polygres
Back to Home

Privacy Policy

Last Updated: June 24, 2026

Privacy Policy

Last Updated: June 24, 2026

Evokoa, Inc. and Evokoa Pte. Ltd. ("we," "us," or "our") operate the Polygres database platform, including the website at polygres.com, the application console at app.polygres.com, the API endpoints, and related developer SDKs (collectively, the "Service").

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. We are committed to protecting your privacy and ensuring you have control over your data.


1. Information We Collect

We collect information to provide, maintain, and improve our database platform:

  • Account Information: When you create an account, we collect your name, email address, password hash, and organization name.
  • Billing Information: We use Stripe for payment processing. We do not store your credit card or financial details on our servers; this information is collected and processed directly by Stripe under their privacy policy.
  • Service Telemetry and Log Data: To keep the database hosting stable and secure, we collect metadata about API requests, query duration, resource usage (CPU, memory, storage), and server errors. This includes IP addresses, browser types, and timestamp data.
  • Database Data (Your Content): We host and process the database records, graph relationships, and vector embeddings you store in Polygres. We do not inspect, access, read, or distribute your database content unless explicitly requested by you for support troubleshooting, or as required by law.

2. How We Use Your Information

We process your information for the following purposes:

  • To set up, configure, and maintain your database instances.
  • To process payments and subscription billing.
  • To monitor infrastructure performance, protect against abuse (such as denial-of-service attacks), and diagnose bugs.
  • To send you critical system notifications, security alerts, and billing receipts.
  • To comply with our legal obligations.

3. Data Privacy and Confidentiality

Your databases are isolated and private.

  • No Data Selling: We do not sell, rent, or lease your personal information or database contents to third parties.
  • Access Control: All administrative access by Evokoa engineers to database hosts is strictly audited, restricted, and limited to infrastructure maintenance and support requests.
  • Encryption: Database data is encrypted in transit using TLS 1.3/1.2 and encrypted at rest on our storage systems.

4. Cookies and Tracking

We follow a privacy-by-design approach for web browsers:

  • We use standard session cookies to keep you logged into the Polygres console.
  • All session cookies are configured with security flags: Secure, HttpOnly, and SameSite=Lax.
  • We do not use cross-site tracking pixels or sell browser analytics to third parties.
  • We use Clarity (clarity.ms) for basic usage analytics on our landing page, configured to mask all input fields and respect user privacy.

5. Third-Party Service Providers (Subprocessors)

We rely on trusted third-party partners to provide specific infrastructure services:

  • Cloud Infrastructure Providers: To host and run the physical servers and storage.
  • Stripe: For billing, invoicing, and subscription payments.
  • Cloudflare: For edge routing, security protection, and DNS.

All subprocessors are vetted for compliance with industry-standard security regulations (such as SOC 2 and ISO 27001).


6. Your Rights and Data Control

In accordance with global data protection laws (including GDPR and CCPA), you have the following rights:

  • Access and Portability: You can download or export your databases at any time using standard PostgreSQL backup tools (pg_dump) or our APIs.
  • Correction: You can update your account profile details directly inside the console.
  • Deletion (Right to be Forgotten): You may delete your databases and your account at any time from the settings dashboard. Deleting your account will immediately terminate database instances and queue all associated backups for hard deletion within 30 days.

7. Children's and Minors' Privacy

Our Service is strictly intended for and directed to individuals who are at least 18 years of age. We do not target our Service at minors, and we do not knowingly collect personal information from individuals under the age of 18. If you are under 18, please do not use our Service or send any personal information to us.

If we learn that we have collected or received personal information from a minor under 18 without verifiable parental consent, we will delete that information immediately. If you believe we might have any information from or about a minor under 18, please contact us at team@evokoa.com.


8. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at:

Email: team@evokoa.com