MetaLens
Back to home
Security & data

What we read, what we never touch.

Plain-English answers about how MetaLens handles your Metabase credentials, your metadata, and your customer data. If anything here is unclear, email nick@valiotti.com — real reply within a day.

AES-256 at rest, TLS 1.3 in transit

Your Metabase API key is encrypted with AES-256-GCM before it hits the database. The encryption key lives in a separate environment, not in the same row. All traffic between your browser, our servers, and your Metabase runs over TLS 1.3.

Read-only by design

MetaLens calls only Metabase's read endpoints (/api/card, /api/dashboard, /api/collection, /api/database/:id/metadata, etc). We never POST, PUT, PATCH, or DELETE against your instance. We never push generated SQL to your database directly.

We don't store your underlying data

We pull metadata only: question titles, SQL query text, dashboard layouts, collection structure, view counts, last-edited timestamps, table/column names. We do not pull, cache, or analyze the rows your queries return. Your customer PII never reaches our servers.

Sensitive-column blocking

Before any AI agent sees a query, MetaLens runs a sensitive-column matcher. Columns like email, ssn, password_hash, credit_card, dob, phone, address are masked before the LLM context. You can extend the blocklist per-connection.

Anthropic API, not training

Agent calls run through Anthropic's API. Per Anthropic's API terms, prompts and completions are not used to train Claude models. We don't run our own training pipelines. We don't sell, share, or expose your data to other MetaLens customers.

Routes through your Metabase permissions

MetaLens uses the API key you provide. Whatever that key can see in Metabase is what MetaLens sees. If you want to scope it down, create a Metabase user with collection-level access and generate a key from that account.

Architecture in 5 boxes

1Your browserLogs in, triggers scans, views results
2MetaLens app (VPS, Tailscale-locked admin)Decrypts your API key, calls your Metabase, runs agent logic
3Your MetabaseReturns metadata only (titles, SQL text, dashboards, collections)
4Anthropic APIReceives masked metadata + prompts, returns AI analysis
5PostgreSQLStores encrypted API keys, scan results (90d), chat history
Each arrow is HTTPS/TLS 1.3. Your Metabase only sees calls from one MetaLens VPS IP — request it for your firewall allowlist.

Frequently asked, honestly answered

Where is my API key stored?
PostgreSQL on a private VPS, AES-256-GCM encrypted column. The encryption key is in a separate env file owned by a different OS user than the app process. The key is never logged, never echoed to console, never shipped to Sentry, never sent in webhooks.
What's your data retention policy?
Scan results (metadata + AI summaries): 90 days rolling, then auto-deleted. Chat history: kept until you delete it or the account. Audit logs (who logged in when, who triggered which scan): 30 days. Encrypted API key: deleted immediately when you remove the connection.
Can I delete everything in one click?
Yes — Settings → Account → Delete account. Wipes API keys, scans, chat history, account row, cached metadata. Hard delete, no soft-delete trash, no "recoverable for 30 days". Confirmation email goes out within 5 minutes.
Do you have SOC 2 / ISO 27001?
Not yet — we're early. We're SOC 2 Type 1 ready (single-tenant deploys for Enterprise customers, audit logging, encrypted at rest, MFA on all admin access) but we haven't run the audit. If you need a signed report, talk to us about Enterprise — we'll prioritize it for paying design partners.
What if your Anthropic API key gets compromised?
Anthropic keys are scoped to MetaLens-only spend. If we detect compromise, we rotate the key immediately, revoke the old one in Anthropic's console, and the worst-case is short bill spike on our side. Your data stays where it is — Anthropic doesn't store our prompts.
Where can I report a vulnerability?
Email nick@valiotti.com with subject [SECURITY]. We respond within 24 hours, fix critical issues within 48 hours, and credit you in our public changelog. No bug bounty cash yet but happy to arrange swag and a reference.

Need a security review or DPA?

Send your security questionnaire to nick@valiotti.com. Most get a same-day reply with answers inline. We can sign a custom DPA for Pro and Team customers, or run on a single-tenant deploy for Enterprise.

Email security