Last Updated: 2026-02-06
How BlazeSQL Works
BlazeSQL is an AI-powered data analyst that connects to your SQL databases and answers questions in natural language. It writes SQL queries, runs them against your database, and returns results as tables, charts, and dashboards.
BlazeSQL never imports or copies your full database. The AI needs only your schema — table names, column names, and data types — to generate accurate SQL. When offline mode is enabled (default on Desktop), only schema metadata is sent to our servers. When offline mode is disabled, query results are also sent for deeper AI analysis. Your actual data rows are queried on demand and handled differently depending on which BlazeSQL product you use.
All data is encrypted — AES-256 at rest and TLS 1.2+ in transit across every deployment model. Zero Data Retention (ZDR) is enabled on all AI model calls.
Zero Data Retention (ZDR)
BlazeSQL runs large language models on Google Cloud Platform Vertex AI. We have enabled and verified Zero Data Retention on all Vertex AI model calls. This means:
Prompts and responses are not stored by Google. When BlazeSQL sends a query to the AI model, neither the input nor the output is retained by Google after the response is returned.
Your data is not used to train or improve Google's models. ZDR explicitly prevents this.
Google's ZDR documentation: cloud.google.com/vertex-ai/generative-ai/docs/data-governance
No Model Training on Customer Data
BlazeSQL does not train its own models on customer data. Customer data is used solely to provide the BlazeSQL service — answering your questions, generating insights, and enabling collaboration within your team. No exceptions unless a customer explicitly opts in via a separate written agreement.
Compliance
BlazeSQL runs entirely on Google Cloud Platform. GCP's infrastructure holds the following certifications:
GCP Infrastructure Certifications (held by Google Cloud Platform, not BlazeSQL)
Certification | Held By | Scope |
SOC 1, SOC 2, SOC 3 | Google Cloud Platform | Security, availability, and confidentiality controls |
ISO 27001 | Google Cloud Platform | Information security management |
ISO 27017 | Google Cloud Platform | Cloud-specific security controls |
ISO 27018 | Google Cloud Platform | Protection of personally identifiable information in public cloud |
GDPR | Google Cloud Platform | EU data protection regulation |
CCPA | Google Cloud Platform | California Consumer Privacy Act |
HIPAA | Google Cloud Platform | Health Insurance Portability and Accountability Act |
FIPS 140-2 Level 3 | Google Cloud Platform | Cryptographic key management (via Cloud HSM) |
BlazeSQL's own compliance posture includes:
GDPR compliance: Data export and deletion requests fulfilled within 14 days. Subprocessor transparency. Data subject rights supported.
HIPAA readiness: BlazeSQL has a Business Associate Agreement (BAA) with Google. Enterprise customers requiring HIPAA compliance can sign a BAA directly with BlazeSQL.
CCPA compliance: Consumer rights under CCPA are supported.
Data Retention and Deletion
Self-service deletion: Delete any stored data — including chats, queries, dashboards, results, database connections, credentials, and schema metadata — at any time from within the application.
Bulk deletion: Organization-wide bulk deletion available through BlazeSQL support.
Source databases unaffected: Deleting data in BlazeSQL removes it from BlazeSQL's storage only. Your source database is never modified.
Data export: Request a machine-readable export of your data, fulfilled within 14 days.
Account termination: Associated data is deleted upon account closure, subject to any legally required retention periods.
Incident Response
BlazeSQL maintains a structured incident response process:
Identification: GCP security controls and real-time monitoring flag unusual activity immediately.
Assessment: Security team evaluates severity, documents scope and potential impact, and prioritizes response.
Containment: Affected components are isolated to limit exposure. The source of the incident is identified and eliminated.
Recovery: Services and data are restored using GCP's backup and recovery infrastructure.
Post-Incident Review: Root cause analysis, response effectiveness evaluation, gap identification, and prevention planning.
Communication: Transparent, timely updates to all affected stakeholders throughout the process. Affected customers are notified in accordance with applicable regulations (e.g., within 72 hours per GDPR requirements).
Architecture: Three Ways to Use BlazeSQL
Desktop App
The desktop application connects directly from your device to your database. With offline mode enabled (on by default), query results travel from your database to your machine and are stored locally — your data rows never pass through BlazeSQL's servers.
What does sync to our servers: Database schema metadata (table names, column names, data types), database connection credentials, and chat messages. These are required for the AI to generate and execute queries and are encrypted in transit and at rest.
Exceptions: SQL Server connections using Windows Authentication rely on your device's local credentials and do not send credentials to BlazeSQL's servers. Connections using Entra Authentication are token-based and do not require stored credentials.Optional features that send data to our servers (all disabled by default):
Disabling offline mode — enables deeper analysis, error correction, and follow-up questions
AI-generated email reports
Advanced model for forecasting and statistical analysis
Web App
The web application runs at blazesql.com/app. Your database connection is made from BlazeSQL's cloud infrastructure on Google Cloud Platform, using a static IP address you can whitelist.
Query results, chat history, saved queries, and dashboards are stored server-side in GCP Firestore to enable collaboration, sharing, and fast access without re-querying your database. All stored data is encrypted (AES-256 at rest, TLS in transit) and deletable at any time.
Database Connection API
The Database Connection API provides the same data isolation as the Desktop App (with offline mode enabled) — query results are stored locally on the end user's device and never touch BlazeSQL's servers. Use it when you need web-based access or embedded analytics with maximum data isolation.
Data Handling Summary
Data Type | Stored on BlazeSQL Servers? | Details |
Schema metadata (table names, column names, data types) | Yes (encrypted, deletable) | Required for SQL generation |
Unique values for categorical columns (optional) | Yes (encrypted, deletable) | Improves query accuracy |
Database credentials | Yes (encrypted, deletable) | Executes queries on your behalf. Exceptions: SQL Server with Windows Authentication (uses local device credentials); Entra Authentication (token-based, no stored credentials) |
Chat messages | Yes (encrypted, deletable) | AI conversation history |
Query results — Desktop App | No | Stored locally on your device (default). Disabling offline mode sends results to our servers for deeper analysis. BigQuery exception: results stored on BlazeSQL servers. |
Query results — Web App | Yes (encrypted, deletable) | Enables dashboards, sharing, collaboration |
Query results — DB Connection API | No | Stored locally — same isolation as Desktop App |
Encryption
Layer | Standard | Details |
Data at rest | AES-256 | All data in Google Cloud data centers |
Data in transit | TLS (HTTPS) | All communications between clients and servers |
Firestore | AES-256 + TLS | Automatic encryption at rest and in transit, with custom security rules |
Key management (enterprise) | FIPS 140-2 Level 3 | Available via Google Cloud HSM |
Access Controls
Admin-controlled access: The person who adds a database to BlazeSQL controls who can access it. Only explicitly invited users can view the database.
Permission levels: Invitees receive either read-only access or read-write access (including creating, updating, and deleting tables), set by the admin.
Network isolation: BlazeSQL servers run in a firewalled, non-public subnet.
Static IP: Web app connections originate from a static IP address for customer firewall whitelisting.
Authentication
Single Sign-On (SSO): SAML 2.0 and OpenID Connect supported for enterprise deployments.
Multi-Factor Authentication (MFA): Two-factor authentication (2FA) is available natively. MFA is also enforced through your identity provider when using SSO (SAML/OpenID Connect).
Standard authentication: Email and password.
Service principal authentication: Available for programmatic access and integration with enterprise identity providers (e.g., Microsoft Entra ID). Contact [email protected] for details on specific IdP support.
Logging and Monitoring
Enterprise customers can enable comprehensive event logging:
User activity: Who generated, modified, or deleted queries; which data was accessed; timestamps for all actions.
Security events: Failed login attempts, changes to user roles, permission modifications.
System activity: System events including updates, errors, and restarts.
Server logs: Web requests, browser type, referring pages, and timestamps are retained for a minimum of 1 year. Logs are available for audit purposes or deleted upon request.
All users require unique accounts, enabling precise activity tracing and audit trails.
Internal Access
Access to production systems and customer data by BlazeSQL personnel is restricted to essential engineering staff required for service operation and support. Production access is logged and reviewed regularly. Employees with production access are bound by confidentiality obligations and use unique accounts — shared credentials are not permitted. Access is revoked promptly upon departure or role change.
Security Testing
BlazeSQL's infrastructure inherits GCP's continuous security testing program, and GCP holds SOC 2 certification covering its infrastructure security controls. BlazeSQL conducts independent application-layer penetration testing, with results available to enterprise customers under NDA. For enterprise customers evaluating BlazeSQL, we can provide additional security information and work with your assessment process.
Security issues can be reported to [email protected].
Business Continuity and Disaster Recovery
Daily backups with 30-day retention. Recovery targets: RPO 24 hours, RTO 7 days. BlazeSQL's infrastructure runs on GCP, which provides built-in redundancy and automated failover across availability zones. For enterprise deployments, custom backup and DR configurations are available.
Software Development Lifecycle
All code changes require peer review via GitHub pull requests. Dependencies are monitored for known vulnerabilities via GitHub Dependabot.
Enterprise Options
Feature | Description |
Database Connection API | Web and embedded analytics with maximum data isolation — query results stored locally, same as Desktop App |
SSO (SAML / OpenID Connect) | Integrate with your identity provider, with MFA enforced through your IdP |
HIPAA BAA | Business Associate Agreement for healthcare compliance |
Dedicated GCP region | Deploy in a specific GCP region for data residency requirements — contact [email protected] |
Audit logging | Comprehensive activity and security event logging |
Contact
For security questions, enterprise pricing, or to request additional documentation:
For support: [email protected]
© Blaze Analytics vGmbH (LU35935057), 23 Boulevard Friedrich Wilhelm Raiffeisen, 2411 Luxembourg