Privacy Policy

Ira SQL Pro ("we", "us", "our") is operated by IRA Skills. This privacy policy explains how we collect, use, store, and protect your personal information when you use our platform at iraskills.ai and any associated services.

Account Information: When you sign up, we collect your name, email address, and (if using manual signup) a hashed version of your password. For Google sign-in, we receive your Google profile name and email.

Authentication Data: We store session tokens, login timestamps, IP addresses, and user-agent strings to manage your sessions securely.

Payment Information: When you purchase credits, Razorpay processes your payment. We store the order ID, payment ID, payment method type, and transaction status. We do not store your card number, UPI PIN, or other sensitive payment credentials.

AI Usage Data: When you use AI features (Generate, Explain, Fix, Hint, Review), we log the action type, credit cost, model used, request status, and latency. We do not store the full content of your queries or AI responses permanently.

Analytics: We may collect anonymized product analytics events such as page views, feature usage, and conversion funnel data to improve the product.

We use your information to:
• Provide and maintain your account
• Process credit purchases and manage your credit wallet
• Send transactional emails (OTP verification, password reset, payment confirmations)
• Monitor AI usage for billing accuracy and abuse prevention
• Improve the product based on aggregated, anonymized usage patterns
• Enforce rate limits and protect against abuse

All transactional emails are sent from irasql@iraskills.ai via AWS SES. These include signup OTP, password reset OTP, and payment confirmation emails. We do not send unsolicited marketing emails. You cannot opt out of transactional emails as they are essential for account security and billing.

Your account data is stored in a PostgreSQL database. Passwords are hashed using bcrypt with secure salt rounds. OTPs are hashed before storage and expire within 10 minutes. Sessions use JWT tokens with unique identifiers and can be revoked at any time.

Redis is used for rate limiting, OTP cooldowns, and short-lived operational state. No permanent personal data is stored in Redis.

SQL queries you run in the browser playground are executed locally via PGlite and are not sent to our servers unless you use an AI feature.

We use the following third-party services:
• Google OAuth — for sign-in authentication
• AWS SES — for transactional email delivery
• Razorpay — for payment processing (UPI, debit/credit cards)
• Google Gemini — for AI-powered SQL features

Each service has its own privacy policy. We only share the minimum data necessary for each service to function.

Account data is retained as long as your account is active. Credit ledger and payment records are retained indefinitely for billing audit purposes. If you delete your account, your profile is deactivated (suspended) and personal identifiers are retained only for ledger integrity.

You may:
• Access your profile information through your account settings
• Update your display name
• Change your password
• Request account deletion through account settings
• Contact us at support@iraskills.ai for any data-related requests

Ira SQL Pro is not intended for children under 13. We do not knowingly collect personal information from children under 13.

We may update this privacy policy from time to time. Changes will be reflected on this page with an updated date. Continued use of the platform after changes constitutes acceptance of the updated policy.

For privacy-related questions or data requests, contact us at support@iraskills.ai.