Privacy Policy
Privacy Policy
Last updated: 1 June 2026
Effective date: 1 June 2026
1. Introduction
This Privacy Policy explains how Data Clarity Limited ("we," "us," "our") collects, processes, and protects information in connection with Tableau AI Assistant (the "Extension"), a Tableau dashboard extension that enables conversational AI queries against Tableau data sources.
This policy is designed to be specific and verifiable. Where the Extension processes data on behalf of users, we describe exactly what data is processed, why, where it is sent, and how long it is retained.
By installing and using the Extension, you agree to the practices described below.
2. Who we are
Data Clarity Limited is the developer of Tableau AI Assistant.
• Registered address: Unit B, 11/F Yam Tze Comm bldg 23 Thomson Rd. Wan Chai, Hong Kong
• Contact for privacy matters: info@vizuators.com.
3. Data we process
The Extension processes the following categories of data:
3.1 Authentication credentials
• Tableau Personal Access Token (PAT). Provided by the user during setup. Used to query Tableau Server or Tableau Cloud on the user's behalf.
• LLM API credentials (Anthropic Claude API key or Deepseek API key). Provided by the user during setup. Used to authenticate requests to the user's chosen LLM provider.
3.2 Query data
• User questions. Natural-language prompts entered by the user in the Extension interface.
• Dashboard context. Metadata about the dashboard the Extension is embedded in, including data source identifiers, field names, formulas, and active filters.
• Tableau query results. Aggregated data, samples, or row-level results returned by Tableau in response to queries generated by the Extension. The exact content depends on the user's question.
3.3 Operational data
• Session identifiers. Used to maintain conversation context within an active browser session.
• Error logs. Technical logs generated when the Extension encounters errors. These may include timestamps, error codes, and anonymized request metadata. They do not include API credentials or full query results.
4. How data flows
We believe security review starts with a clear data flow. The Extension operates as follows:
5. Where data is sent
Beyond our own infrastructure, data may be sent to the following third parties:
• Tableau Server / Tableau Cloud operated by the user's organization. The Extension queries this on the user's behalf using the user's PAT. Data exchanged here is governed by the user's existing relationship with Salesforce/Tableau and the user's organization.
• Anthropic (api.anthropic.com), if the user has selected Claude as their LLM provider. The user's question, query results, and context are sent to Anthropic for processing. Use of Anthropic's services is governed by Anthropic's privacy policy and the user's account agreement with Anthropic.
• Deepseek, if the user has selected Deepseek as their LLM provider. The same applies: the user's question, query results, and context are sent to Deepseek under the user's account.
We do not sell, rent, or share data with any party other than those listed above and only for the purposes described.
6. Data retention
We do not retain user conversations, query results, or credentials on persistent storage at any point.
7. Legal basis for processing
Where the General Data Protection Regulation (GDPR) applies, the legal bases for our processing are:
• Contract performance — processing is necessary to deliver the service the user has requested by installing the Extension.
• Legitimate interest — for error logs and operational diagnostics, limited to what is necessary to maintain service quality.
Users in the EU/EEA have the right to access, correct, delete, or restrict processing of their data, and the right to data portability. To exercise these rights, contact info@vizuators.com.
8. Security measures
We implement the following technical and organizational measures:
• All data in transit is encrypted using TLS 1.2 or higher.
• Our processing infrastructure does not write user credentials or query data to disk.
• Access to operational systems is restricted to authorized personnel and logged.
• Error logs are sanitized to exclude credentials and full query content.
We continue to evaluate our security posture and welcome reports of security concerns at info@vizuators.com.
9. Children's data
The Extension is a business tool and is not directed at individuals under 16. We do not knowingly collect data from children.
10. Changes to this policy
We may update this policy from time to time. Material changes will be announced through the Extension's release notes and on our website. The "Last updated" date at the top of this policy reflects the most recent revision.
11. Contact
If you have questions, concerns, or complaints about this Privacy Policy or how we handle your information, please contact us:
Data Clarity Limited
Email: info@vizuators.com.
Address: Unit B, 11/F Yam Tze Comm bldg 23 Thomson Rd. Wan Chai, Hong Kong
For data protection inquiries — please reference "Tableau AI Assistant Privacy Policy" in your message.
Effective date: 1 June 2026
1. Introduction
This Privacy Policy explains how Data Clarity Limited ("we," "us," "our") collects, processes, and protects information in connection with Tableau AI Assistant (the "Extension"), a Tableau dashboard extension that enables conversational AI queries against Tableau data sources.
This policy is designed to be specific and verifiable. Where the Extension processes data on behalf of users, we describe exactly what data is processed, why, where it is sent, and how long it is retained.
By installing and using the Extension, you agree to the practices described below.
2. Who we are
Data Clarity Limited is the developer of Tableau AI Assistant.
• Registered address: Unit B, 11/F Yam Tze Comm bldg 23 Thomson Rd. Wan Chai, Hong Kong
• Contact for privacy matters: info@vizuators.com.
3. Data we process
The Extension processes the following categories of data:
3.1 Authentication credentials
• Tableau Personal Access Token (PAT). Provided by the user during setup. Used to query Tableau Server or Tableau Cloud on the user's behalf.
• LLM API credentials (Anthropic Claude API key or Deepseek API key). Provided by the user during setup. Used to authenticate requests to the user's chosen LLM provider.
3.2 Query data
• User questions. Natural-language prompts entered by the user in the Extension interface.
• Dashboard context. Metadata about the dashboard the Extension is embedded in, including data source identifiers, field names, formulas, and active filters.
• Tableau query results. Aggregated data, samples, or row-level results returned by Tableau in response to queries generated by the Extension. The exact content depends on the user's question.
3.3 Operational data
• Session identifiers. Used to maintain conversation context within an active browser session.
• Error logs. Technical logs generated when the Extension encounters errors. These may include timestamps, error codes, and anonymized request metadata. They do not include API credentials or full query results.
4. How data flows
We believe security review starts with a clear data flow. The Extension operates as follows:
- The user installs the Extension on a Tableau dashboard and provides their Tableau PAT and LLM API credentials. These credentials are stored in the browser's local storage on the user's device.
- When the user submits a question, the Extension sends the question and dashboard context to Tableau using the user's PAT. The query is constructed based on the user's question and the dashboard's schema.
- Tableau returns query results to the Extension. Row-Level Security and other access controls configured on the data source apply to this query.
- The Extension forwards the question, the query results, and relevant context to the LLM provider (Anthropic or Deepseek) using the user's LLM API key.
- The LLM provider returns a response, which the Extension displays in the dashboard.
5. Where data is sent
Beyond our own infrastructure, data may be sent to the following third parties:
• Tableau Server / Tableau Cloud operated by the user's organization. The Extension queries this on the user's behalf using the user's PAT. Data exchanged here is governed by the user's existing relationship with Salesforce/Tableau and the user's organization.
• Anthropic (api.anthropic.com), if the user has selected Claude as their LLM provider. The user's question, query results, and context are sent to Anthropic for processing. Use of Anthropic's services is governed by Anthropic's privacy policy and the user's account agreement with Anthropic.
• Deepseek, if the user has selected Deepseek as their LLM provider. The same applies: the user's question, query results, and context are sent to Deepseek under the user's account.
We do not sell, rent, or share data with any party other than those listed above and only for the purposes described.
6. Data retention
Data category | Where stored | Retention |
PAT, LLM API keys | User's browser (local storage) | Until user clears them |
User questions, results, conversation context | In-memory on our infrastructure | Duration of the request only |
Session conversation history | User's browser (memory) | Until session ends or tab closes |
Error logs | Our infrastructure | 30 days, then deleted |
We do not retain user conversations, query results, or credentials on persistent storage at any point.
7. Legal basis for processing
Where the General Data Protection Regulation (GDPR) applies, the legal bases for our processing are:
• Contract performance — processing is necessary to deliver the service the user has requested by installing the Extension.
• Legitimate interest — for error logs and operational diagnostics, limited to what is necessary to maintain service quality.
Users in the EU/EEA have the right to access, correct, delete, or restrict processing of their data, and the right to data portability. To exercise these rights, contact info@vizuators.com.
8. Security measures
We implement the following technical and organizational measures:
• All data in transit is encrypted using TLS 1.2 or higher.
• Our processing infrastructure does not write user credentials or query data to disk.
• Access to operational systems is restricted to authorized personnel and logged.
• Error logs are sanitized to exclude credentials and full query content.
We continue to evaluate our security posture and welcome reports of security concerns at info@vizuators.com.
9. Children's data
The Extension is a business tool and is not directed at individuals under 16. We do not knowingly collect data from children.
10. Changes to this policy
We may update this policy from time to time. Material changes will be announced through the Extension's release notes and on our website. The "Last updated" date at the top of this policy reflects the most recent revision.
11. Contact
If you have questions, concerns, or complaints about this Privacy Policy or how we handle your information, please contact us:
Data Clarity Limited
Email: info@vizuators.com.
Address: Unit B, 11/F Yam Tze Comm bldg 23 Thomson Rd. Wan Chai, Hong Kong
For data protection inquiries — please reference "Tableau AI Assistant Privacy Policy" in your message.