Privacy Policy

Last updated: April 5, 2026

1. The short version

Gold Lapel is a self-hosted database proxy. Your SQL queries, query parameters, database contents, table names, and schema definitions never leave your infrastructure. We do not collect, transmit, or store any of that data.

Licensed instances phone home every 5 minutes for license enforcement. This is mandatory for paid users and cannot be disabled. What is transmitted: a random instance ID, aggregate query counters (totals only — not the queries themselves), and license identifiers. Trial instances do not phone home at all.

We do not sell, share, or monetize your data in any form. The rest of this document provides the complete details.

2. Who we are

Gold Lapel ("Company," "we," "us," or "our") develops and distributes the Gold Lapel self-optimizing PostgreSQL proxy. This privacy policy applies to the Gold Lapel software, the Gold Lapel website (goldlapel.com), and any related services we operate.

For questions about this policy, please contact us at thewaiter@goldlapel.com.

3. The self-hosted software

Gold Lapel runs on your infrastructure, between your application and your PostgreSQL database. In the course of normal operation, the proxy processes SQL queries, connection parameters, and query results.

All of this data stays on your infrastructure. The proxy does not transmit query text, query parameters, table names, column names, schema information, query results, connection strings, credentials, or any database contents to us or any third party.

Local state file

The proxy maintains a local state file (typically at ~/.goldlapel/state.json) containing normalized SQL patterns (parameterized, with no literal values), query hashes, hit counters, and strategy metadata. This file lives on your server and is never transmitted externally.

Database schema

Materialized view metadata, DDL definitions, alias maps, and normalized SQL are stored in your database in the _goldlapel schema. This data lives in your database and is never transmitted externally.

Local dashboard

Gold Lapel includes a local diagnostic dashboard (default: localhost:7933) that displays query patterns, table names, materialized view names, index names, and strategy statistics. The dashboard is bound to localhost only and does not require authentication. If you are running Gold Lapel on a shared or multi-user machine, other users with access to that machine may be able to view the dashboard. The dashboard loads Google Fonts from Google's CDN, which may transmit the viewer's IP address to Google (see Section 9).

You are responsible for securing access to the dashboard on shared infrastructure. Gold Lapel is not responsible for data exposure through the dashboard on machines where other users have local network access.

SSO authentication data

When OIDC or SAML single sign-on (SSO) is configured for dashboard access, Gold Lapel receives the authenticated user's email address and display name from your identity provider during the authentication flow. This data is stored in-memory only — it is not persisted to disk, written to the state file, or transmitted to Gold Lapel servers. All in-memory authentication data is cleared when the Gold Lapel process is restarted.

Gold Lapel does not access, store, or transmit identity provider credentials, tokens, or any other user attributes beyond email and display name. Your identity provider's handling of authentication data is governed by their own privacy policy and your organization's configuration.

Compliance audit exports

Gold Lapel provides an audit export feature that produces a log of the proxy's internal optimization decisions (e.g., which queries were rewritten, which materialized views were created, and which strategies were applied). Audit exports contain only Gold Lapel's operational decision log. They do not contain personal data, query content, query parameters, database values, or any data from your application's queries or database.

4. Telemetry and license enforcement

Licensed instances of Gold Lapel transmit telemetry data to Gold Lapel servers for the purpose of license validation and instance-count enforcement. This telemetry is mandatory for paid users and cannot be disabled. It is a condition of your license that you permit this communication.

Trial users do not phone home. Instances operating under the free trial do not transmit any telemetry.

What is transmitted

  • A unique instance identifier (randomly generated UUID, not derived from your data)
  • A cryptographic hash of the upstream database connection (used for instance counting — not reversible to your connection string)
  • Aggregate query counters (total queries observed, rewritten, and cached — not the queries themselves)
  • Client type (which language wrapper or framework plugin is in use)
  • License key identifier and subscription tier

What is never transmitted

  • SQL queries, query text, or query parameters
  • Database contents, rows, columns, or values
  • Table names, schema definitions, or database structure
  • Database credentials or connection strings
  • Any personally identifiable information from your database

Frequency and method

Telemetry is transmitted approximately every 5 minutes while the proxy is running. Communication uses HTTPS to Gold Lapel servers.

Over-limit enforcement

If your license is detected on more concurrent instances than your plan permits, the most recently started instance will be degraded to Bellhop mode (passthrough). A 24-hour grace period is provided for transient network outages or infrastructure changes. The proxy will never terminate or block database connections due to license enforcement — enforcement is always graceful degradation.

Why we collect it

Telemetry exists solely for license validation and instance-count enforcement. Aggregate counters help us understand product usage patterns for product development. We do not use telemetry data to identify or profile individual users, and we do not sell or share telemetry data with third parties.

5. Website data

When you visit goldlapel.com, your browser connects through Cloudflare (CDN and DNS) to our hosting infrastructure at Hetzner Online GmbH (Finland). Standard web server logs may record your IP address, browser user-agent, and pages requested.

Analytics

We use Google Analytics 4 (GA4) via Google Tag Manager (GTM) to understand how visitors use our website. GA4 collects:

  • Pages visited and time spent on each page
  • Referral source (how you arrived at the site)
  • Device type, browser, operating system, and screen resolution
  • Approximate geographic location (country/region level, derived from IP address)
  • Interaction events (button clicks, scroll depth, outbound link clicks)

GA4 uses first-party cookies to distinguish unique visitors and sessions. Google processes this data on our behalf under their Data Processing Terms. We do not enable Google Signals, User-ID tracking, or advertising features. We do not share analytics data with third parties for advertising purposes.

You can opt out of Google Analytics by installing the Google Analytics Opt-Out Browser Add-on.

Additional analytics and tracking

We may use additional analytics, advertising, or tracking technologies on our website from time to time, including but not limited to conversion tracking pixels, retargeting pixels, social media pixels, and similar technologies from providers such as Google, Meta, LinkedIn, and others. When we add new tracking technologies, we will update the list of third-party services in Section 10 of this policy. Where required by law, we will obtain your consent before setting non-essential tracking cookies or pixels.

Fonts

The website loads fonts from Google Fonts CDN. This transmits the visitor's IP address to Google for the purpose of serving font files. Google's handling of this data is governed by the Google Privacy Policy.

6. Account and contact information

When you create an account, purchase a license, or contact us, we may collect:

  • Name and email address
  • Company or organization name
  • Billing address
  • Communications you send us (support requests, feedback)

We use this information to provide and manage the services you have purchased, communicate with you about your account, and provide support. We may also send product announcements or updates — you can unsubscribe from non-transactional emails at any time.

7. Email communications

We may send you email for the following purposes:

Transactional email

Emails directly related to your use of the Service, including:

  • License key delivery after purchase
  • Subscription confirmations, renewals, and receipts
  • Account security notifications (password resets, login alerts)
  • Service disruption or maintenance notifications
  • Responses to your support requests

Transactional emails are necessary for the operation of your account and cannot be unsubscribed from while your account is active.

Product updates

Emails about new features, product updates, release notes, and relevant technical content. You may unsubscribe from these at any time via the unsubscribe link in any such email or by contacting us at thewaiter@goldlapel.com.

Marketing and promotional email

We may send marketing or promotional emails to customers and account holders. You may unsubscribe from marketing emails at any time via the unsubscribe link in any such email or by contacting us.

Email service providers

Email is sent through third-party email delivery services (such as SendGrid/Twilio or similar providers). These providers process your email address and email content solely for the purpose of delivery on our behalf. Their handling of your data is governed by their respective privacy policies and our data processing agreements with them.

CAN-SPAM compliance

All commercial emails include: our company name, a physical mailing address, a clear unsubscribe mechanism, and accurate sender identification. Unsubscribe requests are honored within 10 business days.

8. Payment processing

Payments are processed by Stripe (PCI DSS Level 1 certified). When you purchase a license, your payment details (card number, billing address) are transmitted directly to Stripe and are never stored on our servers. We receive only a transaction identifier, the last four digits of your card, and confirmation of payment.

Stripe's handling of your payment data is governed by their own Privacy Policy and Services Agreement.

9. Cookies

The Gold Lapel website and self-hosted software use cookies as follows:

  • Essential cookies — required for basic site functionality (session management, security tokens). These cannot be disabled.
  • Dashboard authentication cookie — when OIDC or SAML SSO is configured, the Gold Lapel dashboard sets a gl_session cookie for session authentication. This is an essential/functional cookie required for authenticated dashboard access. It is HttpOnly, Secure, SameSite=Lax, and expires after 24 hours. This cookie is set only on your local infrastructure and is not transmitted to Gold Lapel servers.
  • Analytics cookies — set by Google Analytics 4 via Google Tag Manager to distinguish unique visitors and track sessions. These are first-party cookies. You can opt out using the Google Analytics Opt-Out Add-on.
  • Advertising cookies — set by Google Ads for conversion tracking and remarketing. These cookies help us measure the effectiveness of our ad campaigns by tracking actions taken after clicking a Google ad (e.g., visiting our pricing page or starting a trial). Google may use this data to show you Gold Lapel ads on other websites in the Google Display Network. You can opt out of personalized advertising at Google Ads Settings or via the NAI opt-out page.

We may add additional tracking technologies (such as social media pixels from Meta, LinkedIn, or other providers) in the future. Where required by law, we will obtain your consent before setting non-essential tracking cookies or pixels.

10. Third-party services

We use a limited number of third-party services to operate. Each has access only to the data necessary for their function:

  • Stripe — payment processing (receives payment details, billing address)
  • Google Cloud / Firebase — website hosting (receives visitor IP addresses and request data via standard web serving)
  • Google Fonts CDN — font delivery on the website and the local dashboard (receives viewer IP addresses)
  • GitHub — source code hosting, issue tracking, software distribution
  • Google Analytics / Google Tag Manager — website analytics and event tracking (receives visitor IP addresses, browsing behavior)
  • Google Ads — paid search advertising, conversion tracking, and remarketing (receives conversion events, ad click identifiers, and browsing behavior for campaign optimization)
  • Google Search Console — SEO monitoring and search performance analytics (no user data transmitted — this is site-level search performance data from Google's index)
  • SendGrid (Twilio) — transactional and product update email delivery (receives recipient email addresses and email content)

We do not sell, rent, or share your personal information with third parties for their own marketing purposes. We are not responsible for the data practices of third-party services. Each third-party service's handling of your data is governed by their respective privacy policies.

11. Data retention

Account data is retained for the duration of your account plus 30 days after deletion, after which it is permanently removed.

Payment records are retained as required by applicable tax and accounting regulations (typically 7 years).

Support communications are retained for 2 years after the last interaction to provide continuity if you contact us again.

Telemetry data from the proxy is stored in aggregate form only. It is not associated with individual identities and is retained indefinitely for license enforcement and trend analysis.

SSO authentication data (email address, display name from your identity provider) is stored in-memory only and is not persisted. It is cleared automatically when the Gold Lapel process is restarted. The gl_session cookie expires after 24 hours.

Local data (state files, database schema objects, dashboard data, audit exports) is stored on your infrastructure and is under your control. We do not access, manage, or retain this data. You are responsible for its retention and deletion.

12. Data security

We implement commercially reasonable technical and organizational measures to protect your data, including encryption in transit (TLS), secure infrastructure practices, and access controls limiting who within our organization can access personal data.

No method of transmission or storage is completely secure. We provide commercially reasonable data protection measures but do not guarantee absolute security. If you discover a security vulnerability, please contact us immediately at thewaiter@goldlapel.com.

Your security responsibilities

For self-hosted deployments, you are solely responsible for:

  • Securing your database, including access controls, encryption at rest, and network configuration
  • Securing the Gold Lapel state file (~/.goldlapel/state.json) on your filesystem
  • Controlling access to the local dashboard on shared or multi-user machines
  • Maintaining backups and disaster recovery for your database
  • Compliance with regulatory frameworks applicable to your data (HIPAA, PCI-DSS, SOC 2, etc.)

Gold Lapel is not responsible for unauthorized access to your database, state files, or dashboard resulting from inadequate security controls on your infrastructure.

13. Data breach notification

In the event that we become aware of a security breach affecting personal data we hold, we will:

  • Investigate the breach promptly and take reasonable steps to contain and remediate it
  • Notify affected individuals and applicable regulatory authorities as required by law
  • Provide notification within 72 hours of becoming aware of the breach, where required by GDPR, or within the timeframe required by other applicable laws
  • Include in any notification: the nature of the breach, the data involved, the likely consequences, and the measures taken or proposed to address the breach

For self-hosted deployments, we do not have access to your database, state files, or local infrastructure. Breaches of your infrastructure are your responsibility to detect, investigate, and report.

14. Your rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you
  • Correction — request correction of inaccurate or incomplete data
  • Deletion — request deletion of your personal data, subject to legal retention requirements
  • Portability — request your data in a structured, machine-readable format
  • Objection — object to processing of your data for specific purposes
  • Restriction — request that we limit how we use your data
  • Withdrawal of consent — where processing is based on consent, withdraw it at any time

To exercise any of these rights, please contact us at thewaiter@goldlapel.com. We will respond within 30 days.

For California residents (CCPA/CPRA)

Under the California Consumer Privacy Act and the California Privacy Rights Act, California residents have specific rights regarding their personal information.

Categories of personal information we collect:

  • Identifiers — name, email address, account identifiers, IP address (via website hosting and Google Fonts CDN)
  • Commercial information — records of products or services purchased (license tier, subscription history)
  • Internet or electronic network activity — browsing history on our website (server logs only; no analytics service), interaction with our website
  • Professional or employment-related information — company or organization name, if voluntarily provided
  • Geolocation data — approximate location derived from IP address (country/region level)

Categories of personal information we do NOT collect:

  • Biometric information
  • Protected classification characteristics
  • Education information
  • Sensory data (audio, visual, thermal, olfactory)
  • Inferences drawn to create a consumer profile

We do not sell or share personal information for cross-context behavioral advertising. You have the right to know what personal information we collect, request its deletion, correct inaccurate personal information, and not be discriminated against for exercising your rights.

To submit a request, contact us at thewaiter@goldlapel.com. We will verify your identity before processing your request and respond within 45 days.

For European residents (GDPR)

Our legal bases for processing personal data are:

  • Performance of a contract — providing services you have purchased, processing payments, delivering license keys
  • Legitimate interests — license enforcement telemetry (necessary to enforce license terms), improving our products and services, maintaining security
  • Consent — where applicable, such as marketing communications (you may withdraw consent at any time)
  • Legal obligation — retaining records as required by tax and accounting regulations

You have the right to lodge a complaint with your local data protection authority if you believe we have not adequately addressed your concerns.

15. GDPR role clarification for self-hosted deployments

For self-hosted deployments, Gold Lapel is a software vendor and licensor, not a data processor under GDPR. We provide software that you install and operate on your own infrastructure. We do not process, access, store, or have any visibility into your database contents, queries, or application data.

The only data we receive from self-hosted deployments is the license enforcement telemetry described in Section 4, which contains aggregate counters and opaque identifiers — never your queries, database contents, or personal data from your systems.

As the operator of a self-hosted Gold Lapel instance, you are the data controller for all data processed through the proxy. You are responsible for your own GDPR compliance obligations, including conducting data protection impact assessments, maintaining records of processing activities, and ensuring lawful bases for processing.

16. Hosted service

When Gold Lapel offers a hosted (cloud-managed) version of the Service, different data handling practices will apply because we would operate the proxy infrastructure on your behalf. In that scenario, we would have access to query traffic passing through the hosted proxy, and this privacy policy will be updated with specific disclosures regarding data handling, processing, retention, and security for the hosted service before it becomes available.

For enterprise customers requiring a hosted service, a Data Processing Agreement (DPA) will be available upon request to formalize the data processing relationship, sub-processor disclosures, and international transfer safeguards.

17. Data Processing Agreements

Enterprise customers who require a Data Processing Agreement (DPA) for regulatory or compliance purposes may request one by contacting us at thewaiter@goldlapel.com. DPAs are available for hosted service deployments and for the limited telemetry data processing associated with self-hosted deployments.

18. International data transfers

Gold Lapel is based in the United States. If you access our website or services from outside the United States, your information may be transferred to and processed in the United States or other countries where our service providers operate.

For self-hosted deployments, your database data does not leave your infrastructure. Only the license enforcement telemetry described in Section 4 is transmitted to our servers in the United States.

Where required by applicable law, we ensure appropriate safeguards are in place for international transfers, including standard contractual clauses or other mechanisms approved by relevant data protection authorities.

19. Do Not Track

Some web browsers transmit "Do Not Track" (DNT) signals. We use analytics and tracking tools on our website (including Google Analytics and Google Tag Manager, as described in Section 5). We do not currently alter our data collection practices in response to DNT signals. If we add the ability to honor DNT signals in the future, we will update this section accordingly.

20. Children's privacy

Gold Lapel is a database optimization tool intended for use by software professionals. We do not knowingly collect personal information from anyone under 16. If we become aware that we have collected data from a child under 16, we will delete it promptly.

21. Liability disclaimers

The following disclaimers apply to all data handling described in this privacy policy. These disclaimers are in addition to, and not in limitation of, the disclaimers and limitations of liability set forth in our Terms of Service.

Self-hosted infrastructure

Gold Lapel is not responsible for the security, integrity, or availability of your database, servers, or network infrastructure. You are solely responsible for:

  • Database security, access controls, encryption at rest, and network configuration
  • Security of the Gold Lapel state file on your filesystem
  • Controlling access to the local dashboard on shared or multi-user machines
  • Configuring and securing SSO identity provider integrations (OIDC, SAML)
  • Backups and disaster recovery for your database

Regulatory compliance

You are solely responsible for determining whether your use of Gold Lapel complies with applicable regulatory frameworks, including but not limited to HIPAA, PCI-DSS, SOC 2, SOX, GDPR, and any other data protection, privacy, or industry-specific regulations. Gold Lapel does not provide compliance certifications for the self-hosted software.

Third-party services

Gold Lapel is not responsible for the data practices of third-party services, including Stripe, Cloudflare, Hetzner, Google (Google Fonts CDN, Google Analytics, Google Tag Manager), and GitHub. Your interactions with these services are governed by their respective privacy policies.

No absolute guarantee

We implement commercially reasonable measures to protect data we handle. We do not warrant or guarantee absolute security, privacy, or data protection. No software vendor can provide such a guarantee, and this policy should not be read as one.

22. Changes to this policy

We may update this privacy policy from time to time. Changes will be communicated by updating the "Last updated" date at the top of this page. Your continued use of the Service after the updated policy is posted constitutes acceptance of the updated policy.

23. Contact

If you have questions, concerns, or requests regarding this privacy policy or our data practices, please contact us:

Email: thewaiter@goldlapel.com

Gold Lapel
3476 18th St, Apt 36
San Francisco, CA 94110
United States