Product

AI Analyst Vibe Reporting Confidence & Citations AI Memory Connectors
Pricing Security About Blog Documentation

Compare — AI Analysts

vs Zenlytic vs Hex vs Kaelio

Compare — Traditional BI

vs ThoughtSpot vs Tableau vs Power BI vs Looker vs Looker Studio vs Metabase vs Mode

Compare — Data integration

vs Coupler.io

Solutions

Marketing Teams Sales Teams Finance Teams Product Teams Executives
Sign in
Security

Security isn't a feature.
It's the foundation.

Klairr is the AI Analyst for teams that take data seriously. Every layer — from how we query your data to how we store credentials — is designed around a simple principle: your data stays yours.

Read-only
Encrypted
Audit trail
SOC 2 ready
GDPR compliant
Start free
audit.log live
12:04:32 QUERY answered — High confidence
12:04:33 BLOCKED write attempt denied
12:04:35 SESSION verified — Admin
12:04:38 QUERY answered — High confidence
12:04:41 LIMIT spend check — passed
12:04:44 QUERY answered — Check confidence
12:04:46 MEMORY term updated — admin action logged
12:04:49 BLOCKED destructive operation rejected
12:04:52 REPORT generated — shared with org
12:04:55 SESSION new login — Analyst
12:04:58 LIMIT cost estimate — approved
12:05:01 QUERY answered — High confidence
12:05:04 QUERY answered — High confidence
12:05:05 BLOCKED write attempt denied
12:05:07 SESSION verified — Admin
12:05:10 QUERY answered — High confidence
12:05:13 LIMIT spend check — passed
12:05:16 QUERY answered — Check confidence
Verify with AI

Don't take our word for it. Ask your AI to summarise this page.

We're an AI Analyst — we know how you do research now. Open this page in the assistant of your choice and ask it to read, summarise, or stress-test our security posture in plain English.

Ask Claude Ask ChatGPT Ask Gemini Ask Perplexity

Core principles

Your data stays yours

We never copy your database. Your full datasets remain in your own infrastructure.

We don't replicate your databases

Klairr connects to your data sources with read-only credentials and runs queries on demand. We don't copy, replicate, or migrate your full datasets — only the question, the generated query, and a small result sample needed to display the answer are stored.

Write operations are impossible

INSERT, UPDATE, DELETE, and DROP are blocked at the application layer before reaching your database. We recommend read-only credentials as a second line of defense.

Minimal data retention

Only question text, metadata, and a small sample of query results are persisted. Full datasets remain in your own systems at all times.

No AI training on your data

Our AI provider's terms explicitly prohibit using customer inputs or outputs for model training. Your business data is never used to improve any AI model.

Encrypted end to end

Strong TLS in transit. Industry-standard encryption for credentials at rest. All application data encrypted with tenant-level isolation.

SOC 2 ready

Audit logging, role-based access controls, and encryption are in place today. Our controls and policies are mapped to SOC 2 Trust Services Criteria; we have not yet completed a Type I or Type II audit.

Tenant isolation

Every organization is fully isolated. Separate credentials, scoped data access, and independent AI Memory per tenant.

GDPR compliant

Data-processing practices compliant with GDPR. Article 28 Data Processing Agreement available. Data subject rights supported.

Access control

Granular permissions by role

Four roles with scoped permissions. Every user sees only what they need.

Admin
  • Full admin access
  • User & role management
  • Connector configuration
  • GRC audit dashboard
  • AI Memory management
  • Spend limit controls
Power User
  • Ask questions across connectors
  • Query editor
  • Create & share reports
  • Configure AI Memory
  • View usage analytics
Analyst
  • Ask questions
  • Save & share reports
  • Query editor
  • Access assigned connectors
Member
  • Ask questions
  • View shared reports
  • Access assigned connectors

Governance

Full visibility. Complete control.

Built-in governance gives admins a real-time view of every question asked, every action taken, and every risk signal detected.

Complete audit trail

Every question, query, data source, user, and timestamp is logged and searchable. No action goes unrecorded.

Admin action logging

User management changes, connector modifications, AI Memory edits, and role assignments are tracked with full attribution.

Risk signal detection

Automated monitoring surfaces anomalies — unusual query patterns, low-confidence streaks, and access irregularities.

Compliance export

Export audit logs as CSV for external compliance tools, SOC reviews, or internal reporting. Filter by date range for targeted investigations.

Connector-level permissions

Control which data sources each role can access. Production connectors are flagged with a visual warning to reinforce awareness.

Cost controls

Per-query and daily spend limits enforced by role. Query cost estimation and dry-run mode prevent runaway costs before execution.

AI safety

AI you can verify

Every AI-generated answer is grounded in real data, scored for confidence, and fully transparent. Nothing is fabricated. Nothing is hidden.

Grounded answers only

Every answer is traceable to a real query against your actual data. If the data isn't there, Klairr says so. Fabrication is architecturally prevented.

Confidence scoring

Every answer receives a confidence assessment — High, Check, Low, or Failed — with an explanation. Users see answer quality before acting on it.

Full query transparency

Every answer shows its work. Power users can inspect, edit, and re-run the underlying query. Nothing is hidden behind a black box.

Query guardrails

Generated queries are validated before execution. DML and DDL are blocked. Automatic LIMIT injection and byte budgets prevent excessive data retrieval.

Compliance

Regulatory readiness

Klairr is built to meet the compliance requirements of regulated industries. All legal documents are publicly available.

GDPR

Data processing under GDPR Article 28. Data subject rights (access, deletion, portability) supported. Data Processing Agreement available.

Data Processing Agreement

Standard DPA available for all customers. Covers data processing terms, sub-processor disclosure, and breach notification procedures.

View DPA →

Privacy Policy

Transparent documentation of what data we collect, why, and how long we retain it. Updated regularly as our practices evolve.

View Privacy Policy →

Terms of Service

Clear terms governing product use, data ownership, liability, and SLA commitments.

View Terms →

FAQ

Common security questions

Does Klairr store my company data?
No. Klairr queries your data sources in real time using read-only connections. Only question text, metadata, and a small result sample are stored. Your full datasets remain in your own infrastructure.
Does the AI train on my data?
No. Our AI provider's terms explicitly prohibit using customer inputs or outputs for model training. Your questions, answers, and business data are never used to train any AI model.
Can Klairr modify my database?
No. All write operations (INSERT, UPDATE, DELETE, DROP) are blocked at the application layer before they reach your database. We strongly recommend providing read-only credentials as an additional safeguard.
Is Klairr GDPR compliant?
Yes. Klairr's data-processing practices are GDPR compliant. We offer an Article 28 Data Processing Agreement, support data subject rights including access, deletion, and portability, and use Standard Contractual Clauses for any transfers outside the EU.
Is Klairr SOC 2 certified?
Klairr is SOC 2 ready: our controls and policies — including audit logging, role-based access, encryption in transit and at rest, and tenant isolation — are mapped to the SOC 2 Trust Services Criteria. We have not yet completed a Type I or Type II audit. Enterprise prospects evaluating procurement can contact security@klairr.com for our current control documentation.
Where can I find your legal documents?
Our Terms of Service, Privacy Policy, and Data Processing Agreement are all publicly available. Links are provided in the Compliance section above and in our website footer.
Who do I contact about security concerns?
Reach out to security@klairr.com. We respond to all security inquiries within one business day.

Ready to evaluate Klairr for your organization?

Our team is available to discuss security architecture, compliance requirements, and deployment options in detail.

Start free

No credit card required