What kind of data is processed by Kaldea

The data processed by Kaldea includes the following:

  • Query Execution History
  • Query execution results for visualization: query is executed against customer data source, not on Kaldea
  • Kaldea user activity
  • Customer-managed and controlled access credentials to the data source
  • Metadata (e.g. table schema): non-row-level, non-sensitive metadata only

What kind of security measures are in place

We practice all security measures specified on our SOC-2 compliance report.

In essence, we have security measures in the following categories:

  • Physical Security
  • Logical Access
  • Computer Operations
  • Change Control
  • Data Communications

PII control: we inherit the data source settings (through the credentials)

What other compliance on top of SOC2 is in place? or in plan?

We have GDPR in the closest plan with the highest priority.