Security and Compliance

Where is data hosted?

All data remains within the customer’s Sisense environment and is never transmitted to external servers by QBeeQ plugins.

Do you ever access our data?

By default, QBeeQ does not access, collect, transmit, or store any of your data. All data processing happens entirely within your Sisense environment, and no data is ever sent to third parties. We only access your data if you explicitly grant permission—for example, during a support session, troubleshooting, or a professional services engagement involving Sisense or Snowflake. Even in those cases, access is limited, temporary, and solely to resolve the issue or deliver the requested service.

What happens to our data if we uninstall your plugin or cancel service?

Since we do not store or access data externally, there is no data to delete on our side. Once uninstalled, the plugin ceases to interact with your environment.

How do you handle customer data privacy?

We operate under a data-minimization principle. Since no customer data leaves your Sisense environment, there is no external exposure. Our internal policies also reflect strong commitments to privacy and security best practices.

Do your plugins support Data Security rules?

Yes. Our plugins inherit and fully comply with Sisense's data security rules.

Do your plugins support Role-Based Access Control (RBAC)?

Yes. Our plugins inherit and fully comply with Sisense's user roles and permissions. Some plugins have additional layers of configurable access control.

Do you support SSO or authentication protocols?

Yes. Authentication and access are managed through Sisense, which supports SSO and industry-standard protocols.

How does QBeeQ handle API keys or configuration data?

Most of our native plugins do not require API keys, and all configuration is stored locally within your Sisense environment. In cases where a plugin uses a third-party service (e.g., Super Map with Mapbox), you may need to provide your own API key. These keys are only used to enable the third-party service and are never transmitted or stored by QBeeQ.

Can plugins be disabled or removed easily if needed?

Yes. Plugins can be disabled or removed at any time through the Sisense plugin directory.

How do you ensure your plugins work with the latest version of Sisense?

We actively test all plugins against the latest Sisense releases (including betas, when available) to ensure full compatibility. We also monitor Sisense’s release notes and work closely with their R&D team to stay ahead of platform changes.

How do you ensure your plugins don’t impact Sisense performance?

We actively test all plugins against the latest Sisense releases to ensure no performance degradation is introduced. All plugins are developed following Sisense’s plugin development standards.

Are your plugins reviewed by Sisense before release?

Sisense reviews all new plugins for security, stability, and platform compatibility before they are made available. For updates to existing plugins, Sisense does not typically conduct reviews unless they determine it’s necessary. QBeeQ relies on our own development and testing processes to ensure that updates do not introduce new issues or vulnerabilities.

What is your patch and update policy?

We use a rolling update model and release improvements continuously. Issues reported through our Support team are categorized and responded to per our SLA.

How do you manage updates and vulnerabilities?

We maintain close coordination with Sisense Support and R&D teams to ensure ongoing compatibility and to address vulnerabilities as soon as they arise.

Are you SOC 2, ISO 27001, or GDPR compliant?

QBeeQ is not currently SOC 2 Type II or ISO 27001 certified. However, our plugins run entirely within a customer’s Sisense environment and do not send data out for any processing externally. As such, they fall under Sisense's certifications.

Do you conduct third-party audits or assessments?

Yes. We periodically work with external security consultants to review our security practices, especially during major updates or product changes.

Can you provide a security assessment questionnaire?

Yes. If you would like us to complete a security questionnaire, you can send the request to info@qbeeq.io