Privacy Policy

At Datums Space, we believe that your data is your own. We designed our Platform with a local-first architecture to give you complete control and custody of your information. This Privacy Policy explains our commitment to privacy and how your data is handled when using Datums Space.

1. The Local-First Principle: No Raw Data Collection

Our core product philosophy is that your business and analytics data should never leave your local computer unless you explicitly direct it to. Under standard operations:

• No Uploads: Datums Space does not collect, store, or transmit your raw data records, spreadsheets, PDFs, database indexes, or schemas to our servers.
• In-Browser Sandboxing: All data parsing (OCR engines, CSV ingestion) and analytical queries run entirely client-side inside a sandboxed browser context.
• Local Cache: Your data remains cached in IndexedDB and local filesystem directories controlled entirely by your browser security parameters.

2. Cloud Sync & Firebase Scope

If you explicitly activate the Cloud Sync or Firebase Sync feature, the Platform connects to your organization's designated cloud endpoint. When sync is active:

• User-Configured Credentials: Data is synchronized directly to your company's private cloud tenant (e.g. Firebase instance or VPC Proxy). Datums Space does not host or access these databases.
• Transport Security: All synced metadata and logs are encrypted in transit using secure HTTPS/TLS layers.
• Granular Controls: You can define sync scopes, toggle R&D vs PROD parameters, and restrict sync boundaries directly from your admin console.

3. Privacy Lab & Anonymization

The Platform includes a built-in Privacy Lab designed to help you maintain regulatory compliance (GDPR, HIPAA). Using these tools, you can configure:

• PII Scrubbing: Mask or redact personally identifiable information (PII) like emails, phone numbers, and names at the browser level before any data is exported or synchronized.
• PHI Encryption: Secure protected health information (PHI) fields using strong client-side cryptography keys managed solely by your organization.

4. Analytical Telemetry

To improve software performance, we may collect minimal, non-identifiable usage statistics (e.g., whether local DuckDB compiles successfully, session duration, and feature access frequencies). We do not collect query parameters, database schemas, or record contents under any telemetry protocols.

5. Your Rights

Because your data is stored locally, you have direct, unilateral control over it. You can erase all sandboxed datasets, cached schemas, and local databases at any time by clearing your browser's application cache or deleting the workspace database from your browser settings.

6. Changes to this Policy

We may update this Privacy Policy to reflect modifications to our local or cloud sync modules. Any changes will be posted on this page with an updated "Last Updated" date.

7. Contact Us

For questions regarding our privacy architecture, local-first custody scopes, or audit dossiers, please contact us at privacy@datums.space.