Data Security

Data Security Overview

Insightful Pipe takes data security very seriously. Our business depends on protecting your data, so we've adopted a “privacy by design” approach and follow industry best practices across encryption, access control, and software architecture.

Services Overview

Insightful Pipe is a connector platform that builds Model Context Protocols (MCPs) to enable AI assistants like ChatGPT, Claude, Cursor, and VS Code to connect directly to business platforms. We act as secure bridges between your AI tools and platforms such as Google Ads, Facebook Ads, Google Analytics, Shopify, and other business tools.

Data Ownership

As a connector service, we facilitate secure access between your AI assistants and your connected platforms. Your data remains in your original platforms and under your control. We do not store or retain your business data - we simply provide the secure connection layer that allows your AI tools to access it.

Secure Connection Protocols

• API Key Security: Your platform API keys are encrypted and stored securely, never shared with third parties.
• Zero Data Retention: We do not store your business data - connections are real-time between your AI tools and platforms.

Technology Platform

Cloud Infrastructure

We host our services on Google Cloud, leveraging its security controls and compliance certifications.

Access Management

We enforce strict Identity and Access Management (IAM) policies, multi-factor authentication (OTP/TOTP), and the principle of least privilege to guard against unauthorized access.

Monitoring & Alerting

We continuously analyze system logs and metrics to detect and respond to anomalous activity in real time.

Data Removal Process

You have full control over your data and can remove it from our infrastructure at any time. Follow these simple steps:

Steps to Remove Your Data:

1. Navigate to the Connectors page in your Insightful Pipe dashboard
2. Scroll down to the “Connections” section
3. Click “Delete” on each connection you want to remove
4. Confirm the deletion when prompted

Incident Response Policy

Insightful Pipe maintains a structured incident response process to ensure rapid identification, containment, and resolution of security events. Our policy defines clear roles, responsibilities, and communication channels for handling incidents of any severity.

Incident Classification

• Critical: Confirmed data breach, unauthorized access to customer data, or complete service outage.
• High: Potential data exposure, partial service degradation, or vulnerability actively being exploited.
• Medium: Suspected unauthorized access attempts, minor service disruption, or newly discovered vulnerability.
• Low: Informational security events, failed access attempts, or non-critical anomalies.

Response Procedures

1. Detection & Identification: Continuous monitoring via Sentry error tracking and system log analysis to detect anomalous activity in real time.
2. Containment: Immediate isolation of affected systems, revocation of compromised credentials, and restriction of access to prevent further impact.
3. Eradication & Recovery: Root cause analysis, patching of vulnerabilities, restoration of services from secure backups, and verification of system integrity.
4. Notification: Affected customers and relevant partners are notified within 72 hours of confirmed incidents. Regulatory authorities are notified as required by applicable law.
5. Post-Incident Review: Documented lessons learned, updated procedures, and implementation of preventive measures to avoid recurrence.

Business Continuity

Our infrastructure is designed for resilience with managed cloud services, automated backups, and redundant systems. We conduct periodic business impact assessments to identify key assets and define recovery time objectives (RTO) and recovery point objectives (RPO). Incident response drills are conducted annually, and reports are retained for review and continuous improvement.