Privacy Policy

Effective date: March 8, 2026

MongoLens ("we", "our", or "the app") is a MongoDB database management app for iOS, iPadOS, watchOS, and widgets. We are committed to protecting your privacy. This policy explains what data we collect, why, and how we handle it.

1. Data That Stays on Your Device

The following data is stored locally on your device and is never transmitted to our servers:

• Database connection credentials (host, port, username, password, SSH keys) — stored in the iOS Keychain, encrypted by the operating system.
• Connection configurations — stored in the app's local storage or synced via your personal iCloud account if you enable iCloud Sync.
• Query history and bookmarks — stored locally on device.
• Your database content — all documents, collections, and database data you view or edit are fetched directly from your MongoDB server to your device. We never relay, cache, or store your database content on our servers.

2. Data We Collect

2.1 Analytics (Firebase Analytics)

We collect anonymous usage analytics to improve the app experience. This includes:

• App events (e.g. "connected to server", "ran a query") — no database content or credentials are included.
• Device type, OS version, and app version.
• Session duration and screen views.

Analytics data is not linked to your identity and is not used for tracking or advertising.

2.2 Crash Reports (Firebase Crashlytics)

If the app crashes, a crash report is automatically sent to help us fix bugs. Crash reports include:

• Stack traces and device state at the time of the crash.
• Device model, OS version, and app version.

We actively sanitize crash logs to strip any MongoDB connection URIs or credentials before they are sent.

2.3 AI Query Builder

When you use the AI Query Builder feature, the following data is sent to our server to generate a query:

• Your natural language prompt (e.g. "find users older than 30").
• Field names and their data types from the selected collection's schema.
• The collection name.

Your actual document data is never sent. Only the schema structure (field names and types) is used to generate accurate queries.

AI queries are processed via OpenAI's API. Requests are subject to OpenAI's Privacy Policy. We apply rate limiting per device and do not store your prompts or generated queries on our servers beyond the processing session.

2.4 Remote Configuration (Firebase Remote Config)

We use Firebase Remote Config to manage app settings (e.g. feature flags, query limits). This service may collect basic device identifiers for delivery purposes. No personal data is collected through this service.

3. iCloud Sync

If you enable iCloud Sync, your saved connection configurations (excluding passwords, which remain in the Keychain) are synced via Apple's iCloud infrastructure using your personal Apple ID. We do not have access to your iCloud data. This feature is optional and can be disabled at any time in Settings.

4. Subscriptions

MongoLens Pro subscriptions are processed entirely by Apple through the App Store. We do not collect or store any payment information. Subscription status is verified locally on your device via StoreKit.

5. Third-Party Services

We use the following third-party services:

• Firebase Analytics — anonymous usage analytics.
• Firebase Crashlytics — crash reporting.
• Firebase Remote Config — feature configuration.
• Firebase Cloud Functions — AI query processing.
• OpenAI API — query generation (schema only, no user data).
• Apple iCloud — optional connection sync.

6. Data Retention

Analytics and crash data are retained according to Firebase's default retention policies (typically 14 months for analytics, 90 days for crash data). AI query rate-limit counters are reset daily and contain no personal information.

7. Children's Privacy

MongoLens is not directed at children under 13. We do not knowingly collect data from children.

8. Your Rights

You can:

• Delete your local data by uninstalling the app.
• Disable iCloud Sync in Settings.
• Request deletion of any analytics data by contacting us.

9. Changes to This Policy

We may update this policy from time to time. Changes will be reflected with an updated effective date at the top of this page.

10. Contact

If you have questions about this privacy policy, contact us at:
mongolens@base63.com