Add Maple

Security & Privacy

How we protect and secure your data

At AddMaple, we take the security of your data extremely seriously. Here is an overview of our approach. If you need further assistance, please contact us.

  • Confidentiality: Your data remains on your computer and is not uploaded to the cloud. Each time you load a project in AddMaple, we read from the data afresh from your computer. If you connect data via Google Drive, or services like Typeform, the connection needs to be 'live' in order for AddMaple to read the data.
  • Column-level AI: If you choose, we make available AI features that use OpenAI's API. These features are opt-in and you choose exactly what data gets shared with OpenAI, for example if you want a text column summarized then ONLY the data from that specific column will interact with OpenAI's service. We have a commercial contract with OpenAI which ensures that your data is not saved by them or used for training any models.
  • Column-level Encryption: AddMaple gives teams granular control over sensitive data with column-level encryption, allowing them to analyze what’s needed while keeping sensitive fields protected. For example, teams can segment users for personalized communication, analyzing purchase trends while keeping names and emails encrypted - only decrypting when necessary. We balance the needs of data governance, compliance, security and help teams extract insights in regulated industries.
  • Integrity: AddMaple operates in a read-only mode to preserve the raw data integrity. Any changes, like column title modifications, are stored separately. AddMaple is non-destructive.
  • Encryption: We use TLS 1.2 with modern ciphers. Any metadata stored in the cloud is encrypted at rest. We have a Qualys A+ rating.
  • Security Measures: We conduct automated vulnerability checks and regular penetration testing, along with other standard security mitigations.
  • Data Protection: AddMaple is fully compliant with GDPR and is registered with the ICO (Reg No. ZB563233).
  • Information Security: Our internal processes follow the best practices from ISO27001.
  • Authentication:  We support Google SSO for all accounts, and other SSO providers for business accounts. 
  • Access Control: For business accounts we support admin and analyst accounts to simplify and provide control over datasets centrally.
  • Performance and Scalability: AddMaple is optimized for speed, handling millions of rows and hundreds of megabytes efficiently in-browser, outperforming traditional spreadsheets and BI tools. Our serverless platform facilitates zero downtime deployments, targeting 99.99% uptime.
  • Support and Maintenance: Business customers enjoy premium support with fast email responses, video calls, and assistance with specific datasets.
  • Disaster Recovery and Data Backup: Cloud-stored metadata is replicated to another region for disaster recovery. Our system is resilient to failures and can be ported to an alternative cloud platform if needed.

AddMaple Trust Center

Product Security

  • Audit Logging
  • Web Application Firewall
  • Secure Development Lifecycle
  • Regular Penetration Testing

Authentication

  • Google SSO
  • Enterprise SSO
  • Email - via magic link - no passwords stored

Authorization

  • Each account is by default fully private
  • Opt in sharing of charts
  • Opt in sharing of reports which can be password protected
  • Team accounts can share data within the team

Data Privacy

  • ICO Registered
  • GDPR Compliant
  • No tracking cookies
  • No external analytics

Infrastructure

  • AWS - SOC2 & ISO27001 compliant
  • Vercel - SOC2 & ISO27001 compliant
  • OpenAI - SOC2 & ISO27001 compliant
  • Anti DDOS

Policies

  • Privacy Policy
  • Terms of Service
  • Cookie Policy
  • Net Zero Policy

Encryption

  • Data at rest and in transit is encrypted
  • A+ rating for encryption
  • Modern ciphers used

Payments

  • Handled by Paddle
  • PCI Compliant
  • Tax Invoices available
  • Self-service pausing or cancelling of subscription