• Security
  • Privacy Policy & GDPR
  • Terms of use

Your Data. Your Control. Your Data. Your Control.

superQuery’s data platform is based on top of your existing database, using a secure connection to query your data warehouse directly. Your optimized queries access the data needed to answer your question in your database, return the results, and the answer is stored in a short-lived cache. You can also control and configure these parameters based on your needs and policies.

Thanks to superQuery’s single point-of-access for your data, you can establish a robust data governance infrastructure, giving everyone within your company the ability to answer their own questions, while keeping data sprawl to a minimum and access to sensitive information restricted. Administrators can configure permissions by user or group, and can restrict data access from the database level all the way down to the row or column level.

Administrators can always maintain a secure experience for their users with the robust business intelligence data governance we enable.

Leverage Your Database’s Security Protocols

superQuery generates SQL that directly queries your database. The result: Your analysts and data scientists don’t need to pull your data out of the database to run queries.

Data access without changing your storage functionalities and policies

superQuery uses a read-only connection to access the minimum amount of data needed to answer your queries and only returns the relevant result set. The result: less data duplication, no long-term storage of sensitive data on local machines, and maintaining the full power of your existing database security model.

Reign your data

Secure User Access and Management

superQuery makes it easy for administrators to control users’ access from the database level down to the field level.

Easy permissions, access and configurations

Application permissions, data access, and content access can be set manually in our dashboard, programmatically via superQuery’s API, or can be inherited directly from your existing single sign-on authentication protocols.

Enterprise-level feature set

Authenticate Your Way

superQuery’s platform comes standard with enterprise-level features including two-factor authentication, SAML-based single sign-on (supporting SAML, OneLogin, and Google Apps), and team management to keep superQuery access secure and up-to-date.

Highest Data Security Encryption standards

superQuery uses industry-standard AES encryption to secure cached data stored at rest, and the TLS protocol to secure network traffic between users’ browsers and the platform.

Secure Your Database Connection

superQuery offers many options for securing connections to your database, including IP Whitelisting, SSL, SSH, PKI, and Kerberos authentication.

Comprehensively monitored and fully auditable

Because superQuery’s data platform provides a single point of contact for employees’ work with your enterprise’s data, it’s far easier to keep track of exactly who accessed what, when, and what they did with it.

Easily Keep Track of Usage and Development

superQuery logs every interaction so administrators can audit usage and easily set up scheduled reports and alerts. And because superQuery’s data model is version-controlled, you can also track when metric definitions have changed, who changed them and why.

Easy Configuration of Support Access

superQuery monitors and regularly audits company support technicians’ access to your instance (and as of superQuery release 4.22, you’ll be able to easily turn that access on or off).

Our Shared Security Partnership

superQuery connects to your organization’s database, and is designed to leave your data in that database. Because superQuery connects to technology that you are responsible for maintaining, security becomes a shared responsibility between superQuery and you.

Application Data Collected by superQuery

While there is no permanent storage of your data in the superQuery application, by default, the application passes the following information back to us to perform license validation and enhance the service.

  • License checks – License information, including the number of users, roles, and database connections
  • Basic usage – URLs accessed, time of access, and browser type
  • Backups – Encrypted backups of the superQuery instance’s database, which includes saved Looks, query history, and user settings
  • Error emails – Errors from superQuery servers are generated for Engineering’s use to diagnose and improve the product (note that passwords and other private information is filtered out)
  • User admin emails – Mail generated from support@superQuery.io provides new account welcome emails, forgotten password reset links, and scheduled data delivery. If preferred, you can configure these emails to use your own SMTP service instead.
  • Support tickets – Support is provided on demand via an embedded chat client service through Intercom.

NOTE: By default, superQuery stores models in a secured GitHub repository.

superQuery’s Responsibilities

  • Cloud Security – superQuery uses Amazon Web Services and other hosting providers to offer industry-standard security, availability and durability of hosted superQuery implementations.
  • Product Security – superQuery is responsible for ensuring that the code quality for the superQuery application is developed according to industry-wide best practices for software development, and is regularly tested for vulnerabilities.
  • Corporate Security – superQuery is responsible for educating and disseminating security best practices throughout its organization, and ensuring that superQuery’s ancillary applications, systems, and networks are securely configured and monitored.
  • Physical Security – superQuery is responsible for monitoring the superQuery corporate facilities, and ensuring that both offices and hardware are protected.

Your Responsibilities

Cloud Security

You are responsible for configuring secure access between the superQuery application and your database. superQuery provides extensive recommendations on how to do this, including:

  • Enabling secure database access using tools like IP whitelisting, SSL/TLS encryption, and SSH tunneling.
  • Setting up the most locked-down database account permissions for superQuery that still allow it to perform needed functions.

Product Security

You are also responsible for controlling access and permissions for users of your superQuery instance within your company. We recommend:

  • Setting up user authentication using either a native username/password option or, preferably, using a more robust authentication mechanism like 2FA, LDAP, Google OAuth, or SAML.
  • Setting up the most restrictive user permissions and content access that still allow people to carry out their work, paying special attention to who has admin privileges.
  • Setting up any API usage in a secure way.
  • Regularly auditing any public access links your users create and restricting the permission to create them, as necessary.

Cloud Security Architecture

superQuery hosts its software on AWS Cloud Services, which means that as a superQuery customer, you’ll inherit the robust standards of cloud security maintained by AWS, which superQuery builds on top of for its own security best practices. superQuery also uses industry best practices for the development and testing of the superQuery application, ensuring that code quality meets our standards before becoming part of a superQuery release.

Cloud Infrastructure

AWS facilities

The superQuery application is managed on AWS Facilities which comply with over 50 data security certifications, regulations, and frameworks. Physical security is managed by AWS, with facilities monitored by video surveillance, and intrusion detection systems.

Physical separation of data

The superQuery application is hosted in a single-tenant environment physically separating the instances of superQuery customers from each other. The superQuery application is hosted in a single tenant AWS Availability Zone (AZ) environment by default. If you have specific availability needs, you can contact your Account Manager to request implementing the application in a cluster configuration.

Data Security Architecture

superQuery follows AWS best practices for security architecture. Proxy servers secure access to the superQuery application by providing a single point to filter attacks through IP blacklisting and connection rate limiting.

Redundancy

superQuery employs a Cloud-based distributed backup framework for superQuery-hosted customer servers.

Availability and durability

The superQuery application can be hosted in a variety of different AWS data centers across the globe.

Monitoring & Authentication

Access to a customer’s back-end servers

Access to superQuery-hosted back-end environment requires approval and multiple layers of authentication.

Access to a customer’s superQuery application

Employee access to customer superQuery instances is provided in order to support a customer’s needs. Access requires approval and multiple layers of authentication. Additionally, customers can control all access from superQuery to their application via a Support toggle.

Monitored user access

Access to your superQuery environment is uniquely identified, logged, and monitored.

Network and application vulnerability scanning

superQuery’s front-end application and back-end infrastructure is scanned for known security vulnerabilities at least monthly.

Centralized logging

Logs across the superQuery production and corporate environments are collected and stored centrally for monitoring and alerting on possible security events.

Reputation monitoring/threat intelligence

Collected logs and network activity are checked against commercial threat intelligence feeds for potential risks.

Anomaly detection

Anomalous activity, like unexpected authentication activity, triggers alarms.

Data Security Encryption

AES encryption

Application sensitive data stored locally including database connection configurations and cached query data is encrypted and secured using AES encryption.

Secure credential storage & encryption

Native username and passwords are secured using a dedicated password-based key derivation function (bcrypt) with hashing and salting.

TLS encryption

Data in transit is encrypted and secured from the user’s browser to the application via TLS.

SSL / SSH encryption

superQuery enables you to configure your database connection via encrypted TLS or SSH.

 

Product Security

Overview

Code development

Code development is done through a documented SDLC process which includes guidance on how code is tested, reviewed, and promoted to production.

Peer review and unit testing of code

Code is peer reviewed before being committed to the master code branch of the superQuery application. Functional and unit tests are performed using automated tools.

Routine developer training

Developers are regularly trained on secure coding practices.

Code quality tests

superQuery utilizes automated tests specifically targeting injection flaws, input validation, and proper CSRF token usage.

Regular third-party penetration testing

superQuery performs regular third-party penetration tests against the superQuery application and hosted environment.

Single sign on

superQuery provides SAML-based single sign on for users, offering support for SSO solutions from Google Apps, OneLogin, and SAML.

LDAP authentication

superQuery provides the ability to authenticate users based on Lightweight Directory Access Protocol (LDAP), enabling administrators to link LDAP groups to superQuery roles and permissions.

Two-Factor authentication

superQuery provides the ability to use two-factor authentication via Google Authenticator.

Corporate Security

superQuery works under robust security protocols to secure the superQuery Office premises and materials that contain sensitive information. superQuery also invests in properly vetting and training staff to ensure that there is an organization-wide appreciation for data security.

Personal & Third Parties

Security organization

Led by the Chief Security Officer (CSO), superQuery has an established a dedicated information security function responsible for security and data compliance across the organization.

Policies and procedures

superQuery maintains various security policies that are maintained, communicated, and approved by management to ensure everyone clearly knows their security responsibilities.

Background checks

New contractors and employees are required to pass a background check and sign confidentiality agreements.

Security awareness education

superQuery new-hires complete security training as part of the entry into the organization. Employees receive routine security awareness training and confirm adherence to Company security policies. superQuery employees are reminded of security best practices through informal and formal communications.

Vendor management

superQuery maintains a vendor management program to ensure that third-parties comply with an expected level of security controls.

Risk management

superQuery maintains a robust security risk management program. Our CSO chairs our internal quarterly Security Steering Committee.

Incident Response

On-call

superQuery’s Security and Operations team is available 24/7 to respond to security alerts and events.

Policies and procedures

superQuery maintains a documented incident response plan.

Incident response training

Employees are trained on security incident response processes, including communication channels and escalation paths.

superQuery Premises and Hardware

Monitoring and secure access to superQuery offices

superQuery offices are protected by security measures including security cameras.

Laptop protection

superQuery uses a combination of endpoint management tools to monitor, patch, and protect its laptop population. Laptops have encrypted hard drives and are protected with sign-on password. Also, an AV/HIDs solution is installed on laptops to protect against malware and monitor for possible security events.

 

Data Security, Privacy & Compliance

One of the priorities of superQuery’s security practices is to ensure that use of your data is transparent, safe, and respectful. To that end, superQuery maintains a Compliance team to perform regular assessments and ensure that risks are appropriately being mitigated and that controls are designed and operating correctly.

Please consult superQuery’s Privacy Policy if you don’t see your question answered here.

Data Security & Compliance

Healthcare data security compliance

superQuery customers include HIPAA Covered Entities and Business Associates. Since superQuery doesn’t extract your data, we don’t categorize data as sensitive, personal health information or according to other schemas. Instead, we handle all data according to the same security standards. superQuery will assist you to carry out HIPAA-related security obligations & compliance, which can include executing Business Associate Agreements as needed.

SOC 2 and ISO 27001 compliance

superQuery has a SOC 2 Type 1 report and and is collecting evidence for the Type 2 audit. We anticipate the Type 2 report being available in September, 2018. Following the SOC 2 Type 2 audit, superQuery will direct its attention towards ISO 27001.

Data Privacy

EU Compliance & GDPR Compliance

superQuery has many users in the European Economic Area and will work with you to assure database compliance with Personal Data handling requirements and cross-border transfer requirements under the EU Privacy Directive, and the new GDPR.

Determine where superQuery is hosted

superQuery lets you determine where your superQuery is to be hosted. Currently your superQuery hosted instance can reside in the US, Japan, Ireland, Australia, or Brazil.

Privacy Policy Privacy Policy

Last Updated: March 2019

THE EVALUEX IO Ltd. (“EVALUEX“, “We“, “Our” or “Us“) provides this Privacy Policy (along with Our Terms of Use) to inform any person (and or/entity and/or anyone on their behalf), uses Our internet website (the “Site“). This Privacy Policy details Our policies and procedures regarding the collection, use, and disclosure of personal information we receive from Users in order to use Our Services. The Services constitute a big data management solutions website (the “Services“). Your privacy is always a top priority for us. This Privacy Policy applies only to information that you provide to us through the Services.

We reserve the right to amend this Privacy Policy at any time at Our sole discretion. We will inform users of the Services of any such amendments to the Privacy Policy by posting an updated policy on the Site or sending them an e-mail, so they shall re-visit this page frequently. Such material changes will take effect seven (7) days after such notice was provided on our Site or sent via e-mail (to the extent that you provided us with such e-mail address), whichever is the earlier. In the event that the Privacy Policy should be amended to comply with any legal requirements, the amendments may take effect immediately, or as required by the law and without any prior notice. For the purposes of this Privacy Policy, users include anyone who accesses or registers to Our Services (together, “User” or “Users”). IF YOU DO NOT ACCEPT THE TERMS OF THIS PRIVACY POLICY, YOU MAY NOT ACCESS OR USE THE SERVICES.

1. Information We Collect

Personally Identifiable Information

  • During your use of our Services, we may collect certain information from you, including your first and last name, email address, social media profile, a mobile phone number. We may not, and do not, require a User to disclose more information than is reasonably necessary to access and use Our Services. Users are not required by law to provide such information but must provide it if they wish to become a registered User of the Services. In any event, if for any reason registered Users wish to delete or modify PII, they can change it by logging in to their account or sending us an e-mail with adequate detail of their request to support@superquery.io and we will make reasonable efforts to modify or delete any such PII pursuant to any applicable privacy laws. Note that unless otherwise explicitly specified herein and/or unless the Users instruct us otherwise, we may retain their PII for as long as reasonably required for the purposes for which such PII was collected, all as permitted under any applicable privacy laws.
  • Users can also open an account and signup to the Services via existing third-party social media accounts, such as Google (“Social Network Account”). In the event that a User registers to the Services through his/her existing Social Network Account then such Social Network Account provides us with access to certain information about such User as is stored in the User’s Social Network Account, namely, the User’s public profile and his/her list of friends and/or any other information which is detailed and displayed to the User in the notice which appears during the integration process with such Social Network Account. Please remember that the manner in which the applicable social network uses, stores and discloses your information is governed solely by its policies and Evaluex shall have no liability or responsibility for the privacy practices or other actions of the applicable social network that may be available within our Service.
  • We do not collect any PII from you or related to you without your approval, which is obtained, inter alia, through your active acceptance to the Terms and the Privacy Policy. Cookies

We may automatically collect information using “cookies.” Cookies are small data files stored on your hard drive by a website. Among other things, cookies help us improve our Services and your experience. We use cookies to see which areas and features are popular and to count visits to our Site. If you do not accept cookies, however, you may not be able to use all portions of the Site or all functionality of the Services.

Communications with us

Users may review, update, correct or delete the PII in their account by contacting us. If you completely delete all such information, then your account may become deactivated. If you would like us to delete your record in our system or stop sending you any information please contact us at support@superquery.io with a request that we delete your PII from our database. We may retain an archived copy of your records as required by law or for legitimate business purposes.

Other Websites and Third Party

This Privacy Policy applies only to the Site and the Services. The Site may contain links and references to websites of others. We may, from time to time, at Our sole discretion, add or remove links to other websites. These links are provided solely as a convenience to you, and access to any such websites is at your own risk. We may present links in a format that enables us to keep track of whether these links have been followed. In addition, third party companies and individuals which we use to perform our Services and other websites may place their own cookies or other files on Users’ computers or collect data or solicit PII directly from Our Users. We do not review, approve, monitor, endorse, guarantee, warrant, make any representations with respect to, nor are We responsible for, such links or websites. In no event, We will be responsible for the information contained in such links or websites, their practices or for your use of or inability to use such links or websites or their services, or transmissions received from such sites. BY USING THE SERVICE, YOU EXPRESSLY RELIEVE US FROM ANY AND ALL LIABILITY ARISING FROM YOUR USE OF ANY THIRD-PARTY WEBSITES OR SERVICES.

We do not sell, trade, or otherwise transfer to third parties your PII without your advance written consent. This does not include website hosting partners and other parties who assist Us in operating Our Site, conducting Our business, or serving Our Users (such as Google BigQuery), so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect our or others’ rights, property or safety. However, non-personally identifiable information and non-identifiable metadata may be provided to other parties for marketing, advertising or other uses without any notice or consent.

PII that Our Users provide to other websites or services (such as Google Big Query) may be sent to us in order to enable Our Users’ use of the Site. We process such information in accordance with this Privacy Policy. Other websites and services may have different privacy practices. We encourage Users to read the privacy policies and other terms and familiarize themselves with the privacy practices of the other websites or services before using their products or services. In this regard, if you have been referred to us by Google Big Query, you should review and accept their respective terms of service and privacy policy.

2. Use of Information We Collect

We may collect, store and use information Users provide to us on Our Site or Service in order to:

  • Enable Users to log-in into the Site;
  • Ensure all Users follow Our Terms and other rules and policies;
  • Ban a User temporarily or permanently for failure to follow Our Terms, rules, and policies, or for other misconduct or inappropriate behavior;
  • Respond to questions and comments from Users;
  • Provide Users with newsletters, updates, and other materials related to the purposes of the Site, or with information or offers from us or third parties that we believe Users may find useful or interesting;
  • Improve the functionality, design, and quality of the Site;
  • Caching User’s data, only to the extent we have been requested to do so by the User.

Service Providers and Other Third Parties

We may share non-personally identifiable information with third parties for industry analysis and other commercial purposes, or to deliver targeted advertising about other products and services. No such non-personally identifiable information that we provide to third parties will contain PII. It is important to note that we allow third party behavioral tracking.

Compliance with Laws and Law Enforcement

We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We may disclose any information about Users, including PII, to government or law enforcement officials or private parties where we are required to do so by law, including, but not limited to, in response to a court order. We may also disclose PII in response to a request by a law enforcement agency or other public agency or if we believe such disclosure may prevent or mitigate the threat of crime or harm to Users or others, facilitate an investigation related to a User’s safety or public safety, protect the security or integrity of Our Site, or enable us to take precautions against liability. This Privacy Policy will be governed by and construed in accordance with the laws of the State of Israel, notwithstanding choice or conflict of laws issues. If for any reason a court of competent jurisdiction finds any provision or portion of this Privacy Policy to be unenforceable, the remainder of the Privacy Policy will continue in full force and effect.

Email Messages (including Direct Marketing)

EVALUEX collects email addresses and phone numbers to send information, newsletters, offers of new or improved Services, advertising and also in order to respond to inquiries or other requests. EVALUEX will not use misleading or false information in the content of those emails, and it will be reasonably identifiable as advertising, as the case may be. You may withdraw your consent to the receipt of such messages by sending a written notice to our e-mail support@superqury.io or following the un-subscription instructions that may be provided therein.

International Transfer

Your information may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may be different than those in your jurisdiction. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

3. Security and How We Safeguard Information We Collect

The security of Users’ information is highly important to Us. We have put in place appropriate security systems designed to prevent unauthorized access to disclosure and use of information Users provide to us. These systems are structured to deter and prevent hackers and others from accessing this information. Due to the nature of Internet communications and evolving technologies, however, we cannot provide, and expressly disclaim, any assurance that the information provides to us will remain free from loss, misuse, or alteration by third parties who, despite Our efforts, obtain unauthorized access. In addition, We work to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input.

4. Inadvertent Disclosure of PII

You acknowledge and accept that, despite our efforts, there may be times or situations when your PII is inadvertently disclosed by Us or by a third party to whom we have disclosed Your PII. You hereby accept that risk and waive any and all claims, causes of action, damages and liability against Us in the event of inadvertent or negligent disclosure of PII.

5. Contacting Us

If you have any concerns or questions about this Privacy Policy, please contact us at support@superquery.io.

GDPR Compliance GDPR Compliance

One of the architectural benefits of the superQuery platform is that it creates a single, governed location for users to access data. This reduces data sprawl, leverages the world-class security of today’s most advanced databases, and gives administrators control over who’s accessing data and how long it’s cached for.

The superQuery platform helps businesses to empower users to analyze data and gain insights to drive business outcomes, but leaves control of your data where it belongs, in your hands.

superQuery holds two classes of data: information about superQuery users and the customer data necessary to answer users’ queries.

  1. Information about superQuery users includes end­-user login/registration information for superQuery users as well as metadata about their usage. Metadata is used to facilitate product improvements, customer support and license auditing. Login information is controlled by customers directly as it is entered on their superQuery instance and they can delete their users’ (i.e. their employees’) information at any time. We retain basic user contact information to send product updates, relevant marketing, training and events based on the users’ contact preferences.
  2. Once superQuery is connected to a customer database, the superQuery cache retains data from the customer’s database that is fetched in response to a users’ queries. This data is encrypted and stored by superQuery for a maximum of 360 days . If you prefer, you can also take additional steps to reduce the amount of time that query results are held in cache.

Yes. We retain basic user contact information to communicate with our users and customers about our product and security updates, relevant marketing, training and events. superQuery users may opt-out of communications by email to support@superquery.io.

superQuery-hosted instances are hosted in the Amazon Web Services cloud and Google cloud service.

At superQuery we are constantly updated with the developments in the privacy and security policies. Our data security program is designed to ensure that the policies, controls and processes are appropriate to the type of personal data and data processing collected. You can find our security policy here: https://web.superquery.io/security

As our customer, you remain in control of your data and data about your users. When you remove users from your superQuery instance, their data will be removed from superQuery’s databases within 30 days. If you wish to delete a superQuery user’s account data, we have a process to permanently anonymize the data.

If you would like superQuery to delete your customer data or superQuery user account detail, please send an email to support@superQuery.io.

Terms of use Terms of use

Last Updated: December 9, 2018

1. Introduction

    1. These Terms of Use (the “Terms“) along with the Privacy Policy govern the relationship between THE EVALUEX IO Ltd., a company incorporated under the laws of the state of Israel (“EVALUEX“, “our“, “we” or “us“), the owner and operator of a big data management solutions website (the “Services” and the “Site”, respectively), and any individual or entity who requests to use the Services (“You”).
    2. These Terms govern your access to use the Services, any information, text, graphics, or other materials appearing thereon, and any services provided or enabled therein (the “Materials”). Your access to use the Site is expressly conditioned on your compliance with these Terms.  By accessing or using the Site you agree to be bound by these Terms.
    3. EVALUEX may, at its sole discretion, change these Terms from time to time, including any other policies incorporated thereto, so please re-visit this page frequently. In case of any material change, we will make reasonable efforts to post a clear notice on the Site and/or will send you an e-mail (to the extent that you provided us with such e-mail address) regarding such change. Such material changes will take effect seven (7) days after such notice was provided on our Site or sent via e-mail, whichever is the earlier. In the event that the Terms should be amended to comply with any legal requirements, the amendments may take effect immediately, or as required by the law and without any prior notice. IF YOU DO NOT ACCEPT THE PROVISIONS OF THIS TERMS, YOU MAY NOT ACCESS OR USE THE SERVICES. If you violate any of these Terms, your permission to use the Services will automatically terminate. EVALUEX reserves the right to revoke your access to and use of the Services at any time, with or without cause.

EVALUEX also reserves the right to cease providing or to change the Services at any time and without notice.

2. Rules of Conduct

  1. You hereby agree and undertakes not to:
    1. Conduct any illegal, fraudulent, misleading, deceptive activities while using the Services;  
    2. Hold yourself out as sponsored by, endorsed by, or affiliated with the Services;
    3. Use any portion of the Services for uploading, posting, emailing, transmitting or otherwise making available messages that are harmful, threatening, abusive, vulgar, obscene, defamatory, libelous, hateful, or racially, ethnically or otherwise objectionable;
    4. Attempt to gain access to secured portions of the Services to which you have no permission to enter, including database, computer systems or servers;
        1. Upload or transmit any form of virus or other malicious code;
        2. Use any automatic or manual process to search or harvest information from the Site, to interfere in any way with the proper functioning of the Services, or engage in any activity that disrupts, diminishes the quality of, interferes with the performance of, or impairs the functionality of, the Services;
        3. You acknowledge the fact that EVALUEX may view, manage and alter your data and tables inserted by you to the Site.
        4. You acknowledge it is your full responsibility to back up all your data. EVALUEX shall not be responsible in any way for any data loss.
        5. Engage in any chain letters, contests, junk email, pyramid schemes, spamming, surveys, or other duplicative or unsolicited messages (commercial or otherwise).
        6. Use any trade name, trademark, or brand name of EVALUEX; copy, distribute, perform, transmit, modify, reuse or otherwise display the Materials, in whole or in part for public or commercial purposes or alter, modify or create any derivative works thereof, any material in a way that infringes Intellectual Property Rights (as defined below), of EVALUEX or any other third party.

3. Member Account

  1. In order to use the Service, you may be asked to create an account (“Member Account”). You may never use another’s Member Account without permission. As part of the registration process, you may be asked to select a username and password. You agree to provide true, accurate and complete information about yourself and maintain the accuracy of such registration data. Therefore: 
    1. You agree not to provide any information in any manner which may  infringe the copyright, trademark, trade secret, or other intellectual property or other proprietary right of others;  violate the privacy, publicity, confidentially or other rights of third parties; or be discriminatory, defamatory, obscene, threatening, abusive, or hateful, as determined by EVALUEX in its sole discretion.
    2. You agree that your use of the Services is at your own risk. You will be responsible for the confidentiality and use of your username and password and agree not to transfer or resell your use of or access to the Site to any third party.
    3. You agree to notify EVALUEX immediately of any unauthorized use of your password or any other breach of security. you are entirely responsible for maintaining the confidentiality of your username and password and for any and all activities that are conducted through your member account.

4. Privacy

  1. Your privacy is of top priority to Us. EVALUEX’s online Privacy Policy is incorporated herein by reference and describes the collection, use, and sharing of certain personally identifiable information that may be provided in connection with the use of the Site. Please read our Privacy Policy carefully, as it details all provisions regarding your privacy. We do not collect any PII from you or related to you without your approval, which is obtained, inter alia, through your active acceptance to the Terms and the Privacy Policy.
  2. You agree that in using the Services, we are permitted to display your name or logo as a user of our Services on our Site or on other marketing materials such as any social media in a manner that will be visible to other third parties.
        1.  

5. Intellectual Property

    1. You acknowledge and agree that EVALUEX and its licensors (as applicable) retain sole, full and exclusive ownership of all intellectual property rights of any kind related to the Services and related Materials, including copyrights, trademarks and other proprietary rights (“Intellectual Property Rights“). No license is granted hereunder to any Intellectual Property Rights. Other names and brands that are mentioned or displayed on the Services or in connection therewith may be trademarks of their respective owners and are to be treated accordingly.
    2. EVALUEX welcomes and encourages feedback, comments and suggestions for improvements to the Services (“Feedback“). You acknowledge and agree that all Feedback will be solely and exclusively EVALUEX’s property and You hereby irrevocably assign to EVALUEX all right, title, and interest that you may have in and to all Feedback, including without limitation all worldwide patent rights, copyright rights, trade secret rights, and other proprietary or intellectual property rights therein.
          1.  

6. Indemnity

You undertake to indemnify EVALUEX for any losses or damages resulting from any third party claims or complaints arising from, or in connection with your actions and activities on or in connection with the Services and/or breach of this Agreement.

7. No Warranty

    1. You hereby acknowledge and agree that EVALUEX and the Services are not responsible to provide any service other than the Services detailed herein.
    2. EVALUEX does not make any warranties that the Site will be secure or error free or that your use of the Site will meet your expectations, or that the Site, Materials, or any portion thereof, is correct, accurate, or reliable.
    3. The Services are provided “as is”, without warranty of any kind, either express or implied. Without limiting the foregoing, EVALUEX explicitly disclaims all warranties, express or implied, regarding the Services, including any implied warranty of quality, availability, merchantability, fitness for a particular purpose or non-infringement, and any warranties arising out of course of dealing or usage of any trade, including without limitation to the Services being free from defect or any virus, or any other malicious code.
    4. You hereby release evaluex from any damages, claims or other cause of action related in any way, directly or indirectly, to the services. evaluex makes no warranty that the services will meet your requirements or be available on an uninterrupted, secure, or error-free basis. evaluex makes no warranty regarding the quality of the services and any service associated therewith, or to the accuracy, timeliness, truthfulness, completeness or reliability of any content or service obtained thereby.
    5. You are solely and exclusively responsible for all your communications and interactions with EVALUEX, Services, or any other person or entity with whom you may communicate, interact or engage in connection with or as a result of your use of the Services.

8. Limitation of Liability

    1. Subject to applicable law, in no event shall EVALUEX be liable to you or any third party for any damages, whether direct, indirect or implied, including, without limitation, incidental, consequential, exemplary, special, or punitive damages, and including further, damages which may arise in connection with the Services. EVALUEX shall not be liable for any damages arising from any transaction or engagement between you and any third party or for any information provided by you or any third party.
    2. You hereby expressly agree that EVALUEX shall have the right, but not the obligation, at any time and at EVALUEX sole discretion, to take any action to monitor and record any interaction or engagement resulting from the use of the Services by you or any third party. To the full extent permitted by law, you hereby release EVALUEX from any claims or liability relating in any way thereto.
    3. The provisions of this section shall apply regardless of the nature of any claim, whether based on warranty, contract, tort, or any other legal or equitable theory, and whether or not evaluex is advised of the possibility of such damages.

9. Severability

In the event that any provision of these Terms is held to be invalid or unenforceable by a competent court, the remaining provisions of these Terms will remain in full force and effect.

10. Waiver

The failure of EVALUEX to enforce any right or provision of these Terms will not be deemed a waiver of such right or provision.

11. Arbitration and Controlling Law and Jurisdiction

    1. For any dispute, claim or controversy arising out of or in relation to these Terms or to the breach, termination, enforcement, interpretation or validity thereof, or to your access or use of the Site (together “Dispute”), you agree to first contact us and attempt to resolve the Dispute with us informally. If EVALUEX has not been able to resolve the Dispute with you informally, you and we agree to resolve any Dispute by binding individual arbitration. The arbitration shall be conducted in Israel.
    2. Nothing in this Section shall prevent EVALUEX from seeking injunctive or other equitable relief from the courts to prevent the actual or threatened infringement, misappropriation or violation of a copyrights, trademarks, trade secrets, patents, or other intellectual property rights and for matters related to data security or unauthorized access to the Site.
    3. These Terms will be governed by the laws of the State of Israel. You agree that the courts located in Tel-Aviv will have exclusive jurisdiction over any dispute between you and us.

12. Entire Agreement

These Terms are the entire and exclusive agreement, and replace any prior agreements, between EVALUEX and you regarding the subject matter hereof.

******

  • Security
  • Privacy Policy & GDPR
  • Terms of use

Your Data. Your Control. Your Data. Your Control.

superQuery’s data platform is based on top of your existing database, using a secure connection to query your data warehouse directly. Your optimized queries access the data needed to answer your question in your database, return the results, and the answer is stored in a short-lived cache. You can also control and configure these parameters based on your needs and policies.

Thanks to superQuery’s single point-of-access for your data, you can establish a robust data governance infrastructure, giving everyone within your company the ability to answer their own questions, while keeping data sprawl to a minimum and access to sensitive information restricted. Administrators can configure permissions by user or group, and can restrict data access from the database level all the way down to the row or column level.

Administrators can always maintain a secure experience for their users with the robust business intelligence data governance we enable.

Leverage Your Database’s Security Protocols

superQuery generates SQL that directly queries your database. The result: Your analysts and data scientists don’t need to pull your data out of the database to run queries.

Data access without changing your storage functionalities and policies

superQuery uses a read-only connection to access the minimum amount of data needed to answer your queries and only returns the relevant result set. The result: less data duplication, no long-term storage of sensitive data on local machines, and maintaining the full power of your existing database security model.

Reign your data

Secure User Access and Management

superQuery makes it easy for administrators to control users’ access from the database level down to the field level.

Easy permissions, access and configurations

Application permissions, data access, and content access can be set manually in our dashboard, programmatically via superQuery’s API, or can be inherited directly from your existing single sign-on authentication protocols.

Enterprise-level feature set

Authenticate Your Way

superQuery’s platform comes standard with enterprise-level features including two-factor authentication, SAML-based single sign-on (supporting SAML, OneLogin, and Google Apps), and team management to keep superQuery access secure and up-to-date.

Highest Data Security Encryption standards

superQuery uses industry-standard AES encryption to secure cached data stored at rest, and the TLS protocol to secure network traffic between users’ browsers and the platform.

Secure Your Database Connection

superQuery offers many options for securing connections to your database, including IP Whitelisting, SSL, SSH, PKI, and Kerberos authentication.

Comprehensively monitored and fully auditable

Because superQuery’s data platform provides a single point of contact for employees’ work with your enterprise’s data, it’s far easier to keep track of exactly who accessed what, when, and what they did with it.

Easily Keep Track of Usage and Development

superQuery logs every interaction so administrators can audit usage and easily set up scheduled reports and alerts. And because superQuery’s data model is version-controlled, you can also track when metric definitions have changed, who changed them and why.

Easy Configuration of Support Access

superQuery monitors and regularly audits company support technicians’ access to your instance (and as of superQuery release 4.22, you’ll be able to easily turn that access on or off).

Our Shared Security Partnership

superQuery connects to your organization’s database, and is designed to leave your data in that database. Because superQuery connects to technology that you are responsible for maintaining, security becomes a shared responsibility between superQuery and you.

Application Data Collected by superQuery

While there is no permanent storage of your data in the superQuery application, by default, the application passes the following information back to us to perform license validation and enhance the service.

  • License checks – License information, including the number of users, roles, and database connections
  • Basic usage – URLs accessed, time of access, and browser type
  • Backups – Encrypted backups of the superQuery instance’s database, which includes saved Looks, query history, and user settings
  • Error emails – Errors from superQuery servers are generated for Engineering’s use to diagnose and improve the product (note that passwords and other private information is filtered out)
  • User admin emails – Mail generated from support@superQuery.io provides new account welcome emails, forgotten password reset links, and scheduled data delivery. If preferred, you can configure these emails to use your own SMTP service instead.
  • Support tickets – Support is provided on demand via an embedded chat client service through Intercom.

NOTE: By default, superQuery stores models in a secured GitHub repository.

superQuery’s Responsibilities

  • Cloud Security – superQuery uses Amazon Web Services and other hosting providers to offer industry-standard security, availability and durability of hosted superQuery implementations.
  • Product Security – superQuery is responsible for ensuring that the code quality for the superQuery application is developed according to industry-wide best practices for software development, and is regularly tested for vulnerabilities.
  • Corporate Security – superQuery is responsible for educating and disseminating security best practices throughout its organization, and ensuring that superQuery’s ancillary applications, systems, and networks are securely configured and monitored.
  • Physical Security – superQuery is responsible for monitoring the superQuery corporate facilities, and ensuring that both offices and hardware are protected.

Your Responsibilities

Cloud Security

You are responsible for configuring secure access between the superQuery application and your database. superQuery provides extensive recommendations on how to do this, including:

  • Enabling secure database access using tools like IP whitelisting, SSL/TLS encryption, and SSH tunneling.
  • Setting up the most locked-down database account permissions for superQuery that still allow it to perform needed functions.

Product Security

You are also responsible for controlling access and permissions for users of your superQuery instance within your company. We recommend:

  • Setting up user authentication using either a native username/password option or, preferably, using a more robust authentication mechanism like 2FA, LDAP, Google OAuth, or SAML.
  • Setting up the most restrictive user permissions and content access that still allow people to carry out their work, paying special attention to who has admin privileges.
  • Setting up any API usage in a secure way.
  • Regularly auditing any public access links your users create and restricting the permission to create them, as necessary.

Cloud Security Architecture

superQuery hosts its software on AWS Cloud Services, which means that as a superQuery customer, you’ll inherit the robust standards of cloud security maintained by AWS, which superQuery builds on top of for its own security best practices. superQuery also uses industry best practices for the development and testing of the superQuery application, ensuring that code quality meets our standards before becoming part of a superQuery release.

Cloud Infrastructure

AWS facilities

The superQuery application is managed on AWS Facilities which comply with over 50 data security certifications, regulations, and frameworks. Physical security is managed by AWS, with facilities monitored by video surveillance, and intrusion detection systems.

Physical separation of data

The superQuery application is hosted in a single-tenant environment physically separating the instances of superQuery customers from each other. The superQuery application is hosted in a single tenant AWS Availability Zone (AZ) environment by default. If you have specific availability needs, you can contact your Account Manager to request implementing the application in a cluster configuration.

Data Security Architecture

superQuery follows AWS best practices for security architecture. Proxy servers secure access to the superQuery application by providing a single point to filter attacks through IP blacklisting and connection rate limiting.

Redundancy

superQuery employs a Cloud-based distributed backup framework for superQuery-hosted customer servers.

Availability and durability

The superQuery application can be hosted in a variety of different AWS data centers across the globe.

Monitoring & Authentication

Access to a customer’s back-end servers

Access to superQuery-hosted back-end environment requires approval and multiple layers of authentication.

Access to a customer’s superQuery application

Employee access to customer superQuery instances is provided in order to support a customer’s needs. Access requires approval and multiple layers of authentication. Additionally, customers can control all access from superQuery to their application via a Support toggle.

Monitored user access

Access to your superQuery environment is uniquely identified, logged, and monitored.

Network and application vulnerability scanning

superQuery’s front-end application and back-end infrastructure is scanned for known security vulnerabilities at least monthly.

Centralized logging

Logs across the superQuery production and corporate environments are collected and stored centrally for monitoring and alerting on possible security events.

Reputation monitoring/threat intelligence

Collected logs and network activity are checked against commercial threat intelligence feeds for potential risks.

Anomaly detection

Anomalous activity, like unexpected authentication activity, triggers alarms.

Data Security Encryption

AES encryption

Application sensitive data stored locally including database connection configurations and cached query data is encrypted and secured using AES encryption.

Secure credential storage & encryption

Native username and passwords are secured using a dedicated password-based key derivation function (bcrypt) with hashing and salting.

TLS encryption

Data in transit is encrypted and secured from the user’s browser to the application via TLS.

SSL / SSH encryption

superQuery enables you to configure your database connection via encrypted TLS or SSH.

 

Product Security

Overview

Code development

Code development is done through a documented SDLC process which includes guidance on how code is tested, reviewed, and promoted to production.

Peer review and unit testing of code

Code is peer reviewed before being committed to the master code branch of the superQuery application. Functional and unit tests are performed using automated tools.

Routine developer training

Developers are regularly trained on secure coding practices.

Code quality tests

superQuery utilizes automated tests specifically targeting injection flaws, input validation, and proper CSRF token usage.

Regular third-party penetration testing

superQuery performs regular third-party penetration tests against the superQuery application and hosted environment.

Single sign on

superQuery provides SAML-based single sign on for users, offering support for SSO solutions from Google Apps, OneLogin, and SAML.

LDAP authentication

superQuery provides the ability to authenticate users based on Lightweight Directory Access Protocol (LDAP), enabling administrators to link LDAP groups to superQuery roles and permissions.

Two-Factor authentication

superQuery provides the ability to use two-factor authentication via Google Authenticator.

Corporate Security

superQuery works under robust security protocols to secure the superQuery Office premises and materials that contain sensitive information. superQuery also invests in properly vetting and training staff to ensure that there is an organization-wide appreciation for data security.

Personal & Third Parties

Security organization

Led by the Chief Security Officer (CSO), superQuery has an established a dedicated information security function responsible for security and data compliance across the organization.

Policies and procedures

superQuery maintains various security policies that are maintained, communicated, and approved by management to ensure everyone clearly knows their security responsibilities.

Background checks

New contractors and employees are required to pass a background check and sign confidentiality agreements.

Security awareness education

superQuery new-hires complete security training as part of the entry into the organization. Employees receive routine security awareness training and confirm adherence to Company security policies. superQuery employees are reminded of security best practices through informal and formal communications.

Vendor management

superQuery maintains a vendor management program to ensure that third-parties comply with an expected level of security controls.

Risk management

superQuery maintains a robust security risk management program. Our CSO chairs our internal quarterly Security Steering Committee.

Incident Response

On-call

superQuery’s Security and Operations team is available 24/7 to respond to security alerts and events.

Policies and procedures

superQuery maintains a documented incident response plan.

Incident response training

Employees are trained on security incident response processes, including communication channels and escalation paths.

superQuery Premises and Hardware

Monitoring and secure access to superQuery offices

superQuery offices are protected by security measures including security cameras.

Laptop protection

superQuery uses a combination of endpoint management tools to monitor, patch, and protect its laptop population. Laptops have encrypted hard drives and are protected with sign-on password. Also, an AV/HIDs solution is installed on laptops to protect against malware and monitor for possible security events.

 

Data Security, Privacy & Compliance

One of the priorities of superQuery’s security practices is to ensure that use of your data is transparent, safe, and respectful. To that end, superQuery maintains a Compliance team to perform regular assessments and ensure that risks are appropriately being mitigated and that controls are designed and operating correctly.

Please consult superQuery’s Privacy Policy if you don’t see your question answered here.

Data Security & Compliance

Healthcare data security compliance

superQuery customers include HIPAA Covered Entities and Business Associates. Since superQuery doesn’t extract your data, we don’t categorize data as sensitive, personal health information or according to other schemas. Instead, we handle all data according to the same security standards. superQuery will assist you to carry out HIPAA-related security obligations & compliance, which can include executing Business Associate Agreements as needed.

SOC 2 and ISO 27001 compliance

superQuery has a SOC 2 Type 1 report and and is collecting evidence for the Type 2 audit. We anticipate the Type 2 report being available in September, 2018. Following the SOC 2 Type 2 audit, superQuery will direct its attention towards ISO 27001.

Data Privacy

EU Compliance & GDPR Compliance

superQuery has many users in the European Economic Area and will work with you to assure database compliance with Personal Data handling requirements and cross-border transfer requirements under the EU Privacy Directive, and the new GDPR.

Determine where superQuery is hosted

superQuery lets you determine where your superQuery is to be hosted. Currently your superQuery hosted instance can reside in the US, Japan, Ireland, Australia, or Brazil.

Privacy Policy Privacy Policy

Last Updated: March 2019

THE EVALUEX IO Ltd. (“EVALUEX“, “We“, “Our” or “Us“) provides this Privacy Policy (along with Our Terms of Use) to inform any person (and or/entity and/or anyone on their behalf), uses Our internet website (the “Site“). This Privacy Policy details Our policies and procedures regarding the collection, use, and disclosure of personal information we receive from Users in order to use Our Services. The Services constitute a big data management solutions website (the “Services“). Your privacy is always a top priority for us. This Privacy Policy applies only to information that you provide to us through the Services.

We reserve the right to amend this Privacy Policy at any time at Our sole discretion. We will inform users of the Services of any such amendments to the Privacy Policy by posting an updated policy on the Site or sending them an e-mail, so they shall re-visit this page frequently. Such material changes will take effect seven (7) days after such notice was provided on our Site or sent via e-mail (to the extent that you provided us with such e-mail address), whichever is the earlier. In the event that the Privacy Policy should be amended to comply with any legal requirements, the amendments may take effect immediately, or as required by the law and without any prior notice. For the purposes of this Privacy Policy, users include anyone who accesses or registers to Our Services (together, “User” or “Users”). IF YOU DO NOT ACCEPT THE TERMS OF THIS PRIVACY POLICY, YOU MAY NOT ACCESS OR USE THE SERVICES.

1. Information We Collect

Personally Identifiable Information

  • During your use of our Services, we may collect certain information from you, including your first and last name, email address, social media profile, a mobile phone number. We may not, and do not, require a User to disclose more information than is reasonably necessary to access and use Our Services. Users are not required by law to provide such information but must provide it if they wish to become a registered User of the Services. In any event, if for any reason registered Users wish to delete or modify PII, they can change it by logging in to their account or sending us an e-mail with adequate detail of their request to support@superquery.io and we will make reasonable efforts to modify or delete any such PII pursuant to any applicable privacy laws. Note that unless otherwise explicitly specified herein and/or unless the Users instruct us otherwise, we may retain their PII for as long as reasonably required for the purposes for which such PII was collected, all as permitted under any applicable privacy laws.
  • Users can also open an account and signup to the Services via existing third-party social media accounts, such as Google (“Social Network Account”). In the event that a User registers to the Services through his/her existing Social Network Account then such Social Network Account provides us with access to certain information about such User as is stored in the User’s Social Network Account, namely, the User’s public profile and his/her list of friends and/or any other information which is detailed and displayed to the User in the notice which appears during the integration process with such Social Network Account. Please remember that the manner in which the applicable social network uses, stores and discloses your information is governed solely by its policies and Evaluex shall have no liability or responsibility for the privacy practices or other actions of the applicable social network that may be available within our Service.
  • We do not collect any PII from you or related to you without your approval, which is obtained, inter alia, through your active acceptance to the Terms and the Privacy Policy. Cookies

We may automatically collect information using “cookies.” Cookies are small data files stored on your hard drive by a website. Among other things, cookies help us improve our Services and your experience. We use cookies to see which areas and features are popular and to count visits to our Site. If you do not accept cookies, however, you may not be able to use all portions of the Site or all functionality of the Services.

Communications with us

Users may review, update, correct or delete the PII in their account by contacting us. If you completely delete all such information, then your account may become deactivated. If you would like us to delete your record in our system or stop sending you any information please contact us at support@superquery.io with a request that we delete your PII from our database. We may retain an archived copy of your records as required by law or for legitimate business purposes.

Other Websites and Third Party

This Privacy Policy applies only to the Site and the Services. The Site may contain links and references to websites of others. We may, from time to time, at Our sole discretion, add or remove links to other websites. These links are provided solely as a convenience to you, and access to any such websites is at your own risk. We may present links in a format that enables us to keep track of whether these links have been followed. In addition, third party companies and individuals which we use to perform our Services and other websites may place their own cookies or other files on Users’ computers or collect data or solicit PII directly from Our Users. We do not review, approve, monitor, endorse, guarantee, warrant, make any representations with respect to, nor are We responsible for, such links or websites. In no event, We will be responsible for the information contained in such links or websites, their practices or for your use of or inability to use such links or websites or their services, or transmissions received from such sites. BY USING THE SERVICE, YOU EXPRESSLY RELIEVE US FROM ANY AND ALL LIABILITY ARISING FROM YOUR USE OF ANY THIRD-PARTY WEBSITES OR SERVICES.

We do not sell, trade, or otherwise transfer to third parties your PII without your advance written consent. This does not include website hosting partners and other parties who assist Us in operating Our Site, conducting Our business, or serving Our Users (such as Google BigQuery), so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect our or others’ rights, property or safety. However, non-personally identifiable information and non-identifiable metadata may be provided to other parties for marketing, advertising or other uses without any notice or consent.

PII that Our Users provide to other websites or services (such as Google Big Query) may be sent to us in order to enable Our Users’ use of the Site. We process such information in accordance with this Privacy Policy. Other websites and services may have different privacy practices. We encourage Users to read the privacy policies and other terms and familiarize themselves with the privacy practices of the other websites or services before using their products or services. In this regard, if you have been referred to us by Google Big Query, you should review and accept their respective terms of service and privacy policy.

2. Use of Information We Collect

We may collect, store and use information Users provide to us on Our Site or Service in order to:

  • Enable Users to log-in into the Site;
  • Ensure all Users follow Our Terms and other rules and policies;
  • Ban a User temporarily or permanently for failure to follow Our Terms, rules, and policies, or for other misconduct or inappropriate behavior;
  • Respond to questions and comments from Users;
  • Provide Users with newsletters, updates, and other materials related to the purposes of the Site, or with information or offers from us or third parties that we believe Users may find useful or interesting;
  • Improve the functionality, design, and quality of the Site;
  • Caching User’s data, only to the extent we have been requested to do so by the User.

Service Providers and Other Third Parties

We may share non-personally identifiable information with third parties for industry analysis and other commercial purposes, or to deliver targeted advertising about other products and services. No such non-personally identifiable information that we provide to third parties will contain PII. It is important to note that we allow third party behavioral tracking.

Compliance with Laws and Law Enforcement

We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We may disclose any information about Users, including PII, to government or law enforcement officials or private parties where we are required to do so by law, including, but not limited to, in response to a court order. We may also disclose PII in response to a request by a law enforcement agency or other public agency or if we believe such disclosure may prevent or mitigate the threat of crime or harm to Users or others, facilitate an investigation related to a User’s safety or public safety, protect the security or integrity of Our Site, or enable us to take precautions against liability. This Privacy Policy will be governed by and construed in accordance with the laws of the State of Israel, notwithstanding choice or conflict of laws issues. If for any reason a court of competent jurisdiction finds any provision or portion of this Privacy Policy to be unenforceable, the remainder of the Privacy Policy will continue in full force and effect.

Email Messages (including Direct Marketing)

EVALUEX collects email addresses and phone numbers to send information, newsletters, offers of new or improved Services, advertising and also in order to respond to inquiries or other requests. EVALUEX will not use misleading or false information in the content of those emails, and it will be reasonably identifiable as advertising, as the case may be. You may withdraw your consent to the receipt of such messages by sending a written notice to our e-mail support@superqury.io or following the un-subscription instructions that may be provided therein.

International Transfer

Your information may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may be different than those in your jurisdiction. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

3. Security and How We Safeguard Information We Collect

The security of Users’ information is highly important to Us. We have put in place appropriate security systems designed to prevent unauthorized access to disclosure and use of information Users provide to us. These systems are structured to deter and prevent hackers and others from accessing this information. Due to the nature of Internet communications and evolving technologies, however, we cannot provide, and expressly disclaim, any assurance that the information provides to us will remain free from loss, misuse, or alteration by third parties who, despite Our efforts, obtain unauthorized access. In addition, We work to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input.

4. Inadvertent Disclosure of PII

You acknowledge and accept that, despite our efforts, there may be times or situations when your PII is inadvertently disclosed by Us or by a third party to whom we have disclosed Your PII. You hereby accept that risk and waive any and all claims, causes of action, damages and liability against Us in the event of inadvertent or negligent disclosure of PII.

5. Contacting Us

If you have any concerns or questions about this Privacy Policy, please contact us at support@superquery.io.

GDPR Compliance GDPR Compliance

One of the architectural benefits of the superQuery platform is that it creates a single, governed location for users to access data. This reduces data sprawl, leverages the world-class security of today’s most advanced databases, and gives administrators control over who’s accessing data and how long it’s cached for.

The superQuery platform helps businesses to empower users to analyze data and gain insights to drive business outcomes, but leaves control of your data where it belongs, in your hands.

superQuery holds two classes of data: information about superQuery users and the customer data necessary to answer users’ queries.

  1. Information about superQuery users includes end­-user login/registration information for superQuery users as well as metadata about their usage. Metadata is used to facilitate product improvements, customer support and license auditing. Login information is controlled by customers directly as it is entered on their superQuery instance and they can delete their users’ (i.e. their employees’) information at any time. We retain basic user contact information to send product updates, relevant marketing, training and events based on the users’ contact preferences.
  2. Once superQuery is connected to a customer database, the superQuery cache retains data from the customer’s database that is fetched in response to a users’ queries. This data is encrypted and stored by superQuery for a maximum of 360 days . If you prefer, you can also take additional steps to reduce the amount of time that query results are held in cache.

Yes. We retain basic user contact information to communicate with our users and customers about our product and security updates, relevant marketing, training and events. superQuery users may opt-out of communications by email to support@superquery.io.

superQuery-hosted instances are hosted in the Amazon Web Services cloud and Google cloud service.

At superQuery we are constantly updated with the developments in the privacy and security policies. Our data security program is designed to ensure that the policies, controls and processes are appropriate to the type of personal data and data processing collected. You can find our security policy here: https://web.superquery.io/security

As our customer, you remain in control of your data and data about your users. When you remove users from your superQuery instance, their data will be removed from superQuery’s databases within 30 days. If you wish to delete a superQuery user’s account data, we have a process to permanently anonymize the data.

If you would like superQuery to delete your customer data or superQuery user account detail, please send an email to support@superQuery.io.

Terms of use Terms of use

Last Updated: December 9, 2018

1. Introduction

    1. These Terms of Use (the “Terms“) along with the Privacy Policy govern the relationship between THE EVALUEX IO Ltd., a company incorporated under the laws of the state of Israel (“EVALUEX“, “our“, “we” or “us“), the owner and operator of a big data management solutions website (the “Services” and the “Site”, respectively), and any individual or entity who requests to use the Services (“You”).
    2. These Terms govern your access to use the Services, any information, text, graphics, or other materials appearing thereon, and any services provided or enabled therein (the “Materials”). Your access to use the Site is expressly conditioned on your compliance with these Terms.  By accessing or using the Site you agree to be bound by these Terms.
    3. EVALUEX may, at its sole discretion, change these Terms from time to time, including any other policies incorporated thereto, so please re-visit this page frequently. In case of any material change, we will make reasonable efforts to post a clear notice on the Site and/or will send you an e-mail (to the extent that you provided us with such e-mail address) regarding such change. Such material changes will take effect seven (7) days after such notice was provided on our Site or sent via e-mail, whichever is the earlier. In the event that the Terms should be amended to comply with any legal requirements, the amendments may take effect immediately, or as required by the law and without any prior notice. IF YOU DO NOT ACCEPT THE PROVISIONS OF THIS TERMS, YOU MAY NOT ACCESS OR USE THE SERVICES. If you violate any of these Terms, your permission to use the Services will automatically terminate. EVALUEX reserves the right to revoke your access to and use of the Services at any time, with or without cause.

EVALUEX also reserves the right to cease providing or to change the Services at any time and without notice.

2. Rules of Conduct

  1. You hereby agree and undertakes not to:
    1. Conduct any illegal, fraudulent, misleading, deceptive activities while using the Services;  
    2. Hold yourself out as sponsored by, endorsed by, or affiliated with the Services;
    3. Use any portion of the Services for uploading, posting, emailing, transmitting or otherwise making available messages that are harmful, threatening, abusive, vulgar, obscene, defamatory, libelous, hateful, or racially, ethnically or otherwise objectionable;
    4. Attempt to gain access to secured portions of the Services to which you have no permission to enter, including database, computer systems or servers;
        1. Upload or transmit any form of virus or other malicious code;
        2. Use any automatic or manual process to search or harvest information from the Site, to interfere in any way with the proper functioning of the Services, or engage in any activity that disrupts, diminishes the quality of, interferes with the performance of, or impairs the functionality of, the Services;
        3. You acknowledge the fact that EVALUEX may view, manage and alter your data and tables inserted by you to the Site.
        4. You acknowledge it is your full responsibility to back up all your data. EVALUEX shall not be responsible in any way for any data loss.
        5. Engage in any chain letters, contests, junk email, pyramid schemes, spamming, surveys, or other duplicative or unsolicited messages (commercial or otherwise).
        6. Use any trade name, trademark, or brand name of EVALUEX; copy, distribute, perform, transmit, modify, reuse or otherwise display the Materials, in whole or in part for public or commercial purposes or alter, modify or create any derivative works thereof, any material in a way that infringes Intellectual Property Rights (as defined below), of EVALUEX or any other third party.

3. Member Account

  1. In order to use the Service, you may be asked to create an account (“Member Account”). You may never use another’s Member Account without permission. As part of the registration process, you may be asked to select a username and password. You agree to provide true, accurate and complete information about yourself and maintain the accuracy of such registration data. Therefore: 
    1. You agree not to provide any information in any manner which may  infringe the copyright, trademark, trade secret, or other intellectual property or other proprietary right of others;  violate the privacy, publicity, confidentially or other rights of third parties; or be discriminatory, defamatory, obscene, threatening, abusive, or hateful, as determined by EVALUEX in its sole discretion.
    2. You agree that your use of the Services is at your own risk. You will be responsible for the confidentiality and use of your username and password and agree not to transfer or resell your use of or access to the Site to any third party.
    3. You agree to notify EVALUEX immediately of any unauthorized use of your password or any other breach of security. you are entirely responsible for maintaining the confidentiality of your username and password and for any and all activities that are conducted through your member account.

4. Privacy

  1. Your privacy is of top priority to Us. EVALUEX’s online Privacy Policy is incorporated herein by reference and describes the collection, use, and sharing of certain personally identifiable information that may be provided in connection with the use of the Site. Please read our Privacy Policy carefully, as it details all provisions regarding your privacy. We do not collect any PII from you or related to you without your approval, which is obtained, inter alia, through your active acceptance to the Terms and the Privacy Policy.
  2. You agree that in using the Services, we are permitted to display your name or logo as a user of our Services on our Site or on other marketing materials such as any social media in a manner that will be visible to other third parties.
        1.  

5. Intellectual Property

    1. You acknowledge and agree that EVALUEX and its licensors (as applicable) retain sole, full and exclusive ownership of all intellectual property rights of any kind related to the Services and related Materials, including copyrights, trademarks and other proprietary rights (“Intellectual Property Rights“). No license is granted hereunder to any Intellectual Property Rights. Other names and brands that are mentioned or displayed on the Services or in connection therewith may be trademarks of their respective owners and are to be treated accordingly.
    2. EVALUEX welcomes and encourages feedback, comments and suggestions for improvements to the Services (“Feedback“). You acknowledge and agree that all Feedback will be solely and exclusively EVALUEX’s property and You hereby irrevocably assign to EVALUEX all right, title, and interest that you may have in and to all Feedback, including without limitation all worldwide patent rights, copyright rights, trade secret rights, and other proprietary or intellectual property rights therein.
          1.  

6. Indemnity

You undertake to indemnify EVALUEX for any losses or damages resulting from any third party claims or complaints arising from, or in connection with your actions and activities on or in connection with the Services and/or breach of this Agreement.

7. No Warranty

    1. You hereby acknowledge and agree that EVALUEX and the Services are not responsible to provide any service other than the Services detailed herein.
    2. EVALUEX does not make any warranties that the Site will be secure or error free or that your use of the Site will meet your expectations, or that the Site, Materials, or any portion thereof, is correct, accurate, or reliable.
    3. The Services are provided “as is”, without warranty of any kind, either express or implied. Without limiting the foregoing, EVALUEX explicitly disclaims all warranties, express or implied, regarding the Services, including any implied warranty of quality, availability, merchantability, fitness for a particular purpose or non-infringement, and any warranties arising out of course of dealing or usage of any trade, including without limitation to the Services being free from defect or any virus, or any other malicious code.
    4. You hereby release evaluex from any damages, claims or other cause of action related in any way, directly or indirectly, to the services. evaluex makes no warranty that the services will meet your requirements or be available on an uninterrupted, secure, or error-free basis. evaluex makes no warranty regarding the quality of the services and any service associated therewith, or to the accuracy, timeliness, truthfulness, completeness or reliability of any content or service obtained thereby.
    5. You are solely and exclusively responsible for all your communications and interactions with EVALUEX, Services, or any other person or entity with whom you may communicate, interact or engage in connection with or as a result of your use of the Services.

8. Limitation of Liability

    1. Subject to applicable law, in no event shall EVALUEX be liable to you or any third party for any damages, whether direct, indirect or implied, including, without limitation, incidental, consequential, exemplary, special, or punitive damages, and including further, damages which may arise in connection with the Services. EVALUEX shall not be liable for any damages arising from any transaction or engagement between you and any third party or for any information provided by you or any third party.
    2. You hereby expressly agree that EVALUEX shall have the right, but not the obligation, at any time and at EVALUEX sole discretion, to take any action to monitor and record any interaction or engagement resulting from the use of the Services by you or any third party. To the full extent permitted by law, you hereby release EVALUEX from any claims or liability relating in any way thereto.
    3. The provisions of this section shall apply regardless of the nature of any claim, whether based on warranty, contract, tort, or any other legal or equitable theory, and whether or not evaluex is advised of the possibility of such damages.

9. Severability

In the event that any provision of these Terms is held to be invalid or unenforceable by a competent court, the remaining provisions of these Terms will remain in full force and effect.

10. Waiver

The failure of EVALUEX to enforce any right or provision of these Terms will not be deemed a waiver of such right or provision.

11. Arbitration and Controlling Law and Jurisdiction

    1. For any dispute, claim or controversy arising out of or in relation to these Terms or to the breach, termination, enforcement, interpretation or validity thereof, or to your access or use of the Site (together “Dispute”), you agree to first contact us and attempt to resolve the Dispute with us informally. If EVALUEX has not been able to resolve the Dispute with you informally, you and we agree to resolve any Dispute by binding individual arbitration. The arbitration shall be conducted in Israel.
    2. Nothing in this Section shall prevent EVALUEX from seeking injunctive or other equitable relief from the courts to prevent the actual or threatened infringement, misappropriation or violation of a copyrights, trademarks, trade secrets, patents, or other intellectual property rights and for matters related to data security or unauthorized access to the Site.
    3. These Terms will be governed by the laws of the State of Israel. You agree that the courts located in Tel-Aviv will have exclusive jurisdiction over any dispute between you and us.

12. Entire Agreement

These Terms are the entire and exclusive agreement, and replace any prior agreements, between EVALUEX and you regarding the subject matter hereof.

******

They say the first step is the hardest.

So we made it easy.

Free to get started. No credit card required.

  • © 2019 superQuery. All rights reserved.

By continuing to use the website, you consent to the use of cookies.