The short version
- Byson stores your saved connections and settings on your device.
- API keys are encrypted on device and never shown again after saving.
- Byson does not send raw full MongoDB documents to AI by default.
- AI requests are sent to the provider you configure, only when you trigger them.
- Purchases and subscriptions are processed by Google Play and RevenueCat.
1 · What Byson is
Byson (“Byson”, “the app”, “we”) is an Android application that gives mobile developers a graphical interface to their MongoDB databases. This policy applies to the Android version of Byson distributed through Google Play. The Android package identifier is app.byson.mobile. The product is operated under the brand Byson at getbyson.com.
Byson is designed around a single principle: your database is yours. Most of the data the app needs to function lives on the device, encrypted where appropriate, and never leaves it unless you tell the app to take an action that involves a network request to a service you configured.
2 · Information stored on your device
The following information is created and maintained locally on your Android device:
- Saved MongoDB connections - the names, hostnames, authentication settings, TLS preferences, and optional SSH tunnel configuration you enter.
- Connection secrets - passwords, certificates, and key material that are encrypted at rest using Android keystore-backed encryption.
- App preferences - theme, accent colors, default views, and similar UI state.
- Query history and saved queries - the queries and pipelines you save or run, including filters, projections, and sort orders.
- BYO AI provider configuration - the provider you selected, base URL, model name, and encrypted API key.
- AI generation history - previous drafts produced by AI features, retained locally so paid provider generations are not lost.
This information is not transmitted to Byson’s servers. If you uninstall the app or clear its storage, this data is removed from the device.
3 · MongoDB connection information
When you add a connection, Byson stores the metadata required to connect to your MongoDB deployment. Saved connections may include encrypted secrets such as passwords, X.509 client certificates, or SSH key material.
Byson connects directly from your device to your MongoDB cluster using the connection details you provide. Byson does not proxy your database traffic through Byson-operated infrastructure. Documents you read, write, or aggregate flow between your device and your cluster.
Connection metadata is stored on the device only. Connection secrets are encrypted at rest using Android keystore-backed encryption and are not shown again in plaintext after you save them.
4 · API keys and BYO AI providers
Byson includes an optional bring-your-own-AI feature. If you use it, you provide your own API key from a supported provider (Anthropic, an OpenAI-compatible endpoint, or Google AI Studio), and you are responsible for any provider usage costs.
- API keys are encrypted at rest using Android keystore-backed encryption.
- A saved API key is never displayed in plaintext after saving. The app exposes status and the last few characters at most.
- Byson does not log API keys in error reports, crash logs, or analytics.
- AI requests are sent to the provider only when you trigger an AI feature, and only with the prompt material described in the next section.
5 · AI Copilot and schema summaries
By default, Byson does not send raw, full MongoDB documents to AI providers. Instead, when you use an AI feature, the app constructs a prompt locally using:
- A schema summary of the selected collection - field names, inferred types, sparsity, and small redacted or truncated example values.
- The natural language instruction you typed (for example, “count cartoon films produced in 1953”).
- Optional workflow context, such as an existing draft pipeline you are refining.
The constructed prompt is sent to the provider you configured. The provider’s response is treated as a draft suggestion and presented in the app for your review. If you opt into sending fuller examples for a specific request, that is shown clearly before the request is sent.
6 · Aggregation generation safety
Generated aggregation pipelines are validated by Byson and require manual review before running. Specifically:
- Generated pipelines are presented as drafts with assumptions; nothing is executed automatically.
- Risky stages such as
$out,$merge, or unindexed$lookupraise warnings. - Result previews are capped for mobile safety; you must explicitly opt into larger windows.
- You can edit any draft before pressing Run, and you can refuse to run it.
7 · Purchases, subscriptions, RevenueCat, and Google Play Billing
Byson offers a Pro entitlement through monthly, yearly, and lifetime products. Pro purchases are processed using Google Play Billing and managed through RevenueCat, which acts as our subscription management provider.
- RevenueCat receives a pseudonymous identifier for your installation to determine entitlement status.
- Google Play receives the information required to complete the purchase, governed by Google’s privacy policy.
- Byson does not receive or store your payment instrument details.
BYO AI provider costs (calls to Anthropic, OpenAI-compatible endpoints, or Google AI Studio) are billed by your provider directly. Byson does not resell AI credits.
8 · Diagnostics, crash logs, and analytics
Byson on Android does not include any third-party analytics, advertising, or crash-reporting SDKs, and does not collect usage analytics or crash telemetry.
The only data that leaves your device goes to services you configure yourself (your MongoDB cluster, and your AI provider if you use AI features), or to Google Play and RevenueCat for processing purchases and checking your subscription status (see section 7). RevenueCat receives a pseudonymous installation identifier and your purchase/entitlement status for that purpose only. Byson never transmits your API keys, MongoDB connection strings, queries, documents, schema summaries, or AI prompts.
9 · Data sharing
Byson does not sell your data and does not share it with advertising networks. The only third parties involved in normal operation are:
- Your MongoDB cluster, contacted directly from your device.
- Your configured AI provider, contacted only when you trigger AI features.
- Google Play and RevenueCat, for app distribution and subscription management.
10 · Data retention and deletion
Most data Byson uses is stored on your device. You can remove it at any time by:
- Clearing the app’s storage from Android Settings.
- Uninstalling the app.
- Clearing in-app histories (query history, AI generation history) from the relevant Settings screens where available.
RevenueCat retains the entitlement records required to honor purchases. Google Play retains purchase records per its own policy. AI providers retain prompt and response data per their own policies.
11 · Children’s privacy
Byson is a developer tool intended for adults working with MongoDB. It is not directed at children under 13, and we do not knowingly collect personal information from children.
12 · International users
Byson is available globally through Google Play. Because most data stays on your device, cross-border transfers in normal operation are limited to your own MongoDB cluster and your own AI provider, both of which you choose and configure. Purchases are processed by Google Play and RevenueCat in their respective jurisdictions.
13 · Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page and, where appropriate, surface a notice in the app. Material changes will be communicated before they take effect.
14 · Contact
Questions, requests, or privacy concerns can be sent to support@getbyson.com. Please do not include real database passwords, connection strings, or API keys in any message you send us.
See also: the iOS Privacy Policy, the Byson support page, or return home.