Security & Privacy

As a data analysis software, the user needs to transfer the data they want to analyze. These data is stored encrypted at rest in Google Cloud Storag. The user has absolute control over these copies and can remove them at any time.

Our platform is hosted on Google CPD in Europe, Belgium. You can read more about the security policies here.

Our cluster is essentially disconnected from internet with the exception of port 443 used to serve the webpage. All web traffic is served through secure SSL connections (non-secure connections on port 80 are always redirected to https on port 443). Private key authentication is required for managing our cluster.

Background processes executed by our users to do their analysis are always executed on isolated machines on a different network, so that there is no direct access to our internal systems. Nevertheless, these DBs are protected with passwords. Datasets are stored in a private Google Cloud Storage bucket. When serving these files to an authenticated user, a signed url only valid for a very brief period of time is used. All data is encrypted at rest. We use Google Cloud Audit Logs to monitor our infrastructure.

We have successfully went through an audit process to be compliant with GDPR , you can read more about our privacy policy here.

Only after explicit consent from the user. The access to customer data through regulated interfaces is only granted to a select group of our trained employees. The primary reasons for this are to ensure effective customer support, identify and tackle security threats, troubleshoot prospective issues, and enhance data security.

The access is allocated based on the employee’s role and every request for access is recorded. Only a handful of specific employees are granted access to the infrastructure. All our employees undergo privacy and security training at the start of their employment and regularly thereafter as a mandatory condition of their continued employment.