Privacy Policy

> Your data stays on your machine. Period.

Truncate bucks the cloud trend. The application runs entirely on your local hardware. When you connect to a database, that connection happens directly from your device to your server. We do not proxy, tunnel, or inspect your traffic through our own infrastructure.

> Minimal footprint. Maximum privacy.

• • Strictly Local: Database credentials are encrypted using your OS's secure storage (Keychain/Credential Manager). We never see them.
• • No Indexing: We do not index or sync your database content to the cloud. Your table rows remain strictly in your database.
• • Minimal Metadata: We only sync license status and account settings if you enable cloud sync.

> Schema context only. Never your rows.

To provide intelligent SQL generation, Truncate interfaces with LLM providers (e.g., OpenAI). We strip this down to the bare metal necessity:

> For debugging only. Fully controllable.

We collect anonymous telemetry (e.g., "App Launched", "Query Failed") to help us fix bugs and prioritize features. This data is aggregated and does not contain database content. You can disable this entirely in Settings > Privacy.

We treat security as a baseline, not a feature. All communications for updates and AI requests are encrypted via TLS 1.2+. As a desktop app, your attack surface is limited to your local environment, which we respect by using OS-native sandboxing and secure storage APIs where possible.

We may update this policy as the software evolves. Check the "Last Updated" date at the top. Major changes will be communicated via in-app notification.