
We process personal data for specified purposes: providing accounts, authentication, billing, collaboration features you enable, security, and support. Where consent is required, we obtain it through sign-up, checkout, or explicit in-product choices. You may withdraw consent for optional processing by contacting us or deleting your account; withdrawal does not affect prior lawful processing.
Subject to the DPDP Act and applicable rules, you may have the right to:
Grievance & DPDP requests
Our services are intended for developers and IT professionals. We do not knowingly process personal data of children in a manner that requires verifiable parental consent under the DPDP Act. If you believe a child has provided us data without appropriate consent, contact [email protected] and we will delete it promptly.
Where personal data is transferred outside India, we implement safeguards required by applicable law, including contractual clauses with processors and limiting transfers to what is necessary to provide the service.
We implement technical and organizational measures appropriate to the risk, including:
No method of transmission or storage is 100% secure. If you believe your account has been compromised, contact [email protected] immediately. For compromise of your local machine, rotate database passwords and SSH keys at the source — NexoxaBridge cannot do that on your behalf.
Our services are intended for developers and IT professionals aged 16 and over. We do not knowingly collect personal data from children under 16. If you believe a child has provided us data, contact [email protected] and we will delete it promptly.
We do not use automated decision-making or profiling that produces legal or similarly significant effects on you within the meaning of GDPR Article 22. Copilot suggestions in the Software are assistive tools — you decide whether to run any query or migration.
We may update this Privacy Policy to reflect product changes or legal requirements. Material changes will be posted on this page with a revised "Last updated" date. For significant changes affecting existing users, we will provide notice by email or in-app where appropriate. Continued use after the effective date constitutes acknowledgment; if you disagree, you may delete your account.
Privacy and data protection inquiries: [email protected]
See also our Terms of Use for the contractual rules governing the Software and website.
Product

See every PK and index without digging through DDL

VPS health score in one ssh:// connect

Dual-pane SFTP beside your SQL tabs

AUTH + TLS check before you send