Privacy

Privacy is becoming increasingly important when it comes to data processing and analysis. SingleStore is both GDPR and CCPA compliant and are sensitive to the privacy challenges our customers face. Below are some key questions and answers regarding data privacy as it relates to SingleStore Helios. To receive additional information, or to pose a question not answered here, please contact privacy@singlestore.com.

Who has access to my data and is the access GDPR compliant?

Site Reliability Engineers (SREs) perform much of the infrastructure and engineering work to ensure that your database, and our SingleStore Helios offering, remain operational. The responsibilities of this role are similar for all products like our SingleStore Helios. Access is both strictly monitored and frequently reviewed. Access to end-user data for the purpose of maintenance or debugging is sometimes required, and you may request to be notified about these actions. Aside from this rare occurrence, SREs will never access end-user data housed within SingleStore Helios.

Our Support team may also require access to your workspace and/or data to troubleshoot and remediate issues, but this action would be undertaken at your explicit request via support ticket. You may request to be notified about these actions as well.

This access is permitted under Article 32 of GDPR to maintain service continuity and the security and integrity of your data.

Do we need to change all our customer contracts if we start using SingleStore?

SingleStore is considered a “data processor” when customers use our SingleStore Helios to house their data and that of their end-users. In accordance with GDPR Article 15(1), it is required to disclose "the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations." Under GDPR, while the customer, or data controller, must maintain a list of data processors, disclosing this list to customers is not required. Instead, customers only need to be made aware that data processors are used. If a contract already includes this stipulation, then no additional changes to the contract are required.

Last modified: June 22, 2022

Was this article helpful?