Privacy Policy
Cygenix Ltd ("Cygenix", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you use cygenix.co.uk.
We are committed to compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Overview
Cygenix is a SQL database migration platform. We are the data controller for personal data you provide when creating an account and using the platform. We are a data processor for any personal data contained within the databases you connect to and migrate using our service.
Our lawful basis for processing your personal data is:
- Contract — to provide you with the service you have signed up for
- Legitimate interests — to improve and secure the platform
- Consent — for non-essential cookies and marketing communications
- Legal obligation — where required by law
2. Data We Collect
| Data | Why we collect it | How long we keep it |
|---|---|---|
| Name and email address | Account creation and communication | Until account deletion |
| Authentication tokens | To keep you logged in securely | Session duration |
| Migration jobs and mappings | To save your work and sync across devices | Until you delete them |
| Project settings and configurations | To persist your preferences | Until account deletion |
| Usage activity (audit log) | Security, debugging, and support | 90 days |
| IP address and browser type | Security and fraud prevention | 30 days |
| Payment information | Billing (processed by Stripe, not stored by us) | Per Stripe's policy |
We do not collect the contents of the databases you connect to — only the schema metadata (table names and column names) necessary to perform migrations. Connection strings are stored locally in your browser and are never transmitted to our servers.
3. How We Use Your Data
We use the data we collect to:
- Provide, operate, and improve the Cygenix platform
- Authenticate you and maintain account security
- Sync your migration work across devices via Azure Cosmos DB
- Send you important service communications (account confirmations, security notices)
- Respond to your support requests
- Detect and prevent fraud and abuse
- Comply with legal obligations
We do not use your data for automated decision-making or profiling that produces legal or similarly significant effects.
4. Data Sharing
We do not sell your personal data. We share data only with:
- Microsoft Azure — cloud infrastructure and Cosmos DB storage (UK South data centre)
- Netlify — website hosting and user authentication (data may be processed in the US under appropriate safeguards)
- Anthropic — AI column mapping via the Claude API (only schema metadata, never personal data from your databases)
- Stripe — payment processing (when paid plans are introduced)
- Law enforcement — where required by applicable law
All third-party processors are contractually required to protect your data and process it only for the purposes we specify.
5. Data Storage and Security
Your migration data is stored in Microsoft Azure Cosmos DB, located in the UK South region. We implement the following security measures:
- All data in transit is encrypted using TLS 1.2 or higher
- Data at rest is encrypted using Azure-managed encryption keys
- Access to databases is controlled by key-based authentication
- Authentication is handled by Netlify Identity with JWT tokens
No system is completely secure. If you believe your account has been compromised, contact us immediately at security@cygenix.co.uk.
6. Cookies and Tracking
Cygenix uses the following types of cookies and browser storage:
| Name | Type | Purpose | Duration |
|---|---|---|---|
| cygenix_token | Essential | Authentication — keeps you logged in | Session |
| cygenix_user | Essential | Stores your account details locally | Session |
| cygenix_jobs etc. | Functional | Saves your migration work in browser storage | Persistent |
| cygenix_cookie_consent | Essential | Records your cookie preferences | 1 year |
| Google Fonts | Third-party | Loads platform fonts from Google's CDN | Session |
We do not use advertising cookies, tracking pixels, or analytics services that identify individual users. You can manage cookie preferences using the cookie settings panel at the bottom of any page.
7. Your Rights
Under UK GDPR, you have the following rights regarding your personal data:
- Right of access — request a copy of the data we hold about you
- Right to rectification — request correction of inaccurate data
- Right to erasure — request deletion of your data ("right to be forgotten")
- Right to restrict processing — request that we limit how we use your data
- Right to data portability — receive your data in a machine-readable format
- Right to object — object to processing based on legitimate interests
- Right to withdraw consent — where processing is based on consent
To exercise any of these rights, contact us at privacy@cygenix.co.uk. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
8. Children's Privacy
Cygenix is not directed at children under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or by displaying a notice on the platform. The "Effective" date at the top of this page indicates when the policy was last updated.
10. Contact Us
For privacy-related questions or to exercise your rights, contact us at:
Cygenix Ltd
Privacy enquiries: privacy@cygenix.co.uk
Security concerns: security@cygenix.co.uk
Website: cygenix.co.uk
Also see our Terms of Service. To manage your cookies, click the cookie icon at the bottom left of any page.