start free →
Legal

Privacy Policy

Last updated: 13 May 2025

1. Overview

1stli Ltd ("1stli", "we", "us", "our") operates as a data access and query layer. We do not store, copy, or process the underlying data you access through our platform. All data queried via 1stli remains within the third-party connectors and data sources you configure. This policy explains what limited information we do collect, how we use it, and your rights in relation to it.

2. What We Collect

2.1 Account Information

When you register, we collect your name, email address, and any organisational details you provide. This is used solely to operate and secure your account.

2.2 Usage & Telemetry Data

We collect anonymised, aggregated usage telemetry (e.g. feature interactions, error rates, query latency) to improve the platform. This data cannot be used to identify you personally and is never sold.

2.3 Connector Credentials

To connect your data sources you may provide API keys, OAuth tokens, or connection strings. These credentials are encrypted at rest and in transit and are used exclusively to execute queries on your behalf. We do not inspect, copy, or retain the data returned by those queries beyond what is necessary to serve your session.

2.4 Cookies & Analytics

We use cookies for session management and, with your consent, analytics cookies (Google Analytics) to understand site traffic. You can manage cookie preferences through your browser settings.

3. Data We Do Not Hold

1stli is a pass-through query layer. We do not:

  • Store copies of the data returned from your connected sources.
  • Index, train on, or otherwise process your source data.
  • Transfer your source data to any third party.
  • Retain query results beyond the active session unless you explicitly save them.

All data accessed through 1stli is governed by the privacy policies and security controls of the respective third-party connector (e.g. Snowflake, BigQuery, Postgres, Salesforce). You remain solely responsible for the compliance posture of those systems.

4. Third-Party Connectors

1stli integrates with external data sources chosen and configured by you. We have no control over, and accept no responsibility for, the privacy practices, security measures, or data-handling policies of those third parties. You should review the privacy policy of each connector you use.

5. How We Use Your Information

We use the limited information we collect to:

  • Provide, maintain, and improve the 1stli platform.
  • Authenticate and secure your account.
  • Communicate important service updates, security alerts, and support responses.
  • Meet our legal obligations.

We do not sell your personal data. We do not use your data for advertising.

6. Data Sharing

We may share your information with:

  • Service providers who operate infrastructure on our behalf (hosting, monitoring, email delivery) under strict data-processing agreements.
  • Law enforcement or regulatory bodies where required by applicable law.
  • Acquirers in the event of a merger or acquisition, subject to equivalent data-protection obligations.

7. Data Retention

Account data is retained for the duration of your subscription and deleted within 90 days of account closure upon request. Anonymised telemetry may be retained indefinitely. Connector credentials are purged immediately upon connector removal or account deletion.

8. Security

We implement industry-standard technical and organisational measures including encryption in transit (TLS 1.2+), encryption at rest, access controls, and regular security reviews. However, no system is perfectly secure. We cannot guarantee the absolute security of information transmitted to us. You use the platform at your own risk and are responsible for safeguarding your own credentials and access tokens.

9. Your Rights

Depending on your jurisdiction (including UK GDPR / EU GDPR / CCPA), you may have the right to access, correct, delete, or port your personal data, or to object to or restrict certain processing. To exercise any of these rights, contact us at privacy@1stli.com.

10. International Transfers

Our infrastructure is primarily located in the UK and EU. Where data is transferred outside these regions, we ensure appropriate safeguards (e.g. Standard Contractual Clauses) are in place.

11. Children

Our services are not directed at children under 16. We do not knowingly collect personal data from children.

12. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email or in-app notification. Continued use of the platform after the effective date constitutes acceptance of the updated policy.

13. Contact

Questions about this policy? Reach us at:
1stli Ltd
privacy@1stli.com