Policies & Legal
Transparency matters. Review our policies governing privacy, security, data handling, and service terms.
Privacy Policy
How we collect, use, and protect your data when you use DB Audit.
Last updated: 2025-01-01Terms of Service
The legal agreement governing your use of DB Audit services.
Last updated: 2025-01-01Security Policy
Our security practices and how we protect your database audit data.
Last updated: 2025-01-01Acceptable Use Policy
Guidelines for appropriate use of DB Audit services.
Last updated: 2025-01-01Data Processing Agreement
How we handle data processing on your behalf as a data processor.
Last updated: 2025-01-01Service Level Agreement
Our uptime commitments and support response times.
Last updated: 2025-01-01Privacy Policy
Last updated: January 1, 2025
Information We Collect
DB Audit collects information necessary to provide database auditing services:
- Account Information: Email, name, company details for account management
- Database Metadata: Schema information, user lists, and configuration data
- Audit Logs: Query logs, access patterns, and security events from monitored databases
- Usage Data: Feature usage, performance metrics, and error logs
How We Use Your Data
- Provide real-time database monitoring and threat detection
- Generate security alerts and compliance reports
- Improve our AI-powered threat detection algorithms
- Communicate about service updates and security advisories
Data Retention
Audit logs are retained according to your subscription plan settings. You can configure retention periods from 7 days to unlimited. Account data is retained while your account is active and for 90 days after termination.
Your Rights
You have the right to access, correct, delete, or export your data. Contact privacy@dbaudit.ai to exercise these rights.
Terms of Service
Last updated: January 1, 2025
Service Description
DB Audit provides database activity monitoring, threat detection, and compliance auditing services. The service is provided by SubscribeIT and is subject to these terms.
Your Responsibilities
- Maintain the security of your account credentials
- Ensure you have authorization to monitor the databases you connect
- Comply with all applicable laws regarding data collection and monitoring
- Pay subscription fees according to your selected plan
Intellectual Property
DB Audit, its features, and documentation are owned by SubscribeIT. You retain ownership of your data and audit logs. We grant you a limited license to use the service during your subscription.
Limitation of Liability
DB Audit is provided "as is" without warranty. We are not liable for indirect, incidental, or consequential damages. Our total liability is limited to fees paid in the 12 months preceding the claim.
Security Policy
Last updated: January 1, 2025
DB Audit is designed to help organizations meet SOC 2, ISO 27001, and other compliance requirements with pre-built policies and reporting.
Infrastructure Security
- Encryption: All data encrypted at rest (AES-256) and in transit (TLS 1.3)
- Access Control: Role-based access with mandatory MFA for all employees
- Network Security: Isolated VPCs, WAF, and DDoS protection
- Monitoring: 24/7 security monitoring and automated threat detection
Vulnerability Management
We conduct regular penetration testing, vulnerability scanning, and code security reviews. Security patches are applied within 24 hours for critical vulnerabilities.
Incident Response
Our incident response team is available 24/7. Security incidents are investigated immediately, and affected customers are notified within 72 hours as required by applicable regulations.
Report a Vulnerability
If you discover a security vulnerability, please report it to security@dbaudit.ai. We offer a bug bounty program for qualifying reports.
Acceptable Use Policy
Last updated: January 1, 2025
Permitted Use
DB Audit is intended for legitimate database security monitoring, compliance auditing, and threat detection purposes within your organization.
Prohibited Activities
- Monitoring databases you do not own or have authorization to audit
- Using the service to facilitate illegal surveillance or privacy violations
- Attempting to bypass security controls or access other customers' data
- Reselling or redistributing the service without authorization
- Using the service to develop competing products
- Generating excessive load that impacts other customers
Enforcement
Violations may result in suspension or termination of service. We reserve the right to investigate suspected violations and cooperate with law enforcement when required.
Data Processing Agreement
Last updated: January 1, 2025
Roles and Responsibilities
When processing personal data on your behalf, you are the Data Controller and DB Audit acts as the Data Processor. We process data only according to your documented instructions.
Sub-processors
We use the following sub-processors:
Cloud infrastructure (US, EU regions)
Payment processing
Data Transfers
For EU customers, data remains in EU regions unless otherwise configured. International transfers are governed by Standard Contractual Clauses.
Request Full DPA
Enterprise customers can request a signed Data Processing Agreement. Contact legal@dbaudit.ai for a customized DPA.
Service Level Agreement
Last updated: January 1, 2025
Uptime Commitment
Support Response Times
| Severity | Pro | Enterprise |
|---|---|---|
| Critical (Service Down) | 4 hours | 1 hour |
| High (Major Impact) | 8 hours | 2 hours |
| Medium (Minor Impact) | 24 hours | 8 hours |
| Low (General Questions) | 48 hours | 24 hours |
Service Credits
If we fail to meet our uptime commitment, you are entitled to service credits:
- 99.0% - 99.9%: 10% credit
- 95.0% - 99.0%: 25% credit
- Below 95.0%: 50% credit
Questions?
If you have questions about our policies or need additional documentation, our legal and compliance team is here to help.
Ready to Secure Your Databases?
Start protecting your databases with enterprise-grade security and compliance monitoring.