Legal & Docs

Plain language. Real features. No surprises.

Last updated: May 2026

Privacy Policy

TL;DRWe store your email, encrypted Firebase key, and project names. We never store your actual Firebase credentials in plaintext — they are decrypted in your browser and used only in-memory on the server for the duration of each request. We don't sell anything.

What we collect

  • Account data: email address (via Supabase Auth) and timestamps.
  • Project data: project name (label), Firebase Project ID, and the AES-256-GCM ciphertext of your service account key.
  • Usage metadata: Gemini export usage count and reset dates (linked to your user ID) to enforce rate limits.

What we explicitly do NOT collect

  • Your Firebase service account JSON. It is encrypted in your browser before transmission. We only store the ciphertext.
  • Your AES-256 decryption key. It never leaves your browser and is never transmitted to our servers.
  • Your Firestore document contents. Firebase operations happen through the Admin SDK using your own credentials, proxied server-side only for the duration of the request.
  • Payment information. FirebaseQL has no paid tier at this time.

How your data is used

To deliver the service (authenticate you, show your projects, fetch your Firestore data on request) and enforce usage limits (e.g., Gemini SQL export). We do not use your data for advertising, profiling, or any third-party analytics.

Third-party services

  • Supabase: Used for authentication and database hosting.
  • Google Gemini API: Used for schema-only analysis during SQL export. No document data is sent — only collection/field names.
  • Google Firebase Admin SDK: Used to proxy your Firestore requests. Credentials are held only in-memory for the request lifecycle.

Data retention & your rights

Account data is retained until you delete your account. You have the right to access your data, request a data export, and delete your account. To request full data deletion, please contact us (see Support section below). Note: Self-serve account deletion will be available in the app soon.

Back to top

Terms of Service

TL;DRUse FirebaseQL only with Firebase projects you own or are authorized to access. We're not liable if your Firebase data is lost. We can suspend accounts that abuse the platform.

Acceptance & Eligibility

By creating an account, you agree to these terms. You must be at least 13 years old and have the legal authority to connect the Firebase project(s) you use with FirebaseQL.

Your responsibilities

  • You are responsible for maintaining the security of your decryption key. We cannot recover it.
  • You must only connect Firebase projects that you own or have explicit permission to access.
  • You must not use FirebaseQL to access, copy, or export data that you are not authorized to use.

Acceptable use — prohibited

You may not access other users' Firebase projects, use automated scripts to bulk-trigger Gemini export limits, or use FirebaseQL as a vector for unauthorized data extraction. Doing so may result in immediate account termination.

No liability for Firebase data

FirebaseQL reads your Firestore data via the Admin SDK on your behalf. We are not responsible for data loss, corruption, or accidental modification that occurs in your Firebase project. Always maintain your own backups.

Service availability & Limits

We make reasonable efforts to keep FirebaseQL available, but do not guarantee uptime. Features like the Gemini export limit (3/day per account) are platform constraints, not negotiable service-level commitments. We currently do not offer a paid tier, but reserve the right to introduce one in the future.

Governing law

These terms are governed by the laws of India. Any disputes shall be resolved in the appropriate jurisdiction.

Back to top

Documentation

1. Getting your Firebase Service Account Key

  1. Go to console.firebase.google.com
  2. Select your project
  3. Click the gear icon → Project Settings
  4. Navigate to the Service Accounts tab
  5. Click Generate new private key
  6. Confirm the dialog — a .json file will be downloaded
  7. Open the file, copy the entire JSON content
  8. Paste it into FirebaseQL's "Add Project" modal
⚠️
Important: This JSON contains admin-level access to your Firebase project. Treat it like a password. FirebaseQL encrypts it immediately in your browser.

2. How Encryption Works

When you add a project, FirebaseQL generates an AES-256-GCM encryption key using your browser's Web Crypto API. Your service account JSON is encrypted locally before being sent to our servers.

  • Only the ciphertext is stored in our database. Your plaintext credentials are decrypted locally in your browser and passed to our server only in-memory to perform Firebase operations. They are never written to any database or log.
  • The encryption key is shown to you once as your Decryption Key.
  • Every time you open a project, you enter this key. It decrypts the credentials locally in your browser.

3. The Decryption Key (Don't lose it!)

The decryption key is a randomly generated cryptographic key, never stored on our servers. If you lose your decryption key, the encrypted service account stored in FirebaseQL becomes permanently inaccessible. We recommend storing it in a password manager.

Note: You can always just re-add the project using a fresh service account key from Firebase if you lose the decryption key.

4. Subcollections & Navigation

FirebaseQL lists all root Firestore collections in the sidebar. Subcollections are discovered progressively in the background and appear with a badge:

  • (s) = first-level subcollection
  • (s^2) = second-level subcollection
  • x150 = indicates how many parent documents contain this subcollection

Click a subcollection to open a popup where you can select the parent document ID. Use the Lock toggle in the table header to bypass this popup on repeat visits.

5. AI SQL Export

Click Export in any collection's header. FirebaseQL collects collection names and field names only from your Firestore schema and sends them to Google Gemini (via the Gemini API). No document values or actual data are ever sent to Gemini. Gemini generates a normalized SQL schema (Supabase, PostgreSQL, MySQL, or SQLite) with proper relationships.

Note: collection names and field names can reveal information about your app's data structure. If your schema is sensitive, consider this before using the export feature.

System Limits

FeatureLimitNotes
Gemini SQL exports3 / dayResets at midnight IST
File export (CSV/JSON)500 docs / collectionMax 10 collections at once
Subcollection depth5 levelsZero read cost (metadata only)
Subcollection scan1,000 docs maxCap for performance
Doc ID listing (Popup)5,000 IDsSearchable in UI
Back to top

Contact & Support

This is an indie project. Response times are best-effort but usually within a few days.

Email Support
ashmith@gmail.com
GitHub Profile
@ashser004

Data Deletion Requests

Currently, you must email ashmith@gmail.com with the subject line "Data Deletion Request". Please send it from the email address associated with your account. A self-serve deletion feature will be available in the app soon.

Back to top