Anomaly AI

Privacy Policy

Last Updated: 25 September, 2025

Introduction

Anomaly AI ("we," "us," or "our") provides a platform that allows users to upload spreadsheets (Excel/CSV) or connect to data warehouses (e.g., Google BigQuery, Snowflake, PostgreSQL) and generate interactive dashboards backed by verifiable SQL queries.

We take privacy seriously. This Privacy Policy describes the types of information we collect, how we use and protect it, and the rights available to you. By using our Services (the Anomaly AI application, website, and related integrations), you agree to the practices outlined here.

Information We Collect

1.1 Information You Provide Directly

  • Account Information: When registering, you provide your name, email address, and authentication credentials.
  • Uploaded Files: When you upload spreadsheets (Excel, CSV) we ingest the file contents, including all rows and columns, to enable analysis.
  • Database Connections: If you connect to a data warehouse (e.g., BigQuery), we store OAuth tokens or connection credentials securely to enable access.
  • Support Requests: Any information you provide through demos, support channels, or feedback forms.

1.2 Information Collected Automatically

  • Usage Data: IP address, browser type, operating system, pages visited, error logs, and session activity.
  • Cookies and Local Storage: Used for authentication, remembering preferences, and product analytics. You can control cookies through your browser.

1.3 Information From Third Parties

  • Warehouse Integrations: With your authorization, we pull schemas, metadata, and rows from BigQuery, Snowflake, or PostgreSQL.
  • Service Providers: We may receive diagnostic or analytics data from providers such as cloud hosting, monitoring, or billing partners.

How We Use Your Information

2.1 Service Delivery

  • File Analysis: We convert uploaded Excel/CSV files into structured formats (Parquet/SQL) to enable dashboards.
  • Warehouse Access: Using bigquery.readonly or equivalent scopes, we fetch rows from user-selected datasets.
  • Query Execution: Queries are executed locally against DuckDB or the connected warehouse.
  • Dashboard Generation: Results are visualized in interactive charts with options to trace rows and view SQL.

2.2 Limited Use of AI/LLMs

LLM Context Sharing: We do not share your full uploaded datasets with external large language models (LLMs). To generate SQL queries or analysis suggestions, we may provide:

  • Table schemas (column names and types).
  • Small row samples (typically 3–5 rows, purely for context).

No complete datasets, sensitive business content, or private rows are transmitted to external LLMs. Most processing happens within our infrastructure (DuckDB + SQL transformations).

2.3 Communication

We may contact you about service updates, onboarding, billing, or product improvements. Marketing communications are optional and can be unsubscribed from.

2.4 Compliance and Security

We may process data to comply with laws, detect misuse, prevent fraud, and enforce Terms of Service.

How We Share Your Information

  • Cloud Hosting & Storage: Data is stored in Azure Blob Storage and processed within our secure environment.
  • Service Providers: Third-party providers for hosting, analytics, monitoring, billing, and customer support. They are contractually obligated to follow strict data protection practices.
  • Legal Obligations: If required by valid legal request, court order, or government authority.
  • Business Transactions: In the case of a merger, acquisition, or transfer of assets.
  • De-identified Data: We may share aggregate, anonymized usage statistics for research or benchmarking.

We do not sell or share your personal data or uploaded datasets with advertisers.

Data Security

  • Encryption: All data in transit uses TLS; all data at rest (files, tokens, metadata) is encrypted.
  • Access Controls: OAuth tokens and file contents are stored securely; internal access is strictly limited.
  • Isolation: Each user’s projects and files are logically isolated.
  • Corruption Handling: Our infrastructure includes safeguards against data corruption and race conditions (e.g., connection pooling for DuckDB).

Your Rights and Choices

  • Access/Correction: You may update account information or request a copy of stored data.
  • Data Deletion: You can request deletion of your account and associated files. Once deleted, your dashboards and data are permanently removed.
  • Opt-Out: You may opt out of marketing emails. Essential system notifications (e.g., billing, security alerts) will still be sent.
  • Cookies: You can disable cookies via your browser, though some functionality may be impacted.

International Data Transfers

Your data may be stored or processed in regions outside your country. We implement safeguards (e.g., Standard Contractual Clauses) to ensure adequate protection.

Data Retention

  • Uploaded Files and Warehouse Data: Retained only while actively used in your projects. You may delete them at any time.
  • Account Metadata: Retained as long as your account is active or as required by law.
  • Row Samples for LLMs: Used transiently during query generation; not stored persistently.

Changes to This Privacy Policy

We may update this Policy periodically. Changes will be posted with a revised “Last Updated” date. Significant changes will be communicated via email or in-app notice.

Contact Us

For questions, concerns, or requests, please contact us:

[email protected]