Placeholder, pending legal review. Last updated July 15, 2026.
Your account (name, email, GitHub identity), your workspaces and their settings, the database connections you add, chat threads, and what the assistant learns about your data. Connection credentials are encrypted with a key that is unique to each workspace.
Queries against your connected databases run when you (or the assistant, on your behalf) ask them to. Query results flow through the service to answer your question and are not used for anything else.
We keep marketing and product analytics separate, and you control each one independently on this device. Both are processed in the EU with PostHog and never sold.
Site analytics on valv.sh sets a cookie only if you accept it. If you decline, we keep only a cookieless, aggregate count of visits, with no cookie and no way to identify you. Product analytics in the app runs on the basis of our legitimate interest to improve the product, and you can opt out at any time. Turning one off does not affect the other.
We use infrastructure and model providers to run the service. Chat content is sent to a model provider to generate answers; we do not sell your data. The subprocessors we rely on:
The region above is where each provider stores and processes your data. Where a provider processes data outside the EU, or is a company subject to non-EU jurisdiction, those transfers are covered by Standard Contractual Clauses. We give notice before adding or replacing a subprocessor.
Deleting a connection, thread, or workspace deletes the data scoped to it. Contact us to delete your account entirely.
Questions about this policy: contact@valv.sh.