SECURITY & DATA FLOW

A technical summary for your IT team.

We've put PerSight's data flow, permission model and privacy posture on one page. You can share this page with your security or IT lead.

Where does data stay, what goes to the cloud?

STAYS ON YOUR MACHINE

  • Row data
  • Credentials
  • Query results
  • Query execution

SENT TO THE CLOUD

  • Table and column names (schema)
  • Your question

Security principles

Read-only (SELECT-only)

Only SELECT queries are generated; write and delete operations are technically blocked. PerSight cannot make any change to your data.

Visible, auditable query

Every generated query is shown on screen and explained in plain language before it runs; the operator can edit and approve it. No black box.

Transparency modal

The content sent to the cloud (schema + question) is shown verbatim inside the app. We don't just say it, we show it.

Local authority, kept with you

You define the connection with a read-only database user; credentials are stored encrypted on the device (Windows DPAPI).

Privacy posture

Because real row data is never sent to the cloud for processing, the personal data transferred to third parties is minimized. This supports your data-protection posture; final compliance depends on your entire data pipeline and processes.

What IT needs to provide for the connection

  • Server address and port
  • Database name
  • A read-only (SELECT-privileged) user
  • Network/VPN access if required

All of this information and the encryption keys stay on your device — they're stored encrypted with Windows DPAPI and are never sent to the cloud.

Have questions?

Write to us for a corporate security review or custom setup.