At Datawisp, we take the security of your data (and that of your users) very seriously. Besides following industry best practices to keep your data secure, we employ multiple security measures, described below.
Minimize Retained Data
We aim to minimize the data we have possession of. After all, whenever the data is not on our system, there is no risk of any breach on our end.
Where possible, we do not store your data on our servers. If you connect to an external database, the data remains on your infrastructure. On our end, we only store a limited amount of metadata (e.g. information about the database schema).
Of course, we keep your data in memory while you are actively using it in Datawisp
If you delete a data source, we remove it from our systems
Granular Access Control
When you store your data in Datawisp, you can decide what you do with it:
You can decide if and how you share your data
Other users will only have access to your data if you explicitly share it with them
Reviewing who you shared your data with is easily accessible via the sharing menu
We try to build our infrastructure in a way where attacks on the infrastructure are unlikely.
We only process data and store data in secure, ISO/IEC 27001:2013-certified data centers
All data is stored on and all queries are executed on dedicated hardware
Access to the data processing servers is strictly limited
All software is updated and kept secure automatically where possible, and strict guidance is given for cases where this is not possible
We regularly review and reevaluate our infrastructure decisions
Data is always encrypted in transport
Our backups are off-site and securely encrypted. The key is stored separately from the backup
Secure Software Architecture
We always build our software with potential threats in mind. This leads to an architecture that ensures that exploitation is unlikely.
We only use programming languages with strong memory safety guarantees such as Rust or TypeScript to completely eliminate the biggest source of potential exploits.
We follow and enforce industry best practices for coding standards to prevent known common exploits such as SQL injections. Code that doesn’t follow these standards is not acceptable in our codebase.
All of our code is reviewed regularly and with an eye to security
We enforce the use of Single-Sign-On on our platform, so no additional login/password that could be lost or stolen is created with Datawisp.
In the future, we will regularly review and improve our security practices to always ensure that we are always improving the security of your data.