Sign inTry Free

Privacy

On this page

Privacy is becoming increasingly important when it comes to data processing and analysis. SingleStore is both GDPR and CCPA compliant and are sensitive to the privacy challenges our customers face. Below are some key questions and answers regarding data privacy as it relates to SingleStore Helios. To receive additional information, or to pose a question not answered here, please contact privacy@singlestore.com.

Who has access to my data and is the access GDPR compliant?

Site Reliability Engineers (SREs) perform much of the infrastructure and engineering work to ensure that your database, and our SingleStore Helios offering, remain operational. The responsibilities of this role are similar for all products like our SingleStore Helios. Access is both strictly monitored and frequently reviewed. Access to end-user data for the purpose of maintenance or debugging is sometimes required, and you may request to be notified about these actions. Aside from this rare occurrence, SREs will never access end-user data housed within SingleStore Helios.

Our Support team may also require access to your workspace and/or data to troubleshoot and remediate issues, but this action would be undertaken at your explicit request via support ticket. You may request to be notified about these actions as well.

This access is permitted under Article 32 of GDPR to maintain service continuity and the security and integrity of your data.

Do we need to change all our customer contracts if we start using SingleStore?

SingleStore is considered a “data processor” when customers use our SingleStore Helios to house their data and that of their end-users. In accordance with GDPR Article 15(1), it is required to disclose "the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations." Under GDPR, while the customer, or data controller, must maintain a list of data processors, disclosing this list to customers is not required. Instead, customers only need to be made aware that data processors are used. If a contract already includes this stipulation, then no additional changes to the contract are required.

Last modified: June 22, 2022

Was this article helpful?

On this page

Was this article helpful?

Verification instructions

Note: You must install cosign to verify the authenticity of the SingleStore file.

Use the following steps to verify the authenticity of singlestoredb-server, singlestoredb-toolbox, singlestoredb-studio, and singlestore-client SingleStore files that have been downloaded.

You may perform the following steps on any computer that can run cosign, such as the main deployment host of the cluster.

  1. (Optional) Run the following command to view the associated signature files.

    curl undefined

  2. Download the signature file from the SingleStore release server.

    • Option 1: Click the Download Signature button next to the SingleStore file.

    • Option 2: Copy and paste the following URL into the address bar of your browser and save the signature file.

    • Option 3: Run the following command to download the signature file.

      curl -O undefined

  3. After the signature file has been downloaded, run the following command to verify the authenticity of the SingleStore file.

    echo -n undefined |
        cosign verify-blob --certificate-oidc-issuer https://oidc.eks.us-east-1.amazonaws.com/id/CCDCDBA1379A5596AB5B2E46DCA385BC \
          --certificate-identity https://kubernetes.io/namespaces/freya-production/serviceaccounts/job-worker \
          --bundle undefined \
          --new-bundle-format -
    Verified OK