Security & trust
Your dashboards, handled with care.
HunterViz is built enterprise-first on Google Cloud. We minimize the data we hold, encrypt it in transit, and only touch a provider's permissions for the dashboards we own and operate on your behalf.
Data handling
For Linked Dashboards we store the link, its detected Provider and capabilities, and hub metadata — not the analytics inside them. The underlying data stays in your own provider.
Encryption
All traffic to HunterViz is served over TLS and encrypted in transit. Data at rest lives in Google Cloud managed services with encryption enabled by default.
Authentication
Sign in with email and password or Google. Identity is provider-agnostic, so enterprise SSO can be added per contract without changing your sessions, roles or shares.
Hosting
The application runs on Google Cloud (Cloud Run), and the marketing site is served from Firebase Hosting. We rely on Google's hardened, certified infrastructure.
Access control
Owner, admin and member roles scope what each person can do in a Workspace, and per-dashboard Shares control who sees what. Members only see the dashboards they're granted.
Audit logging
On Team and Enterprise plans, significant actions — invites, role changes, shares and refreshes — are recorded so admins have a clear trail of who did what, and when.
Provider permission model
We only touch what we own.
The single most important thing to understand about HunterViz security: the difference between a Linked Dashboard and a Managed Dashboard.
Linked Dashboards your provider
A dashboard you bring by pasting a link to an asset we don't own.
- The data stays entirely in your own provider
- We embed what's already publicly viewable; nothing more
- We never modify your Power BI, Tableau or Drive permissions
Managed Dashboards we operate
A dashboard we build and own on your behalf (e.g. Looker Studio over BigQuery).
- Full capabilities, because we control the asset
- A Share propagates a real provider permission (e.g. a Drive grant)
- Refresh runs only on infrastructure we own and operate
Compliance posture
Where we are, stated plainly.
SOC 2-ready
We operate with SOC 2 controls in mind — least-privilege access, change management and logging. Formal attestation is part of our enterprise roadmap; ask sales for current status.
GDPR-aligned
We minimize personal data, support data export and deletion requests, and process data on EU-available Google Cloud infrastructure. A DPA is available for enterprise customers.
Enterprise SSO
SSO (SAML / OIDC) is offered as an enterprise add-on, delivered per contract. Our identity layer is provider-agnostic, so enabling it does not disrupt existing accounts or access.
Responsible disclosure
Found a vulnerability? We want to hear from you. Report it privately and we'll acknowledge, investigate and keep you updated. Please give us reasonable time to remediate before any public disclosure.
Security review for your team?
Enterprise plans include a security review, a DPA and an SLA. Let's walk through your requirements.