PBICompassBeta ← Back to home

Privacy Policy

Effective 15 July 2026

This Privacy Policy explains what PBICompass ("PBICompass", "we", "us") collects when you use pbicompass.com and the PBICompass application (the "Service"), and how that information is used. If anything here is unclear, email pbicompass@gmail.com.

1. The core commitment: metadata only, short retention

When you upload a .pbix or .pbip file, PBICompass extracts semantic-model metadata only — table and column names, measures, relationships, DAX expressions, RLS role definitions, and similar structural information. Row-level data inside your file is never read, extracted, or transmitted. Your source upload is processed in an isolated, temporary per-job sandbox and deleted when generation ends, whether the job succeeds or fails.

2. Information we collect

  • Account information — the email address, and any optional profile fields (name, company, role) you provide when you create an account via Supabase Auth.
  • API keys — if you generate a PBICompass API key, we store a salted hash of it, never the raw key after it's first shown to you.
  • Job metadata — for each documentation job: timestamps, status, document types requested, output format, and tenant/account association. This is stored in our database so your job history and dashboard work. It does not include your file's contents.
  • Billing information — the Service does not currently sell paid subscriptions or collect billing information. We will update this policy before enabling a payment processor.
  • Usage & log data — standard operational logs (request IDs, timestamps, error traces) used for reliability and abuse prevention, which do not contain file contents.

3. Optional third-party AI providers

PBICompass can generate documentation using a fully offline, deterministic engine that makes no AI-provider calls. If you select an AI engine, the extracted metadata needed for prose generation (never row-level data) is sent to the selected provider, such as Anthropic, Google, Cohere, or a model routed through MeshAPI. The hosted Service uses a server-managed provider key; a self-hosted deployment may optionally allow a per-job key. Per-job keys are not stored after processing. Provider processing is subject to that provider's terms and privacy policy.

4. How we use information

  • To operate, maintain, and secure the Service, including enforcing per-plan usage quotas.
  • To communicate with you about your account, billing, or changes to the Service.
  • To respond to support requests.

We do not sell your personal information, and we do not use your uploaded model's structure or content for advertising.

5. Data retention

Job metadata is retained for as long as your account is active so your dashboard and job history remain usable. Uploaded source files are deleted when processing ends. In the hosted Service, rendered downloads are placed in a private Supabase Storage bucket; authenticated download access expires within one hour, and expired objects are scheduled for automatic deletion. Transient storage-provider failures may delay physical deletion and are retried. Self-hosted deployments may use in-memory or private filesystem storage. You can request deletion of your account and associated job metadata at any time (see Section 7).

6. Cookies & sign-in

We use the minimum cookies/local storage needed to keep you signed in via Supabase Auth. We do not use third-party advertising or tracking cookies.

7. Your rights

You may request access to, correction of, or deletion of your account information and associated job metadata at any time by emailing pbicompass@gmail.com. We will respond within a reasonable time.

8. Children's privacy

The Service is not directed to, and is not intended for use by, children under 16.

9. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the effective date above.

10. Contact

Questions about this policy: pbicompass@gmail.com.

Terms of Service Refund Policy Pricing