Seedfast

Seedfast

Privacy Policy

Last update: Apr 4, 2026

SeedFast Privacy Policy

At Seedfast, we value your privacy and are committed to protecting your information. This Privacy Policy explains what data we collect, how we use it, and what measures we take to keep it secure. Please read it carefully before using our Service.

1. Introduction

Seedfast provides an AI-powered command-line tool that automates database seeding. While parts of the process run locally on your machine, certain metadata and schema-related information may be securely transmitted to our servers to generate high-quality synthetic data. We do not collect full database contents unless explicitly required by the feature you are using, and we never access or store production data beyond what is necessary to provide the Service.

The data controller responsible for your personal data is Seedfast, reachable at support@seedfa.st.

2. Information We Collect

Seedfast collects only the data necessary to operate and improve the Service:

  • Schema & Structure Information: When you run a seeding operation, certain parts of your database structure (such as table names, column types, relationships, and constraints) may be securely transmitted to our servers to generate synthetic data. We do not collect full table contents or production records, unless explicitly required by a feature and clearly communicated.

  • Usage Information: When you use our CLI or visit our website, we may collect basic analytics such as command usage frequency, version updates, and anonymized technical data (e.g., operating system type, CLI version).

  • Contact Information: If you create an account, start a trial, or contact us, we may store your name, email address, and related communication details.

  • Country of Origin: When you submit a contact or support form, we derive your approximate country from your IP address. The IP address itself is not stored — only the resolved country is recorded. This is used solely to understand the geographic distribution of our users and to provide better regional support.

Seedfast never stores sensitive database data, passwords, connection strings, or any other information not required for the Service to function.

3. How We Use Your Information

We use the limited information we collect to:

  • Provide and improve the Service: This includes generating synthetic data, optimizing performance, and enhancing the accuracy of our models.

  • Improve product reliability and user experience: Analytics and diagnostic data help us debug issues, refine seeding quality, and adjust features based on real usage.

  • Communicate with you: We may notify you about new features, updates, security improvements, and changes to the Service.

  • Provide support: Information you choose to share helps us respond to technical issues and support requests.

We do not sell or rent your data to third parties. Any information related to your database schema is used solely for the purpose of generating synthetic data and improving the Service.

4. Legal Basis for Processing

Where the General Data Protection Regulation (GDPR) applies, we process your personal data on the following legal bases:

  • Performance of a contract (Art. 6(1)(b)): Processing your account information, schema metadata, and billing details is necessary to provide the Service you signed up for.

  • Consent (Art. 6(1)(a)): Website analytics are loaded only after you explicitly accept via the cookie consent banner. You may withdraw this consent at any time by clearing your browser's local storage or by contacting us.

  • Legitimate interests (Art. 6(1)(f)): We may process data for fraud prevention, security monitoring, and product improvement, where our interests are not overridden by your rights.

  • Legal obligation (Art. 6(1)(c)): We may retain or disclose data where required by applicable law.

5. Sharing Your Information

We may share limited information only with the following categories of recipients:

  • Supabase — authentication and database infrastructure. Your account credentials and session data are processed by Supabase under their data processing agreement.

  • Stripe — payment processing. Billing and subscription data is handled by Stripe in accordance with their privacy policy and PCI-DSS standards.

  • Vercel — hosting and deployment. The website is served via Vercel's infrastructure, which may process request metadata.

  • datafa.st (Plausible Analytics) — privacy-focused, cookie-free website analytics. Page view data is sent to datafa.st only if you have given consent via the cookie banner. No personal identifiers or cookies are used.

  • Legal Requirements: We may disclose information if required to comply with applicable laws, enforce our Terms, or protect the rights, safety, and security of our users and the Service.

Seedfast does not share full database contents, user-generated data, or any unnecessary parts of your schema. Only the minimal structure data needed for seeding is transmitted and processed, and it is never sold or used for unrelated purposes.

6. Data Security

Seedfast is designed with a security-first approach. We take several measures to protect your information:

  • Encrypted transmission: Any data sent to our servers is transmitted using industry-standard TLS encryption.

  • Secure storage: Data processed on our infrastructure is stored using modern security practices and is accessible only to authorized systems or personnel when necessary.

  • Local-first logic: Whenever possible, operations run locally on your machine. Only the information required for generating synthetic data or improving the Service is sent to our servers.

Despite these measures, no digital system can guarantee absolute security. We continuously work to improve our protections, but you acknowledge that some level of risk exists when transmitting data online.

7. Data Retention

We retain only the minimum amount of data necessary to operate and maintain the Service:

  • Operational data (such as schema metadata, seed generation requests, or diagnostic logs) may be stored temporarily to complete seeding processes, troubleshoot issues, or improve model performance.

  • Account and billing information (email, subscription details) is retained as required for administrative or legal purposes.

  • Anonymized analytics data may be stored for longer periods to help us understand product usage and improve the Service.

We do not store full database contents, user-generated data, or any information not required for seeding or product improvement. We delete or anonymize data when it is no longer needed.

8. Your Rights

If you are located in the European Economic Area or the UK, you have the following rights under the GDPR:

  • Right of access (Art. 15): You may request a copy of the personal data we hold about you.

  • Right to rectification (Art. 16): You may ask us to correct inaccurate or incomplete data.

  • Right to erasure (Art. 17): You may request deletion of your personal data where it is no longer necessary for the purposes it was collected.

  • Right to restriction of processing (Art. 18): You may ask us to pause processing of your data in certain circumstances.

  • Right to data portability (Art. 20): You may request your data in a structured, machine-readable format.

  • Right to object (Art. 21): You may object to processing based on legitimate interests.

  • Right to withdraw consent: Where processing is based on consent (e.g., analytics), you may withdraw it at any time without affecting the lawfulness of prior processing.

  • Right to lodge a complaint: You have the right to file a complaint with your local data protection supervisory authority. In the EU, you can find your national authority at edpb.europa.eu.

To exercise any of these rights, contact us at support@seedfa.st. We will respond within 30 days.

9. Analytics and Tracking

Our website uses Plausible Analytics (via datafa.st), a privacy-focused analytics tool. Plausible does not use cookies, does not track individual users across sessions, and does not collect personally identifiable information. It records only aggregated, anonymous page view data.

Vercel Analytics and Speed Insights are also used to monitor website performance. These tools collect anonymous Web Vitals metrics and do not use tracking cookies.

All analytics scripts are loaded only after you give explicit consent via the banner shown on your first visit. You may decline at any time — the website is fully functional without analytics.

10. Third-Party Links

Our website may contain links to third-party pages (e.g., GitHub, documentation). We are not responsible for their privacy practices and recommend reviewing their respective privacy policies.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Updates will be posted on this page with a new effective date. Continued use of the Service after changes indicates your acceptance.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at: support@seedfa.st