LogoLogo
About UsCustomersResourcesGet Started for Free
  • What is Select Star?
  • 🏁Getting Started
    • 1. Data Source Setup
    • 2. Mark Service Accounts
    • 3. Hide Unwanted Datasets
    • 4. Invite Owners
    • 5. Add Documentation
    • Next Steps
  • 🔄Integrations
    • Snowflake
      • Using Key Pair Authentication
      • Using Password Authentication
      • Snowflake Tag Sync
      • Snowflake Key Pair Rotation
    • Databricks
      • Databricks on AWS
      • Databricks on Azure
    • BigQuery
    • AWS Redshift
      • Manual setup
    • Microsoft SQL Server / MS SQL (beta)
      • Query Logs
    • MySQL (beta)
      • Query Logs
    • Oracle (beta)
      • Query Logs
    • Salesforce (beta)
    • DB2 (beta)
    • PostgreSQL
      • AWS Aurora PostgreSQL
      • AWS RDS PostgreSQL
      • PostgreSQL on-prem
    • AWS Glue (beta)
    • dbt
      • dbt Cloud
      • dbt Core (open source)
      • dbt Tags
      • dbt Tests
      • dbt docs Sync
        • Github dbt docs Sync
        • Bitbucket dbt docs Sync
      • dbt Impact Report
      • dbt Project Dependencies
    • Apache Airflow (beta)
    • Tableau
      • Tableau Cloud
      • Tableau Server
    • PowerBI
    • Looker
    • Metabase
    • Fivetran (beta)
    • Mode
    • Sigma Computing
    • Sisense / Periscope (beta)
    • Looker Studio (beta)
    • ThoughtSpot
    • QuickSight (beta)
      • Event Logs
    • Hex (beta)
    • Slack
    • Monte Carlo
    • Private Network
    • Request an Integration
  • ✨Features
    • Search
    • Table Page
    • Database Page
    • Dashboard Page
    • Data Lineage
    • Entity Relationship Diagram (ERD)
    • Queries & Joins
    • Tags
    • Teams
    • Discussion
    • Downstream Notifications
    • Documentation
      • Pages
      • Metrics
        • Metrics Generation
      • Glossary
    • Automated Documentation
    • User Analytics
    • Chrome Extension
      • Organization-wide install
    • Source Tables
    • Cost Analysis
    • Schema Change Detection
    • AI Features & Settings
      • Ask AI Chatbot
    • Request a Feature
  • 🧭Data Discovery
    • Where's my data?
    • Where's my dashboard?
    • How can I get the full context of this data?
    • My dashboard looks off
    • Change management
    • I'm new to the team
    • I have a data question
  • 🗃️Data Management
    • Add Documentation
      • CSV Metadata Upload
    • Collections
    • Tags
    • Data Ownership
    • Sensitive / PII Data
    • Automated PII Detection
  • 📚Learning Data
    • Getting Started: Looker
    • Getting Started: Mode
    • Getting Started: Tableau
    • Getting Started: Snowflake
    • Getting Started: Databricks
    • Getting Started: Data Warehouse
    • Getting Started: BigQuery
      • Nested Fields
    • Getting Started: Sigma
    • Getting Started: ThoughtSpot
  • 🛠️Data Source Management
    • Manage Data Sources
    • Connect Data Source Users to Select Star
    • Custom Attributes
    • Recent Queries
  • 👥User Management
    • Invite Users
    • Roles & Permissions
    • SAML SSO
    • Importing Roles and Teams (Okta)
    • Policy Based Access Control
    • Account and User Settings
  • 💻Select Star API
    • Overview
    • API Token
    • Getting Started
    • Rich Text Descriptions via API
    • Troubleshooting
    • API Examples
    • API Reference
  • 🔓Security & Compliance
  • ❓FAQ
    • Icon Map
  • 📰Changelog
    • May 20, 2025 - Chrome Extension, Notifications, and More!
    • April 16, 2025 - Semantic Models, AI Metrics, and More!
    • March 12, 2025 - Fivetran Integration, Tableau Updates and More!
    • February 6, 2025 - Collections, Slack App Published, Salesforce Formula Lineage and more!
    • December 10, 2024 - Hex Integration, Impact Score & Snowflake Key Pair Authentication!
    • November 13, 2024 - New Navigation, Airflow and More!
    • September 30, 2024 - Upstream Data Quality Issue Tracking & 5 New Integrations!
    • August 30, 2024 - Monte Carlo, dbt Cross-Project Lineage
    • July 31, 2024 - Glossary Import, Lineage Updates & more!
    • July 9, 2024 - Lineage Explorer 2.0, Slack AI and Notifications
    • February 29, 2024 - AI Chat, Schema Change Notifications
    • February 23, 2024 - Manual Lineage Creation
    • November 23, 2023 - Bulk AI Documentation
    • October 19, 2023 - Downstream Notifications
    • October 16, 2023 - New Homepage
    • October 13, 2023 - dbt Impact Report
    • Historical Changelogs
  • Security & Compliance
  • System Status
Powered by GitBook
On this page
  • System Metadata Only
  • Information Transfer & Processing Limitation
  • Sensitive / PII Tag
  • SOC 2 Compliance
  • Data Deletion Policy
  • Data Centers

Was this helpful?

Security & Compliance

Your privacy and security is our top priority. Check out this document to find see how serious we are about it.

PreviousAPI ExamplesNextFAQ

Last updated 1 year ago

Was this helpful?

From day one, Select Star was designed with data security and confidentiality in mind. As a data discovery platform that’s designed to consume metadata from multiple sources, Select Star applies the highest standards for secure data management and confidentiality protection for its users. Also, we believe it is our responsibility to be transparent with how we operate and govern our data collection and processing.

System Metadata Only

Select Star does not access your data values or run queries against your data. Select Star's access and data processing is restricted to system metadata and query logs only. When connecting to your data sources, we recommend creating a dedicated service account for Select Star with metadata-only roles and permissions as defined in our .

Information Transfer & Processing Limitation

Information
Example
Purpose

Metadata

Data object (schema, table, column, dashboard…) name, description, creation / update timestamp, system user information (name, email), etc.

Data catalog and metadata analysis

Query logs, activity logs

Executed SQL query history, dashboard query/view history, timestamp, user information (name, email), etc.

Data lineage and popularity modeling

System user

First name, last name, email, IP address

System user analysis, Select Star account record keeping

Sensitive / PII Tag

Although we do not have read access to your data values, sometimes Select Star and its users may be exposed to sensitive data. This can happen if a user-executed query Select Star has ingested exposes sensitive data values. For example, Select Star may ingest a query that was executed as “select * from Users where ssn=’123-45-5678’”.

To prevent this type of scenario, we recommend our customers tag their sensitive columns as “PII”. Once a column is tagged as PII, Select Star will remove any value from the query log before the query gets saved in Select Star for processing.

This way, no sensitive data values are transferred to Select Star and no organization user will encounter queries containing potentially sensitive values.

To learn more about using the PII tag in Select Star, see our .

SOC 2 Compliance

Select Star has completed SOC 2 Type II audit exam in Security, Confidentiality, and Availability criteria in May 2022.

SOC 2 is a Service and Organization Control (SOC) governance framework developed by the American Institute of CPAs (AICPA) on storing of private business and customer information by third-party service providers. SOC 2 specifically relates to data security for companies that store client information on cloud-based servers, and hence relevant for Software as a Service (SaaS) providers like Select Star.

Independent auditors use the SOC 2 framework to validate a company’s systems and controls with respect to information security. Upon completion of the audit and a thorough review of the evidence, the auditor issues a SOC 2 report detailing its findings and attestation on the company’s security controls related to areas such as:

  • Data encryption (in transit and at rest)

  • Third-party penetration testing

  • Least-privilege access controls

  • Audit logging

  • Endpoint monitoring

  • Internal corporate governance & policies

  • Risk management processes

  • Regulatory oversight

SOC 2 has more than 200 of these requirements and mandates long-term policy and procedures to better secure customer information through tightened internal control.

Select Star has completed SOC 2 Type II audit in Security, Confidentiality, and Availability criteria since May 2021. SOC 2 Type II audit requires all the controls and systems are effective over a designated period of time, and hence the SOC 2 Type II audit report provides a guarantee that there are organizational practices already running in place to safeguard the privacy and security of all customer information.

SOC 2 Type II audit report, 3rd party pentest report, and summary of technical and organizational security measures for Select Star are all available upon request under MNDA.

Data Deletion Policy

All customer data will be deleted either upon request or automatically following a termination or cancellation of a Select Star account. It may take up to 10 business days to complete the deletion.

Select Star users with an admin role can also remove a Data Source in Select Star application at any time. This will delete all of its metadata, query logs, and any user-created or Select Star-created metadata (i.e., description, comments, tags, popularity, lineage) from the Select Star application.

All customer data deletion is permanent. Once deleted, customer data cannot be restored.

Data Centers

Select Star uses Amazon Web Services (AWS) to host its cloud infrastructure. AWS is a secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help us continue to grow with our customers.

  • Physical and Environmental Security

  • Fire Detection and Suppression

  • Power

  • Climate and Temperature

  • Management

  • Storage Device Decommissioning

  • AWS uses the techniques detailed in NIST 800-88 (“Guidelines for Media Sanitization”) as part of the decommissioning process.

  • Amazon’s infrastructure fault tolerant design

  • Core applications are deployed in an N+1 configuration, so that in the event of a data center failure, there is sufficient capacity to enable traffic to be load-balanced to the remaining sites.

Customers can obtain further details of AWS’ compliance and security position via their website at:

AWS security and operational processes for its network and infrastructure services are documented in here: . This document includes an overview of AWS’s data centre controls, including:

🔓
Amazon Web Services: Overview of Security Processes
https://aws.amazon.com/compliance/
https://aws.amazon.com/security/
https://aws.amazon.com/compliance/eu-data-protection/
https://aws.amazon.com/compliance/shared-responsibility-model/
https://aws.amazon.com/compliance/pci-data-privacy-protection-hipaa-soc-fedramp-faqs/
docs
docs