Estuary
WEBINARS
  • Estuary 101 Webinar
    Watch Estuary 101
PricingConnectors
SUCCESS STORIES
Glossier

Glossier slashes data costs by 50% and unlocks real-time supply chain and marketing analytics with Estuary.

Xometry

Xometry slashed integration costs by 60% with Estuary’s secure, real-time private deployment

Prodege

Data Integration for Apache Iceberg

View all success stories
READ
Blog
Blog
Product Updates
Product Updates
Docs & Guides
About us
About us
Status
Status
The Right Time Data Manifesto
The Right Time Data Manifesto
LISTEN
Podcasts
Podcasts
Webinars
Webinars
Youtube
YouTube
DEMO
  • Estuary Flow Product demo
    Play Interactive Demo
  • Deploy CDC and Streaming ETL in Minutes Using Estuary Flow
    Real-time 101 (30 min)
    Log inTry it Free
    Log inTry it Free

    Privacy Policy

    Revised as of October 20th, 2025

    We respect your privacy.

    Estuary Technologies, Inc. ("Estuary," "we," "us," or "our") welcomes you. Our collection and use of information from visitors of our Website and Customers of our ETL and ELT pipelines and related services (collectively with the Website, the "Services") is subject to the following privacy policy (the "Privacy Policy") which may be updated by us from time to time without notice to you.

    By using or signing up to access and use the Services, you acknowledge that you have read, understood and agree to be legally bound by the terms of this Privacy Policy and the Terms of Use. If you do not agree to (or cannot comply with) all of the terms of this Privacy Policy and the Terms of Use, you may not access or use the Services.

    If you accept or agree to this Privacy Policy on behalf of a company or other legal entity, you represent and warrant that you have the authority to bind that company or other legal entity to the Privacy Policy and, in such event, "you" and "your" will refer and apply to that company or other legal entity and any Authorized Users.

    Capitalized terms not defined in this Privacy Policy shall have the meaning set forth in our Terms of Use.

    I. OUR ROLE IN DATA PROCESSING; HOW TO CONTACT US

    The entity responsible for the collection and use of your personal information when you use the Website or inquire about our Services is Estuary, which for purposes of General Data Protection Regulation and the UK Data Protection Act 2018, is the data controller. Estuary is also the data controller with respect to certain personal information it processes for its own purposes, such as for improving, developing, and securing the Services.

    The entity responsible for the processing of your personal information when you use the ETL and ELT pipelines and related services offered through the Website is Estuary, which for purposes of General Data Protection Regulation and the UK Data Protection Act 2018, is the data processor.

    You can contact Estuary by emailing us at privacy@estuary.dev with "Privacy Policy" in the subject, or by emailing Estuary's Chief Privacy Officer at dpo@estuary.dev.

    II. THE DATA WE COLLECT AND HOW WE USE IT

    Please refer to Appendix I for a table detailing (i) the types of personal information we collect, (ii) our purpose for processing such data and (iii) the legal basis for processing such data.

    1. DATA YOU PROVIDE TO US

    In the course of operating the Services, Estuary collects or receives the following types of information from you directly, which may include personal information:

    a. Contact Information

    We collect contact information that you provide to us through the Services, which may include your name, email address, or phone number. We use such contact information for purposes such as communicating with you about the Services, responding to your inquiries, sending you email alerts concerning the Services, registering you as an Authorized User of the Services, and providing you with the Services. You have the right to opt out of alerts that are not necessary to providing you the Services (see Section IV for more details).

    b. Communications and Commercial Information

    When you sign up for our Services or request information, we collect details about the specific Services you're interested in and your inquiries. This helps us deliver the Services you requested and respond effectively to your communications.

    c. Customer Content

    If you sign up for the Services, we will have access to any data that you submit to us in connection with our provision of Services ("Customer Content"). Customer Content includes: (i) the data that you request Estuary to transfer from one system to another, (ii) configuration information to connect to the relevant systems, such as passwords and user identifications, and (iii) other information provided to facilitate the configuration and timing of data transfer, such as notification preferences. We only access and use the Customer Content to provide you with the Services.

    2. DATA WE COLLECT AUTOMATICALLY

    When you access or use our Services, we automatically collect some or all of the following information about you:

    a. Internet Activity Information

    Our servers and CookieFirst (discussed in Section V) keep log files that record data each time a device accesses the servers. We may use these log files for purposes such as assisting in monitoring and troubleshooting errors and incidents, analyzing traffic, or optimizing the user experience. The log files include information such as:

    • Your consent status or the withdrawal of consent
    • Your IP address
    • Information about your browser
    • Information about your device
    • The date and time you have visited our website, and the pages you've clicked on while on our Services and time spent on the Services
    • The webpage URL where you saved or updated your consent preferences
    • The approximate location of the user that saved their consent preference
    • A universally unique identifier (UUID) of the website visitor that clicked the cookie banner
    • Other data about your access of the platform, and how you use, deploy and interact with the Services

    b. Information Collected by Cookies and Similar Tracking Technologies

    We, including through third-party service providers, may collect information about your use of the Services using "cookies" and other similar technologies to help collect, analyze, and provide us reports or other data. For example, we use one or more third-party analytics services to evaluate your use of the Services, as the case may be, by compiling reports on activity (based on their collection of IP addresses, internet service provider, browser type, operating system and language, referring and exit pages and URLs, data and time, amount of time spent on particular pages, what sections of the Services you visit, number of links clicked, search terms and other similar data with respect to how you use the Services) and analyzing performance metrics.

    One third party analytics provider that we use is Google Analytics. For more information about Google Analytics, including how to opt out of its tracking technology visit: How Google uses information from sites or apps that use our services. Please note that our use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

    c. Aggregate Data

    In an ongoing effort to better understand our users and the Services, we might analyze data with respect to how you use the Services alone and in combination with other data (including anonymized elements of the Customer Content), and may use such combined data in an aggregate and anonymous manner to operate, maintain, manage, and improve the Services.

    3. LEGAL BASIS FOR PROCESSING

    When we process your personal information, we will only do so in the following situations:

    a. As a matter of "contractual necessity"

    Meaning that we need to process the data in order to provide you with the Website and the Services you purchase or request, including as provided within the MSA if you have entered into one. When we process data due to contractual necessity, failure to provide such personal information will result in your inability to use some or all portions of the Website and the Services that require such data.

    b. When processing such information furthers the legitimate interest of us or third parties

    For example, we process certain personal information and other information that you provide us, or which we collect automatically, to send you marketing communications, to communicate with you about changes to our Services, and to help provide, secure, and improve our Services.

    Your Right to Object: When we use personal information to further a legitimate interest, you have the right to object to that use.

    c. When you give us express consent

    When we collect personal information based on your consent, we will clearly inform you at the time and place of collection. You may withdraw your consent at any time. To do so, you can contact us using the methods described in Section I. If your consent relates to information collected through cookies, you can manage your preferences by clicking the "Manage Cookie Preferences" link at the bottom of our Website.

    d. In response to lawful requests by public authorities

    Including for the purpose of meeting national security or law enforcement requirements. We may also disclose personal information to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.

    III. HOW WE SHARE DATA

    We may disclose your personal information as follows or as otherwise described in this Privacy Policy:

    1. With vendors, consultants and service providers

    We may share personal information in connection with providing our Services or for other purposes that you request or consent to. This includes sharing with third-party systems that support data portability through the Services. Other types of companies that may receive personal information include: hosting services, technical assistance, database management/back-up services, usage analytics, email marketing platforms, customer service, collaboration services, authentication services, authorization services, and payment processing services.

    2. In connection with business transfers

    In the event of a merger, dissolution, reorganization or similar corporate event, or the sale of all or substantially all of our assets, we expect that the information that we have collected, including personal information, would be transferred to the surviving entity in a merger or the acquiring entity. All such transfers shall be subject to our commitments with respect to the privacy and confidentiality of such personal information as set forth in this Privacy Policy. This Privacy Policy shall be binding upon Estuary and its legal successors in interest.

    3. Public Authorities

    To the extent we are required to disclose personal information in response to lawful requests, including for the purpose of meeting national security or law enforcement requirements. We may also disclose personal information to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.

    4. Aggregate Data

    We may share the aggregate data discussed in Section II(2) with our affiliates, agents, and business partners. We may also disclose aggregated user statistics to describe the Services to current and prospective business partners and to other third parties for other lawful purposes.

    IV. YOUR INFORMATION CHOICES

    1. Cookies

    We use the consent management platform CookieFirst. To provide or withdraw your consent to cookies on our Website, please visit the "Manage Cookie Preferences" link at the bottom of our Website.

    How CookieFirst works: When you access our Website, a connection is established with CookieFirst's server and we seek consent from you regarding the use of certain cookies. If approved, CookieFirst then stores a cookie in your browser, which then activates only those cookies to which you have consented (and documents such activity accordingly). The data processed is stored until the predefined storage period expires or you request to delete the data. Certain mandatory legal storage periods may apply notwithstanding the aforementioned.

    2. Opt-out of Marketing

    You may opt out at any time from the use of your personal information for direct marketing purposes by emailing the instructions to privacy@estuary.dev with "Privacy Policy" in the subject, or by clicking on the "Unsubscribe" link located on the bottom of any Estuary marketing email and following the instructions found on the page to which the link takes you. Please allow us a reasonable time to process your request. You cannot opt out of receiving transactional e-mails related to the Services.

    V. DATA RETENTION

    We store personal information we collect about you for as long as is necessary for the purposes for which we originally collected it. We may retain certain information for legitimate business purposes, as required by law, or where necessary to preserve it in contemplation of litigation, legal proceedings or an investigation. The storage periods are determined on a case-by-case basis that depends on factors like the nature of the information, why it is collected and processed, relevant legal or operational retention needs, and legal obligations.

    Our cookie management platform, discussed above, tracks the types of data the Website collects through cookies and for how long such data is retained. Please visit the "Manage Cookie Preferences" link at the bottom of our Website to view this information.

    VI. DO NOT TRACK

    Estuary does not respond to "Do Not Track" settings or other related mechanisms at this time.

    VII. HOW WE PROTECT YOUR INFORMATION

    Estuary takes very seriously the security and privacy of the personal information that it collects pursuant to this Privacy Policy. Accordingly, we implement reasonable security measures designed to protect your personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in processing and the nature of such data, and to comply with applicable laws and regulations. Please understand, however, that no security system is impenetrable. We cannot guarantee the security of our databases or the databases of the third parties with which we may share your information (as permitted herein), nor can we guarantee that the information you supply will not be intercepted while being transmitted over the Internet. In particular, e-mail sent to us may not be secure, and you should therefore take special care in deciding what information you send to us via e-mail.

    VIII. CHILDREN

    We do not knowingly collect personal information from children under the age of 13 through the Services. If you are under 13, please do not give us any personal information. We encourage parents and legal guardians to monitor their children's Internet usage and to help enforce our Privacy Policy by instructing their children to never provide personal information without their permission. If you have reason to believe that a child under the age of 13 has provided personal information to us, please contact us at privacy@estuary.dev, and we will endeavor to delete that information from our databases.

    IX. CROSS-BORDER TRANSFER OF INFORMATION

    Our servers are located in the US and elsewhere. Please be aware that your information may be transferred to, processed, maintained, and used on computers, servers, and systems located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your country of origin. If you are located outside the US and choose to use any of our Services, you consent to any transfer and processing of your personal information in accordance with this Privacy Policy and you do so at your own risk.

    X. CALIFORNIA PRIVACY RIGHTS

    Pursuant to Section 1798.83 of the California Civil Code, residents of California have the right to obtain certain information about the types of personal information that companies with whom they have an established business relationship (and that are not otherwise exempt) have shared with third parties for direct marketing purposes during the preceding calendar year, including the names and addresses of those third parties, and examples of the types of services or products marketed by those third parties. If you wish to submit a request pursuant to Section 1798.83, please contact Estuary via email at privacy@estuary.dev.

    XI. ADDITIONAL US STATE PRIVACY RIGHTS

    Depending on your place of residence, you may have certain rights regarding how we collect, use, and share your personal information. Please be aware that some of these rights are subject to limitations, and your request may be declined in specific situations---for instance, if providing the information would compromise another individual's privacy or if we are legally obligated to withhold such information. These rights may include:

    1. The right to confirm whether we are processing your personal information, and to access your personal information.
    2. The right to request we correct inaccuracies in your personal information.
    3. The right to request we delete your personal information.
    4. The right to request a copy of the personal information you provided to us.
    5. The right to opt out of processing of your personal information for targeted advertising purposes.
    6. The right to opt out of profiling and automated decision-making in furtherance of decisions that produce legal or similarly significant effects.
    7. The right to opt out of the sale of personal information.
    8. The right to designate an agent to submit a request on your behalf.
    9. The right to appeal a decision regarding your rights request.

    You can submit a request to exercise these rights by contacting us via email at privacy@estuary.dev with the subject line "U.S. State Privacy Rights Request" and providing us with your name and the email address associated with your account.

    XII. DATA SUBJECT ACCESS REQUESTS FOR EUROPEAN RESIDENTS

    1. If you are in the EEA, Switzerland, or the UK, you have the right to:

    • Request a copy of the personal information Estuary holds about you (including in a structured, commonly used, machine-readable format where applicable under the right of data portability),
    • Request that Estuary transmit your personal information to another controller (where applicable under the right of data portability),
    • Request that Estuary correct your data,
    • Request that your data be deleted,
    • Withdraw your consent, if you have consented to our use of personal information for a specific purpose,
    • Request that your data be restricted, and
    • Object to the processing of your personal information.

    2. HOW TO SUBMIT REQUESTS

    a. To make any of the requests outlined above, please submit a form online at Subject Access Request or email us at privacy@estuary.dev with "Privacy Policy" in the subject.

    b. If you are in the EEA and have a concern about our processing of personal information that we are not able to resolve, you have the right to lodge a complaint with the data protection authority where you reside. Estuary's lead Data Protection Authority in the EU/EEA is the Irish Data Protection Commission (DPC). For contact details of your local Data Protection Authority, please see: https://edpb.europa.eu/about-edpb/board/members_en.

    c. If you are in Switzerland, see the Federal Data Protection and Information Commissioner at https://www.edoeb.admin.ch/edoeb/en/home.html. If you are in the UK, see the Information Commissioner's Office at https://ico.org.uk/.

    XIII. LINKS TO EXTERNAL WEBSITES

    The Services may contain links to third-party websites ("External Sites"). Estuary has no control over the privacy practices or the content of any such External Sites. As such, we are not responsible for the content or the privacy policies of such External Sites. You should check the applicable privacy policy and terms of use when visiting any such External Sites.

    XIV. CHANGES TO THIS PRIVACY POLICY

    This Privacy Policy is effective as of the last updated date stated at the top of this Privacy Policy. We may change this Privacy Policy from time to time with or without notice to you. By accessing the Services after we make any such changes to this Privacy Policy, you are deemed to have accepted such changes. Please be aware that, to the extent permitted by applicable law, our use of the information collected is governed by the Privacy Policy in effect at the time we collect the information. Please refer back to this Privacy Policy on a regular basis.

    XV. HOW TO CONTACT US

    If you have questions about this Privacy Policy, please e-mail us at privacy@estuary.dev with "Privacy Policy" in the subject line.

    APPENDIX I

    The following table details (i) the types of personal information we collect, (ii) our purpose for processing such data and (iii) the legal basis for processing such data:

    Category of Personal InformationPurpose of ProcessingLegal Basis for Processing
    Data You Provide to Us
    Contact information, including name, email address
    • Provide you with information about the Services.
    • Respond to your inquiries.
    • Send you email alerts.
    • Register you as an Authorized User of the Services.
    • Provide you with the Services.
    		We process this information as a matter of "contractual necessity," meaning that we need to process the data in order to provide you with the services you request.
    Any information you provide in messages to us, including the content of the communication with an Estuary staff member by email, telephone, by completing an online form or participating in an online chat. This may include information contained in Slack messages sent through our implementation and service channels.
    • Address your requests, comments, issues, questions or concerns.
    • Improve our interactions with you and better meet your expectations, particularly in the context of support cases.
    • Determine the products and services that may be of interest to you and send you communications in accordance with your interests, your location and your industry.
    		We process this information as a matter of "contractual necessity," meaning that we need to process the data in order to provide you with the services you request.

    We also process personal information for marketing and sales activities in furtherance of our legitimate interests to provide you the Services and to keep you updated on developments around our products and services which may be of interest to you.
    Marketing preferences, including the contact information you would like Estuary to use for email marketing purposes, your marketing content preferences and whether you opted out of marketing communications
    • Communicate with you about products, services, offers, promotions, rewards, and events offered by Estuary and others, and provide news and information we think will be of interest to you.
    		Generally, we send email marketing to European individuals pursuant to their consent which we obtain when users provide us with their email addresses through the online form on our Website and consent to receiving email communications.

    When you use the Website and/or Services, email marketing may be sent to you pursuant to our legitimate interest in sending marketing communications to you in the context of such engagement.

    We also process your information to comply with legal obligations to which we are subject, such as our obligation to comply with your preferences around communications that are not necessary to our provision of the Services.
    Customer Content that you submit to us for the Services, including: (i) the data that Customer, or its Client, as applicable, requests Estuary to transfer from one system to another (ii) configuration information to connect to the relevant systems, such as passwords and user identifications, and (iii) other information provided to Estuary to help configure how and when the data transfer will occur, such as notification preferences.
    • Provide you with Services, which include self-service data portability.
    • To improve the Services.
    		We process this information as a matter of "contractual necessity," meaning that we need to process the data in order to perform you with the data portability services that you request.

    As discussed herein, we may collect internet activity information or aggregate data, which may relate to Customer Content, to improve the Services in furtherance of our legitimate interests.
    Data We Collect Automatically
    Data from our servers, cookies and similar tracking technologies (including those of our third-party analytics providers) about how you access and use the Services, including:
    • Consent status
    • IP address
    • Information about your Browser
    • Information about your Device
    • The date and time you visited our Website
    • Pages you've clicked on
    • Time spent on the Services
    • The webpage URL where you saved or updated your consent preferences
    • Approximate location
    • A universally unique identifier (UUID) of the website visitor
    • Monitor and analyze aggregated trends, usage and activities in connection with the Services.
    • Ensure that you are an Authorized User.
    • Improve the usage and performance of and enhance the engagement and user experience of the Services.
    • Comply with our legal obligations.
    		We rely on our legitimate interest to analyze, develop, improve and optimize our sites, facilities, Services, and to maintain the security of our sites, networks and systems.

    We comply with legal obligations to which we are subject, such as an obligation to comply with legal process, or to process an opt-out request.