Last updated: May 29, 2025
This Privacy Policy explains how Galaxy Software, Inc. ("Galaxy", "we", "our") collects, uses, and discloses information about you when you visit our websites, install or use our desktop or web applications, or otherwise interact with us (collectively, the "Services").
TL;DR
- Privacy first. By default, raw query text and result data stay on your machine. Enabling optional cloud‑features (e.g., AI Copilot) sends schema‑only context to our servers for a few seconds—never full result sets.
- Privacy Mode. Turn it on and we retain zero code or query data; AI prompts are sent with no data retention, mirroring Cursor’s approach.
- No selling your data. We share personal info only with subprocessors that help us run Galaxy (hosting, payments, analytics) under strict contracts.
- Transparent analytics. We collect minimal aggregated usage telemetry (feature clicks, crash logs) to improve the product. You can opt out.
- Your control. Access, export, or delete your data any time in Settings or by emailing support@getgalaxy.io.
1. Information We Collect
1.1 Information You Provide Directly
CategoryExamplesWhy We CollectAccount DataName, email, hashed password, organizationCreate and secure your accountBilling DataCard details, address (processed by Stripe)Process transactionsSupport DataMessages, attachments, feedbackResolve issues, improve ServicesOptional Cloud ArtifactsSnippets, connection profiles, AI prompts (schema‑only)Enable sync, collaboration, Copilot
1.2 Information We Collect Automatically
- Usage & Telemetry – feature usage, performance metrics, crash logs.
- Device & Log Data – IP address, browser type, OS, timestamps.
- Cookies / Local Storage – session authentication, language preference.
1.3 Information from Third Parties
- SSO Providers – profile basics if you sign in with Google, Okta, etc.
- Payment Processor – transaction status from Stripe.
2. How We Use Information
- Operate and maintain the Services.
- Process payments and manage subscriptions.
- Diagnose bugs and enhance the product.
- Secure the Services and prevent fraud.
- Send transactional emails and product updates.
- Comply with legal obligations.
Legal bases (GDPR): contract performance, legitimate interest, consent, legal obligation.
3. How We Share Information
RecipientPurposeService Providers (AWS, Stripe, PostHog, Intercom)Infrastructure, payments, analytics, supportAI Model Providers (OpenAI, Anthropic, Fireworks)Process prompts—schema‑only, zero‑retention contractsBusiness TransfersCorporate sale, merger, or acquisitionLegal / SafetyComply with law or protect rights and safety
We do not sell personal data.
4. Data Retention
- Account & billing data: retained while account is active + 5 years for tax/audit.
- Optional cloud artifacts: deleted within 30 days of workspace deletion or request.
- Local‑only data: never leaves your device.
5. Your Rights & Choices
- Access / Export your data.
- Correct or Update inaccurate info.
- Delete your account and cloud‑stored artifacts.
- Opt‑out of marketing emails and analytics.
- EEA/UK: rights to object, restrict processing, lodge complaints.
- California: CCPA rights; we do not “sell” or “share” data.
6. Security
Encryption in transit (TLS 1.2+) and at rest (AES‑256), MFA for all employees, least‑privilege IAM, annual penetration testing, and continuous vulnerability scanning. See getgalaxy.io/security.
7. Cookies & Similar Technologies
We use only essential and first‑party analytics cookies. Manage via your browser.
8. International Transfers
Servers are located in the United States. When we transfer personal data from the EEA/UK, we rely on Standard Contractual Clauses.
9. Children
Galaxy is not intended for children under 16 and we do not knowingly collect their data.
10. Changes to This Policy
We may update this Policy periodically. Material changes will be notified via email or in‑app notice at least 30 days before they take effect.
11. Contact Us
Galaxy Software, Inc.
Attn: Privacy
support@getgalaxy.io
© 2025 Galaxy Software, Inc. All rights reserved.
.avif){kind=logo}
