← Back to home

Privacy Policy

Last updated: March 19, 2026

Overview

Dbee (dbee.app) is a modern database client web application. We are committed to protecting your privacy and being transparent about how we handle your data. This policy explains what we collect, why, and how we protect it.

Authentication

We use Firebase Authentication to manage user accounts. You can sign in with:

  • Email and password
  • Google OAuth
  • Passkeys (WebAuthn)

We store your email address and authentication metadata (e.g., account creation date, last sign-in) in Firebase. We do not store your password in plaintext; Firebase handles password hashing.

Zero-Knowledge Encryption

Your database connection credentials (hostnames, ports, usernames, passwords, SSH keys) are encrypted on your device using AES-256-GCM before they are transmitted or stored. The encryption key is derived client-side from a server pepper and your user ID via PBKDF2. The server never sees or stores your plaintext credentials.

Encrypted connection data is stored in Google Cloud Firestore, scoped to your user account. Only you can decrypt it.

Data We Store

  • Email address and authentication metadata (Firebase Auth)
  • Encrypted database connection details (Firestore)
  • Bookmarked queries, query history, and UI preferences (Firestore, synced across devices)

All Firestore data is scoped to your authenticated user ID and protected by security rules that prevent access by other users.

Database Connections

When you run queries, Dbee connects to your databases from our server on your behalf. Query results are streamed to your browser and are not stored on our servers. We do not log, inspect, or retain your query content or results.

Advertising

Dbee displays a single sidebar advertisement via Google AdSense to sustain the service as a free product. Google AdSense may use cookies to serve ads based on your prior visits to this or other websites. You can opt out of personalized advertising by visiting Google Ads Settings.

Analytics

Dbee does not use any third-party analytics services. We do not track your behavior, page views, or usage patterns beyond what is necessary for authentication and core functionality.

Cookies

We use a minimal set of cookies for authentication state and session management. Google AdSense may set additional cookies for ad delivery. No tracking cookies are set by Dbee itself.

Data Retention and Deletion

Your data is retained for as long as your account is active. You can delete your account and all associated data at any time by contacting us. Upon account deletion, all your data (authentication records, encrypted connections, bookmarks, history, and preferences) will be permanently removed.

Third-Party Services

  • Firebase Authentication — user identity and sign-in
  • Google Cloud Firestore — encrypted data storage and sync
  • Google AdSense — ad delivery (single sidebar ad)

Each of these services has its own privacy policy. We encourage you to review them.

Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated revision date. Continued use of the service after changes constitutes acceptance of the revised policy.

Contact

If you have questions about this privacy policy or your data, contact us at support@dbee.app.