Privacy notice

Legal information including our privacy policy, data protection and use of information.

Redgate (which means Red Gate Software Limited and its subsidiaries, Red Gate Software Inc, Red Gate Software Pty, Red Gate Software GmbH and Red Gate Software Canada, Inc.) respects your privacy. All information you give us is held with the utmost care and security.

Please take time to review this privacy policy as it sets out our privacy practices and tells you how your personal information will be treated by us. We do not sell, rent or loan any identifiable information regarding our customers to any third party. Only in the circumstances described within this Privacy Policy would we share your information with any third party.

Our use of personal data is in accordance with the Data Protection Act 2018 (GDPR).

Redgate is registered with the Information Commissioner's Office (ICO) and our registration number is Z9686370.

How we use your information

If you're visiting our websites, using our products and services, working with any of our teams, at events or applying for a role with us, this privacy notice sets out what data we collect, and how we use it. It also describes your rights regarding our use of your data.

We collect common types of personal information, such as: name, job title, company, industry, postal address, email address, phone number, and your computer's IP address.

We will use the personal information provided to us to:

  • Process orders submitted by you
  • Identify the Redgate 'certified partner' that is best placed to support your software purchase if you cannot purchase directly from us;
  • Customize the service we provide to you
  • Administrate or otherwise carry out our obligations in relation to any agreement you have with us
  • Verify your identity (e.g. if you participate in any promotions administered by us)
  • Anticipate and resolve any problems with any goods or services supplied to you
  • Carry out market research and surveys
  • Send you our newsletter, where this is requested by you
  • Track your engagement with us, including through our website, articles and newsletters
  • Understand how you use our products and services
  • Contact you by telephone and send you follow-up communications relating to your use of software downloaded from our website
  • Send you information about our other products and services
  • Process your application if you apply for a role with us
  • Work with you at events

This privacy notice tells you what to expect when Redgate collects personal information. It contains more information about:

Visiting our websites

When you visit one of our websites, we collect standard internet log information and details of visitor behavior patterns, including through the use of third-party analytics services (such as Google Analytics). We do this to understand how people are using our websites, to manage their operation and to diagnose any problems. We retain these logs for up to three months.

We use Marketo to track your engagement with our website, and help give you the most relevant information on our products and solutions. This data is visible to our sales and marketing teams. We keep data you have provided to us, for example if you fill out a form on our website, for the duration of our commercial relationship with you.

We also use third-party services to help us identify visitors to our website to improve the way we offer our products and services.

We rely on the lawful basis of legitimate interests to process this data.

Our website search is powered by Google. Search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected by either Redgate or any third party.

How we use cookies

Your web browser allows you to control whether cookies can be stored by our websites. However, disabling cookies will prevent certain parts of our websites from working correctly. Your web browser’s documentation has more information on controlling cookie behavior.

We use cookies on our websites to:

  • Maintain your active session
  • Store your preferences
  • Track the success of our marketing and advertising campaigns
  • Analyze the way people use our websites
  • Gather data on how our websites are performing

Community newsletters

We send newsletters for SQL Server Central and Simple-Talk and Amazon Simple Email Service. We gather statistics around email opening and interaction using industry-standard technologies, including tracking pixels, to analyze the performance or email campaigns. We use data about your interactions with our emails as an indicator of your interest in our products. We may also use your interaction with our previous newsletters to send you more appropriate information in the future.

We rely on your consent to send you Simple Talk and SQL Server Central newsletters.

You can opt out of receiving these newsletters at any time by clicking the unsubscribe link in these emails, or by managing your email preferences. For SQL Server Central, manage your preferences here.

Contacting us on social media

Redgate maintains a presence on X, Facebook and LinkedIn. We manage your interactions with us using Marketo and Sprout as well as using social media platforms directly.

If you send us a message via social media, we may include this in our CRM systems.

We process this data on the basis of our legitimate interests.

Working with our sales teams

Redgate's sales teams may reach out to you if we believe you are interested in our products. We may use contact details you have entered on our websites, provided to us at events, or that we have received from services such as LinkedIn.

If you do not wish to be contacted, you can use the unsubscribe link on any emails, let the sales person who got in touch know, or email privacy@red-gate.com.

We rely on legitimate interests as the lawful basis for processing this data.

Purchasing from us

If you choose to pay for Redgate product of services through our website, we will use a payment gateway provider to securely capture and process your payment information.

If you have chosen to pay us on a recurring billing basis, Stripe will hold your payment information until you choose provide us with notice to cancel recurring billing.

Where you have made a one-off payment to us, your payment information shall be deleted after payment is taken.

Connecting with our product support teams

If you engage with our support teams, we may ask you to provide additional information to help us assist you (like diagnostic logs). We may share this internally with our teams to support you and to enable them to reproduce and fix product issues. We may also cross reference your interactions with us in order to understand the customer journey, improve our self-help articles and to give you the best support experience.

Some of our products also include feedback mechanisms such as live chat. If you’re signed into the product, we’ll see your name and email address when you chat to us. Any information you send to us in the chat session will be shared with our product development and support teams.

If you choose to share information with us that contains information about your environment, such as detailed diagnostic logs, database schemas or server names, we will treat it as confidential information, and will only use it to provide support to you, and diagnose and resolve any issues with our products. You can ask us to delete this information at any time.

Processing this data is necessary to allow us to fulfill your support contract with us.

Participating in User Research

Our product teams may reach out to you to invite you to participate in product and market research, for example user experience sessions, surveys or collaborative design exercises.

You are free to participate in these, but can choose not to at any point. If you do not wish to be contacted, please let our teams know.

We rely on legitimate interests as the lawful basis for processing your data.

Recording telephone calls

We record some calls for training and quality purposes to help us evaluate our performance and better understand the needs of our customers. If you live in a jurisdiction where two-party consent is required, we’ll let you know we’re recording the call.

We rely on legitimate interests as the lawful basis for processing this data. We retain call recordings for up to two years.

Information sent to us when you use our products

Our products send usage and fault reporting information to us. We use this to:

  • Measure how many people are using the different versions of our products, and the different features within them
  • Understand the environments in which our products are used (for example, the operating system version, SQL Server version, the amount of system memory and screen resolutions)
  • Measure the success of our sales and marketing operations
  • Guide product development decisions and improve our products
  • Assist you in your evaluation, purchasing, and renewal of our products
  • Compare your usage of our products against the licenses you've purchased

We use your basic environment and high-level usage data in conjunction with your records in our marketing and CRM systems. Your use of individual features is submitted anonymously and is not linked to your identity.

Some of our products allow you to submit error reports if something goes wrong. These contain logs and other diagnostic data, and you can choose to include your contact details and any additional information you think may be useful. Our support and development teams use this data to improve our products.

If you choose not to include diagnostic data with an error report, an anonymous record of the type of error which occurred will be sent. This allows us to measure how many of our customers experience errors and prioritise our focus for product development.

Automatically-sent usage reporting data is processed on the basis of our legitimate interests. If you choose to submit error reports, we rely on your consent to process this data. You can withdraw your consent at any time, by emailing privacy@red-gate.com.

Using SQL Prompt+ EAP

If you have been invited to and signed up for the SQL Prompt+ Early Access Program (EAP), when you use the AI Assistant, the prompt you provide, along with a representation of your database schema, is sent to Redgate to provide the service. We do this to fulfil our contract to you.

We may also use this data to improve our products and services in the future. We do this on the basis of our legitimate interests.

We use Microsoft's Azure OpenAI to help us provide Prompt+ to you. This is currently hosted in the US East region.

If you wish to stop using the Prompt+ AI Assistant during the EAP, email privacy-promptplus@red-gate.com.

Using Redgate Flyway Service

If you choose to use the Redgate Flyway Service (Preview Software), data about your Redgate Flyway projects and environments are sent to Redgate to provide the service. We do this to fulfil our contract to you.

We may also collect data about your use of Redgate Flyway Service to improve our products and services in the future. We do this on the basis of our legitimate interests.

We use Microsoft Azure and Amazon Web Services to help us provide Redgate Flyway Service to you.

Your use of Redgate Flyway Service is in accordance with Schedule 2 of Redgate's Master Subscription EULA.

Applying for a role with us

If you apply for a role at Redgate, we will use the information you provide to assess your application.

If you are unsuccessful in your application, we will remove your data after 6 months. We may ask your permission to keep your details on file in our talent pool.

We use a third party, ICIMS, to manage our recruitment process. Their privacy policy is available here.

We process data relating to your application on the basis of our legitimate interests. We also have a legal obligation to check you have the right to work in the country where you are applying to join us.

For certain roles, we will perform background checks as part of the application process. We use external companies to assist with these.

Meeting or working with us at events

If you attend an event we organize, or meet with us at an event we're attending, we may use your contact details to follow up with you about our products. You can opt out at any time by using the unsubscribe link in our emails.

If you're joining us as a speaker or sponsor at one of our events, we'll use your contact details to work with you, and (where relevant) publish them on the event websites and other marketing materials.

We rely on the basis of our legitimate interests in organising these events to process this data.

Sharing your information with other parties

Redgate uses select organizations to help us process data which helps us deliver our products and services to you. We will not sell any data regarding your use of our products or services except as part of a reorganization or a sale of the assets of Redgate, and we will ensure that your privacy continues to be protected.

If you're a customer, potential customer, or you otherwise have a commercial relationship with Redgate, you can find the current list of organizations here.

Joining our Slack instances

Some of our product teams use Slack to work with customers to guide the development of our products, and get feedback on features we're planning or developing.

If you join one of these instances, your username and any messages or files you post in public channels will be visible to teams within Redgate and any other customers who have joined the channels you're in. Some channels may be private channels created for your organization; any messages or files you post in these will be visible to your colleagues and Redgate teams in that channel.

Our product development Slack channels have a message history of 180 days, after which messages are automatically deleted. Some EAP Slack instances (separate to redgate.slack.com) may have longer retention policies if the development of these products is expected to span a longer duration.

Some of our Sales teams may also offer to collaborate with you on Slack. If you choose to do this, you will be invited to a private channel with appropriate colleagues from your company and selected Redgate employees. Messages in this Slack team will be deleted after 180 days.

If you wish to delete your account on one of these instances, you should deactivate your account in Slack, then contact us at privacy@red-gate.com. This will remove your profile information; any messages or files you have posted will remain.

Participating in Redgate University

If you use our Redgate University content, we will identify you by the email address you sign in with so we can track your progress through the courses we offer, provide you with recognition of your achievements, and grant you access to content based on any Redgate licenses you have purchased or been assigned.

Your colleagues who manage your organisation's licenses may invite you to use Redgate University content. If you wish to delete your Redgate University account, contact us at privacy@red-gate.com.

We process this data on the basis of our legitimate interests.

Transferring your information outside of the UK or European Economic Area

In order to provide a global service, we transfer information to our subsidiaries and service providers situated outside the UK and European Economic Area [EEA], and it may be processed by staff operating outside the UK and EEA. When we do this, we take steps to ensure that your privacy rights continue to be protected in accordance with UK and EU data protection law.

UK/US Data Bridge and EU/US Data Framework

Redgate complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF as set forth by the U.S. Department of Commerce.

Redgate has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Redgate commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. For any enquires or complaints you should first contact Redgate at privacy@red-gate.com.

Limiting the use and disclosure of personal data

Redgate uses select organizations to help us process data which helps us deliver our products and services to our customers, potential customers, or if you otherwise have a commercial relationship with Redgate.

We do not sell any data regarding your use of our products or services except as part of a reorganization or a sale of the assets of Redgate, and we will ensure that your privacy continues to be protected.

If you wish to know more, please contact privacy@red-gate.com.

Redgate is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. Redgate may be required to disclose Personal Data that we handle under the Data Privacy Framework in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Binding arbitration

In accordance with Redgate’s commitment to resolve disputes fairly and efficiently, individuals are informed that they may have the right, under certain conditions, to invoke binding arbitration as a means of legal recourse.

Redgate acknowledges the obligation to arbitrate claims in a fair and equitable manner, adhering to the terms outlined in Annex I of the Data Privacy Framework Principles. This obligation comes into effect provided that an individual has formally invoked binding arbitration by delivering a notice to Redgate and has complied with the procedures and conditions stipulated in Annex I of the Principles. Please inform us either by email to privacy@red-gate.com or by post:

Privacy Team
Red Gate Software Limited
Cavendish House
Cambridge Business Park
Cambridge
CB4 0XB
United Kingdom

Onward transfers to third parties

Redgate maintains responsibility for the protection of your personal data as it is transferred to third parties. In the event of such onward transfers, Redgate remains liable for ensuring that the recipients of your data uphold the same level of privacy and security. This commitment extends to all processing of personal data by third parties, in accordance with the Data Privacy Framework Principles.

If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern.

To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit www.dataprivacyframework.gov.

Your rights

Under the GDPR, you have rights as an individual which you can exercise in relation to the information we hold about you:

  • Confirmation of personal data that is being processed
  • Access to your personal data
  • Other supplementary information as referred to (the information provided in our privacy policy)

If you object to the way we are processing your data, or would like us to erase your personal data, contact privacy@red-gate.com. If you have purchased products from us, we may need to keep some of your data (for example, records of your purchases) to comply with our legal obligations.

Complaints and queries

Redgate tries to meet the highest standards when collecting and using personal information. We take complaints very seriously. If you feel our collection or use of information is unfair, misleading or inappropriate, we encourage you to bring this to our attention. We also welcome any suggestions for improving our procedures.

If you have any questions regarding this policy, or wish to make a complaint about the way we’ve handled your personal information, contact privacy@red-gate.com.

If you are unhappy with how we have used your data, you can complain to a supervisory authority. In the UK, this is the Information Comissioner's Office.

Reporting security issues

If you become aware of a security vulnerability in any of Redgate's products, services or websites, contact security@red-gate.com.

We encourage the responsible disclosure of security issues, and will act quickly on any vulnerabilities reported. We will not take legal action against you if you:

  • Provide us with the information needed to reproduce and validate the vulnerability
  • Avoid violating the privacy of our customers, staff and other users
  • Avoid the destruction of data, or degradation of our services
  • Do not modify or access data that is not your own
  • Give us a reasonable time to address the issue before making any information public

Changes to this privacy policy

We regularly review our privacy policy. This policy was last updated on 21st August 2024.

Questions about data privacy

Redgate is the data controller for the information you provide unless otherwise stated. If you have any queries about the process or how we handle your information, contact privacy@red-gate.com.

You can also write to us at:

Compliance Manager
Red Gate Software Limited
Cavendish House
Cambridge Business Park
Cambridge
CB4 0XB
United Kingdom

We have appointed Red Gate Software GmbH as our representative in the EEA:

Compliance Manager
Red Gate Software GmbH
c/o Mindpsace
Krausenstre. 9-10
100117 Berlin
Germany
privacy-eu@red-gate.com