Privacy Policy

Last updated: December 26, 2025

This policy is provided in English. In case of any discrepancy between translated versions, the English version shall prevail.

1. Introduction

Welcome to Datalic ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered data analytics platform.

By using Datalic, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Name (if provided)
  • Password (securely hashed)
  • Profile information you choose to provide

2.2 Data You Upload or Connect

Depending on how you use Datalic, we may process:

Files & Cloud Sheets (CSV, Excel, Google Sheets, OneDrive)

When you upload files or connect cloud spreadsheets, we securely store your data in encrypted form to enable analysis and visualization. This data is stored on our secure servers.

Database Connections (PostgreSQL, MySQL, BigQuery, etc.)

When you connect databases, we only store your connection credentials (securely encrypted). We never store your actual database data. All queries run directly on your infrastructure in real-time, ensuring your sensitive data never leaves your servers.

2.3 Usage Information

We automatically collect:

  • Log data (IP address, browser type, pages visited)
  • Device information
  • Analytics queries you make
  • Features you use

2.4 Third-Party Integrations

When you connect third-party services (Google Sheets, OneDrive), we receive:

  • OAuth access tokens (to access your data with your permission)
  • Basic profile information (email, name) from the provider
  • List of files/spreadsheets you authorize us to access

3. How We Use Your Information

We use your information solely to provide and improve the specific features you explicitly request:

  • Provide and maintain our AI analytics services
  • Process your data queries and generate insights you request
  • Create visualizations and reports based on your instructions
  • Send service updates and support communications
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

Important: Data obtained via third-party integrations (Google, Microsoft) is used exclusively to provide the user-facing features you explicitly request and is never used for analytics, advertising, profiling, or AI model training.

4. Data Security

We implement industry-standard security measures:

  • Encryption in Transit: All data is encrypted using TLS 1.3
  • Encryption at Rest: All stored data is encrypted using AES-256
  • SOC 2 Type II Certified: Regular third-party security audits
  • Access Controls: Strict role-based access to systems
  • Secure Infrastructure: Hosted on AWS with enterprise-grade security

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security but continuously work to improve our security measures.

5. Data Sharing

We do not sell your personal data or share it with third parties for marketing or advertising purposes.

We may share information with:

  • Service Providers: Cloud hosting (AWS), payment processing (Stripe), email services—all bound by confidentiality agreements
  • AI Model Providers: We use OpenAI and Anthropic APIs to power our AI features. Your queries are processed in real-time solely to provide the analytics functionality you request
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with mergers or acquisitions

Google & Microsoft User Data Restriction

We do not share Google or Microsoft user data with any third parties except where strictly required to provide the core functionality you explicitly request (i.e., processing your query in real-time). Google and Microsoft user data is never sold, used for advertising, or transferred for purposes unrelated to providing our service.

6. Third-Party Services

Our service integrates with:

  • Google (Google Sheets): We request read-only access to your spreadsheets. We access only the files you explicitly select.
  • Microsoft (OneDrive): We request read-only access to your Excel files. We access only the files you explicitly select.
  • Stripe: For payment processing. We do not store your credit card information.

You can disconnect these integrations at any time from your account settings.

7. Google API Services User Data Policy & Limited Use Disclosure

Datalic's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

We only access, use, store, or share Google user data to provide or improve user-facing features that are explicitly requested by you within the Datalic application.

What We Access

When you connect your Google account, we request access to:

  • Google Drive (read-only): To list and display your Google Sheets files for selection
  • Google Sheets (read-only): To read the content of spreadsheets you choose to analyze

How We Use Google Data

Google user data is used exclusively for the following purposes:

  • Display available Google Sheets in our file picker when you request to connect a spreadsheet
  • Read spreadsheet content in real-time to answer your natural language queries
  • Generate charts and insights based on your explicit requests

Limited Use Requirements Compliance

Datalic strictly complies with Google's Limited Use requirements:

  • We limit use to providing user-requested features: Google user data is used solely to provide or improve the data analytics features you explicitly request within Datalic
  • We do not use Google data for advertising: Google user data is never used for serving ads, including retargeting, personalized, or interest-based advertising
  • We do not sell Google data: Google user data is never sold to third parties
  • We do not use Google data for profiling: Google user data is never used to build user profiles for purposes unrelated to the core functionality you requested
  • We do not use Google data for analytics or marketing: Google user data is not used for our own analytics, market research, or marketing purposes
  • We do not use Google data to train AI models: Google user data is never used to train, improve, or develop AI/ML models
  • Human access is restricted: Humans do not read Google user data unless you have given affirmative consent, it is necessary for security/abuse investigation, it is required by law, or it is aggregated and anonymized for internal operations

Data Retention for Google User Data

Google user data is accessed and processed in real-time only when you actively use the Google Sheets integration. We retain Google user data only for as long as necessary to provide the functionality you explicitly request. You can delete your connected Google data at any time from your account settings, and upon disconnection, all cached Google data is immediately removed from our systems.

Revoking Access

You can revoke Datalic's access to your Google account at any time:

  1. Visit Google Account Permissions
  2. Find "Datalic" in the list of connected apps
  3. Click "Remove Access"

8. Microsoft API Services Data Policy & Data Protection Disclosure

Datalic's use and transfer of information received from Microsoft APIs adheres to the Microsoft API Terms of Use and Microsoft's data protection requirements.

We only access, use, store, or share Microsoft user data to provide or improve user-facing features that are explicitly requested by you within the Datalic application.

What We Access

When you connect your Microsoft account, we request access to:

  • Files.Read.All: To list and read your OneDrive files, including Excel spreadsheets
  • User.Read: To read your basic profile information (name, email)
  • offline_access: To maintain your connection without requiring frequent re-authentication

How We Use Microsoft Data

Microsoft user data is used exclusively for the following purposes:

  • Display available Excel files from your OneDrive in our file picker when you request to connect a spreadsheet
  • Read Excel file content in real-time to answer your natural language queries
  • Generate charts and insights based on your explicit requests

Data Protection Compliance

Datalic strictly complies with Microsoft's data protection requirements:

  • We limit use to providing user-requested features: Microsoft user data is used solely to provide or improve the data analytics features you explicitly request within Datalic
  • We do not use Microsoft data for advertising: Microsoft user data is never used for serving ads, including retargeting, personalized, or interest-based advertising
  • We do not sell Microsoft data: Microsoft user data is never sold to third parties
  • We do not use Microsoft data for profiling: Microsoft user data is never used to build user profiles for purposes unrelated to the core functionality you requested
  • We do not use Microsoft data for analytics or marketing: Microsoft user data is not used for our own analytics, market research, or marketing purposes
  • We do not use Microsoft data to train AI models: Microsoft user data is never used to train, improve, or develop AI/ML models
  • Human access is restricted: Humans do not read Microsoft user data unless you have given affirmative consent, it is necessary for security/abuse investigation, it is required by law, or it is aggregated and anonymized for internal operations

Data Retention for Microsoft User Data

Microsoft user data is accessed and processed in real-time only when you actively use the OneDrive/Excel integration. We retain Microsoft user data only for as long as necessary to provide the functionality you explicitly request. You can delete your connected Microsoft data at any time from your account settings, and upon disconnection, all cached Microsoft data is immediately removed from our systems.

Revoking Access

You can revoke Datalic's access to your Microsoft account at any time:

  1. Visit Microsoft Account Permissions
  2. Find "Datalic" in the list of connected apps
  3. Click "Remove Access"

9. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct your information
  • Deletion: Request deletion of your account and data
  • Portability: Export your data in a machine-readable format
  • Objection: Object to certain processing activities
  • Withdraw Consent: Disconnect third-party integrations at any time

To exercise these rights, contact us at support@datalic.ai.

10. Data Retention

We retain your data for as long as your account is active or as needed to provide services. When you delete your account:

  • Your personal data is deleted within 30 days
  • Your uploaded files and analysis history are permanently deleted
  • Some anonymized, non-third-party-integration usage data may be retained for internal service improvement
  • We may retain certain data as required by law

Important: Google user data and Microsoft user data are never retained for analytics or any purpose beyond providing the immediate functionality you request. This data is processed in real-time and is not stored after your session ends, except as needed to maintain your active connection preferences.

11. International Data Transfers

Your data may be processed in countries outside your residence, including the United States and European Union. We ensure appropriate safeguards are in place, including Standard Contractual Clauses for transfers outside the EEA.

12. GDPR Compliance (EU Users)

For users in the European Economic Area, we process data under the following legal bases:

  • Contract: To provide our services to you
  • Legitimate Interest: To improve our services and prevent fraud
  • Consent: For optional features and third-party integrations
  • Legal Obligation: To comply with applicable laws

13. Children's Privacy

Datalic is not intended for children under 16. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

15. Contact Us

If you have questions about this Privacy Policy, please contact us:

← Back to Home
Datalic - AI Data Analytics | Talk to Your Data