Privacy Policy

Lakesight is the data controller for personal data processed through the lakesight.io platform. Contact: legal@lakesight.io

Account Data

• Name, professional email address, company name
• Billing address and payment information (processed by our payment provider)
• Account login credentials (passwords stored as cryptographic hashes)

Usage Data

• IP address, browser type, access timestamps
• Feature usage and interaction logs (for service improvement)

Databricks Workspace Data

• Workspace URL and PAT token provided by the Customer — stored exclusively in Microsoft Azure Key Vault and never exposed in any interface, log, or external system
• Job, run, and cluster metadata retrieved from the Databricks API for display within the Service

Note: lakesight.io does not read, store, or process the underlying data within the Customer's Databricks tables, notebooks, or files — only cost and configuration metadata via the public REST API.

• Contract performance: processing necessary to deliver the subscribed Service
• Legitimate interest: security monitoring, fraud prevention, service improvement
• Legal obligation: tax records, invoicing
• Consent: marketing communications (opt-in only)

• To provide, maintain and improve the Service
• To process payments and manage subscriptions
• To send service notifications and updates
• To respond to support requests
• To comply with legal obligations
• To send marketing communications (with consent)

Account data is retained for the duration of the subscription and for 3 years after termination for legal and tax purposes. Workspace Credentials (URL and PAT token) are stored in Azure Key Vault and are permanently and immediately deleted when a workspace is removed by the Customer, or upon account termination. Usage logs are retained for 12 months.

We do not sell personal data. We may share data with:

• Payment processors (for billing)
• Cloud infrastructure providers (hosting the Service)
• Analytics tools (anonymized/aggregated data only)
• Legal authorities when required by law

All sub-processors are bound by data processing agreements and provide adequate data protection guarantees.

Your data may be processed outside the European Economic Area (EEA). In such cases, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission.

Under GDPR and applicable law, you have the right to:

• Access your personal data
• Rectification of inaccurate data
• Erasure ('right to be forgotten')
• Restriction of processing
• Data portability
• Object to processing
• Withdraw consent at any time

To exercise these rights, contact: legal@lakesight.io. You may also lodge a complaint with the CNIL.

We implement appropriate technical and organizational security measures including: encryption in transit (TLS 1.2+), access controls and authentication mechanisms, and regular security reviews.

Critically, Workspace Credentials (URL and PAT token) are stored exclusively in Microsoft Azure Key Vault — they are never stored in our application database, never logged, and never visible in any user interface or API response.

We may update this Privacy Policy. Material changes will be notified via email. The current version is always available at lakesight.io/privacy.