Overview: Our approach prioritizes safety by limiting storage of sensitive data, e.g. never store actual database content.
The security of your data is our prime concern and we go to great lengths to make sure it is protected. Our services can be tailored as per your requirements. Post login, you can utilize our services to create SQL for you. In this scenario, no data of sensitive nature is stored. Moreover, you also have the option to add a data source for more precise, simplified SQL generation.
We only store database schema (table and column names and data types) and credentials, which are fully encrypted. The actual database content is NEVER stored.
You have the option to store data sources either in your browser's local storage or on our server (recommended). This can be selected by pressing the "Advanced" link when you add your data source. Regardless of the storage location chosen, all sensitive connection data (such as username, password, host) are fully encrypted prior to storage, be it on the server or locally in your browser.
Apart from securely storing encrypted connection credentials, we keep a record of the database schema (table and column names and data type), for instance:
users: id, name, imageUrl, createdAt, updatedAt, isBlocked
posts: id, title, body, imageUrl, userId, createdAt, updatedAt
...
These are utilized by our AI to generate SQL queries for optimized accuracy. Here's a quick summary:
| Location | Stores data schema | Connection credentials | Stores database content |
|---|---|---|---|
| Server | Yes | Fully encrypted using multiple servers | Never |
| LocalStorage | Yes | Fully encrypted using multiple servers | Never |
Our software takes connection credentials, encrypts them via containerized AWS Lambda functionalities, and stores the encrypted credentials on a separate server – one which does not hold the encryption key, that is, the database. This ensures that even if there is a data breach, the stolen data will be useless for the hackers.
Data sources can be removed any time by visiting the data sources page and deleting any data sources you no longer require. Deleted data sources can't be reinstated. Within seven days, any deleted data source will be taken off our backups and no longer available on our servers.
For the best security upon connecting to your data source, we suggest:
Upon generating a SQL or NoSQL, you can click "Run query" to actually execute the query on your connected database. This action prompts the generation of the query and encrypted credentials being sent to a separate server, where the query is run and the results returned. Neither of these data points are stored; our database connection server simply acts as a proxy, transmitting results between your database and the web UI.
Your data, including encrypted database credentials and the database schema will never be shared. Also, we do not store or have access to any data from running queries on your database.
Our services are hosted using Vercel, AWS Lambda, DigitalOcean and Render. They constantly being monitored for vulnerabilities and threats.