Your database is safe with Querify
We designed Querify from the ground up for security. Here is exactly how we protect your data and your database.
Read-only guarantee
We cannot write to your database
Querify connects with credentials that only allow read access. That means we can answer questions from your data, but we cannot insert, update, or delete rows — and we cannot change schema.
Querify uses AST-level SQL validation to ensure every query is a SELECT statement. Write operations are structurally blocked before they can reach your database.
If something looks like a write, it never leaves our system. Your database only ever sees read-only traffic from Querify.
Credential security
Connection credentials are encrypted at rest using AES-256-compatible encryption (Fernet-style symmetric encryption). We never store passwords in plain text.
We store what we need to keep your connection working: the encrypted secret, host, database name, and non-secret metadata. We do not store unnecessary copies of your data or credentials beyond what is required for the service.
For the strongest security model, use a dedicated database user with SELECT-only permissions. Follow our read-only user guide to set that up in minutes.
If your network policy requires it, you can allowlist Querify’s static IP addresses so only our infrastructure can reach your database.
Data minimisation
We store your prompts, query metadata (timing, status), and a small preview of results (typically up to five rows) so you can see history in the product.
We do not store full result sets or bulk exports of your business data.
Retention follows your workspace settings and applicable law. You can request deletion of your workspace data, and we will honour it within a reasonable timeframe.
Infrastructure
Querify runs on modern infrastructure: Railway (backend), Vercel (frontend), and Supabase (managed database services). All traffic between you and Querify uses TLS 1.2+ in transit.
| Sub-processor | Role | Security |
|---|---|---|
| Railway | Application hosting (backend) | Security overview |
| Vercel | Web application hosting (frontend) | Security overview |
| Supabase | Managed data services | Security overview |
Compliance
We take GDPR seriously. We process personal data only as needed to run the service, support you, and meet legal obligations. We work with EU customers under standard contractual clauses where required.
A Data Processing Addendum (DPA) is available for customers who need it for EU operations.
For security reviews, questionnaires, or incident reports: security@querify.ai