Privacy Policy
Last Updated: 29 November 2024Welcome to Supr Analyst ("Supr Analyst," "we," "us," and/or "our"). This privacy policy outlines our commitment to protecting your privacy and explains in detail how we handle your information. At Supr Analyst, we understand the importance of data privacy and security, especially when dealing with sensitive business data. This policy applies to all services provided through our platform, including our web interface, Slack integration, and AI-powered analysis tools.
Please note that Supr Analyst is currently in a pilot/beta phase. Features and services may evolve during this period, and we may update these Terms accordingly as the service develops. We appreciate your participation in helping us improve our services during this early stage.
1. Information We Collect
1.1 Personal Information
What We Collect:
We collect several key types of personal information for our services. Your account information includes your email address and professional contact details. We also gather relevant organizational information as part of your company details. For account security, we maintain encrypted passwords and authentication credentials. We store your user preferences, including interface settings, notification preferences, and custom configurations.
How We Use This Information:
Your personal information helps us deliver our services effectively. We use this data to create and maintain your secure account while verifying your identity. This allows us to provide personalized customer support and technical assistance. We send critical service updates, security alerts, and system notifications to keep you informed. We also analyze usage patterns to improve our services and develop new features. Your information helps facilitate collaboration between team members and departments.
1.2 Database Integration:
Our platform offers seamless integration with major database systems, including: PostgreSQL, MySQL, and Snowflake using secure connection protocols for schema processing and query handling.
Important Security Notes:
Security is paramount in our database integration approach. We maintain a strict boundary between your database and our systems, ensuring your raw data stays exclusively within your infrastructure. Our systems only process essential metadata, such as schema and table relationships. We protect all integrations with encrypted connections and follow industry-standard security protocols to maintain the highest level of data protection.
1.3 Information Processing:
We process the following types of information:
Metadata Processing:
Our metadata processing encompasses essential database structural elements. We process database schema information, table relationships and structures, column definitions and data types, as well as index and foreign key configurations. This allows us to provide optimized service while maintaining data security.
Query Processing (Anonymized):
In our query processing operations, we work with anonymized data to protect your privacy. This includes analyzing SQL query patterns and structures, monitoring query performance metrics, generating optimization suggestions, and identifying error patterns and solutions to improve system performance.
User Interaction (Anonymized):
We also process anonymized user interaction data to enhance your experience. This involves analyzing natural language questions and prompts, studying query modification patterns, collecting feature usage statistics, and gathering performance feedback. This information helps us continuously improve our platform's functionality and user experience.
Query Processing and User Interaction is processed in an anonymized form, we do not use it to identify you or your organization. For more information on anonymized data processing, mail us at privacy@supranalyst.com
1.4 Platform Usage Monitoring (Anonymized):
What we Monitor:
Our platform implements comprehensive anonymized monitoring of various usage aspects. We track how different features are utilized, measure system response times and resource usage, identify and analyze system issues, and observe interface interaction patterns and navigation flows. This monitoring system helps us maintain optimal performance while protecting user privacy.
Benefits of Monitoring:
The benefits of our monitoring approach are substantial and directly impact user experience. Through careful analysis of this data, we continuously improve platform functionality and quickly identify and resolve technical issues. This allows us to optimize system performance, make informed decisions about feature development based on actual user needs, and enhance our AI assistance capabilities to better serve our users.
1.5 Cookies and Similar Technologies:
We employ essential cookies and similar technologies as a fundamental part of our service delivery. These technologies serve critical functions in maintaining your secure login session, remembering your UI preferences, and providing core platform functionality to ensure a smooth user experience.
By using our service, you agree to our use of these essential technologies.
2. Data Security
2.1 Data Protection Principles
Core Security Philosophy:
Our core security philosophy is built on robust data protection principles. We ensure complete data isolation, meaning your raw database information remains exclusively within your infrastructure. Our AI processing is limited to metadata and query structures only, maintaining the highest level of data privacy. When it comes to results, we display them securely on your Supr Analyst dashboard without storing them on our systems or sending them to AI. We implement strict authentication and authorization protocols to control all data access.
2.2 Security Measures
Our technical security measures are comprehensive and industry-standard. We've developed secure integrations with leading databases and data warehouses to protect your data at every point. All communications are protected through encrypted SSL/TLS protocols, ensuring the highest level of security during data transmission.
3. Data Processing
3.1 Slack Integration
Our Slack integration operates with a focused approach to security and efficiency. When the Supr Analyst Bot is mentioned in Slack, we securely process only those specific messages. Our system processes these requests and delivers responses directly back to the original thread. To maintain privacy, Supr Analyst strictly limits its access to only the threads where it's explicitly mentioned, ensuring all other conversations remain private.
3.2 AI Processing
Our AI processing capabilities enhance your data analysis experience in multiple ways. We provide AI assistance for query generation and optimization, helping you create more effective database queries. Our natural language processing enables intuitive data analysis, while generating real-time insights from your data. The system also includes intelligent error correction and query improvement features, helping you maintain optimal query performance and accuracy.
4. Data Sharing
4.1 Access Rights
We prioritize your complete ownership and control over organizational data. Your organization maintains full ownership of all its data, with comprehensive control over database connections. You have complete authority to manage team member access and configure integration settings according to your needs. Additionally, you maintain control over all data processing preferences, ensuring alignment with your organization's policies.
4.2 Data Retention
Our data retention policies are designed to balance functionality with privacy. We retain query history based on your specified user settings, while maintaining essential metadata for proper service functionality. You have the flexibility to remove integrated data sources at any time according to your requirements. We also conduct regular cleanup of data processing logs to maintain system efficiency while protecting your privacy.
4.3 Your Data Rights
We extend comprehensive data protection rights to all our users worldwide, adhering to the General Data Protection Regulation (GDPR) standards established for users in the European Union. Your rights include the ability to request access to your personal data, correct any inaccurate information, export your data in common formats, and withdraw your consent for data processing at any time.
If you wish to exercise any of these data rights, you can reach out to us at privacy@supranalyst.com. We are committed to addressing your requests promptly and will provide a response within 30 days of receiving your inquiry.
5. Contact Information
For any privacy-related questions, concerns, or to exercise your data rights:
- Email: privacy@supranalyst.com
- Response Time: We aim to respond within 2 business days
- For urgent matters related to data security, please mark your email as "URGENT - Security"
5.1 Data Security Incident Response
In the event of a security incident affecting your data, we follow a comprehensive notification process. We will contact you via email with detailed information about the situation, including a description of the incident and the specific types of data affected. Our notification will outline the steps we're taking to address the security issue and provide you with recommended actions to protect your information.
6. Changes to Privacy Policy
We reserve the right to update this Privacy Policy as our services evolve. Users will be notified of any material changes to this policy.