Supper

Security & enterprise

Built for companies that can't afford to get data wrong.

Granular access controls, field-level privacy, bring-your-own infrastructure, and a full audit trail on every query.

Supper is designed from the ground up for enterprise data environments. Security isn't an add-on — it's how the platform works. Every query is governed, validated, and recorded before a single number reaches the user.

We've been through the SOC 2 audit. We've answered the InfoSec questionnaires. We've sat in calls with procurement teams that needed every detail nailed down. Reach out and we'll do that with you too.

Talk to our security team Learn more about Supper →
SOC 2 Type II GDPR Encryption at rest (AWS KMS) Encryption in transit SSO / SAML RBAC Full audit trail
[ Certifications & posture ]

Third-party verified

Continuously maintained. Audited annually.

Reports and policy documentation are available on request — reach out and we'll share the right documents for your review process.

SOC 2 Type II
Annual audit · report on request
Penetration testing
Regular third-party tests · summary available
GDPR compliant
EU data handling & residency controls

Data handling

  • Encryption at rest via AWS KMS — your keys, your control
  • Encryption in transit on all connections
  • No query results persisted in Supper-managed storage by default
  • Enterprise customers can bring their own S3 bucket — all outputs written to your environment

Infrastructure access

  • IAM roles for all internal service-to-service access
  • Least-privilege access enforced across the stack
  • Read-only connection to your warehouse — Supper never writes to your data
  • All Supper employees covered under DPAs
[ Field-level controls ]

Sensitive data stays put

Defined by your compliance team. Enforced at SQL runtime.

Supper's query engine includes field-level controls (FLC) that prevent sensitive information from ever leaving your environment — enforced before a result is returned. You define which fields are sensitive. Supper handles the rest.

Permanent obfuscation

Sensitive fields are one-way hashed at SQL runtime. The raw value never reaches Supper. Use this for PII you never need to recover.

Reversible obfuscation

Fields are encrypted with a customer-owned key at SQL runtime. You can decrypt when needed. Use this for PHI or data where future access may be required.

sensitive_fields.yml · production v4.1 · applied
"Top 10 customers by lifetime value."
customer.email email address
hash · permanent
customer.ssn social security number
hash · permanent
customer.dob date of birth
encrypt · reversible
patient.diagnosis_cd ICD-10 code (PHI)
encrypt · reversible
customer.lifetime_value_usd computed metric
allow
customer.segment marketing segment
allow

Every field access and encryption event has a full audit trail

[ User entitlements ]

Cloud IAM, for queries

Permissions that match how your organization actually works.

Every permission is defined at the level that makes sense — schema, table, or column — with cascading rules that let you set broad access with precise exceptions. Same model your data team already uses in Snowflake, BigQuery, and Redshift.

Role-based baseline
Base entitlements set using roles — define once, apply to groups of users
Schema-level permissions
Grant or deny access to entire schemas in one rule
Table-level permissions
Fine-grained control over which tables each user or role can query
Column-level permissions
Restrict individual fields — salary, SSN, health data — by user or role
Cascading allow/deny
"Allow all from schema X, except table Y and field Z" — no workarounds needed
Atomic overrides
Most granular rule takes precedence over inherited permissions
[ Bring your own infrastructure ]

For the strictest environments

Your infrastructure. Supper's intelligence.

For organizations that can't send data or model inference outside their own environment. Supper's BYO capabilities let you keep everything in-house while running the full platform.

BYO LLM

Bring your own model

Provide your own API keys for OpenAI (GPT) or Anthropic (Claude) instead of Supper-managed model access. Model usage aligns with your internal procurement, security, and compliance policies — while Supper's orchestration layer, semantic modeling, and tool pipelines remain unchanged.

  • Supports OpenAI (GPT) and Anthropic (Claude)
  • Override model routing per workload type
  • Aligns with internal procurement and compliance policies
  • Full platform functionality preserved — only model endpoints change

We recommend enabling access to both GPT and Claude families to preserve routing flexibility and optimal performance across all workloads.

BYO S3

Bring your own storage

All query results and data outputs are written directly to a customer-owned AWS S3 bucket instead of Supper-managed storage. Your data never rests in a third-party environment — it stays within your AWS account and VPC.

  • All outputs written to your S3 bucket — nothing persists in Supper storage
  • Provisioned in your AWS account and VPC
  • IAM policy control owned entirely by your security team
  • Meets strict data residency and compliance requirements
Talk to us about our data architecture →
[ Documentation & resources ]

Available on request

Everything your reviewers need.

We know enterprise security reviews require more than a marketing page. Everything you need for a thorough evaluation is available — reach out and we'll share the right documents for your process.

Our security team is available for direct calls with your InfoSec or procurement reviewers. We've been through this process with customers at every stage of compliance maturity.

SOC 2 Type II report
Full audit report from our latest annual assessment
Request →
Penetration testing summary
Executive summary of our most recent third-party pen test
Request →
Security questionnaire
Pre-filled for common vendor assessment frameworks
Request →
Privacy & security policies
Supper's internal policies governing data handling and access
Request →
Disaster recovery documentation
RTO/RPO targets, backup strategy, and failover procedures
Request →
Compliance statements
GDPR, HIPAA readiness, and data residency documentation
Request →
[ Common questions ]
Does Supper store my data?+
No. Supper connects to your existing data sources and queries them directly. Your data stays where it lives — in your warehouse, your SaaS tools, your databases. No copies, no intermediate staging. Enterprise customers who want additional assurance can bring their own S3 bucket, so even query outputs never leave their environment.
Is Supper read-only? Can it modify my data?+
Yes — Supper is strictly read-only. We connect to your warehouse and data sources through dedicated read-only credentials. There is no mechanism in the platform for writing, modifying, or deleting data in any connected source.
How does Supper handle PII and sensitive fields?+
Enterprise customers can define a column-level list of sensitive fields — PII, PHI, or any data your compliance team designates. Supper applies field-level controls at SQL runtime: permanent one-way hashing for fields that should never be exposed, or reversible encryption with a customer-owned key for fields where future access may be needed. The raw value never reaches Supper in either case. Full audit trail retained on every access.
What AI models does Supper use? Can I use my own?+
By default, Supper manages model access and routes workloads to the most appropriate model for each task — SQL generation, reasoning, summarization. Enterprise customers can bring their own API keys for OpenAI (GPT) or Anthropic (Claude), aligning model usage with internal procurement and compliance policies. Organizations with strict vendor requirements can run all inference through a single provider without losing core platform functionality.
How are user permissions managed?+
Supper follows cloud IAM best practices. Permissions are defined at the role, schema, table, and column level. Cascading allow/deny rules let you set broad access with precise exceptions — "allow all from schema X, except table Y and column Z." Permissions are enforced at query time, not just at the UI level. If a user can't see a field, no query run on their behalf will return it.
Where is Supper hosted? What regions are supported?+
Supper runs on AWS infrastructure. Enterprise customers with data residency requirements can discuss region configuration and BYO storage options with our team. Reach out to talk through your specific requirements.
What compliance documentation is available?+
We provide SOC 2 Type II reports, penetration testing summaries, pre-filled security questionnaires, privacy and security policies, disaster recovery documentation, and compliance statements for GDPR and HIPAA readiness. All available on request — reach out to our security team and we'll share what you need for your evaluation process.

Your security team has questions. Ours has answers.

We're happy to do a direct call with your InfoSec or procurement team — walk through the architecture, fill out the questionnaire together, or review any of our compliance documentation.

SOC 2 Type II GDPR AWS KMS encryption SSO / SAML Field-level controls BYO LLM BYO S3 Read-only by design