Security & privacy

Four privacy modes. You pick the tradeoff.

tableArth.ai is built for B2B software that ships to customers of every privacy posture — from cloud-native to fully local. Set the mode per customer, per workspace, or per data table.

Most capable

Full AI

Rich answers with chart and insight. LLM sees the full table.

Capability—

Privacy

Masked data

Text values tokenized before the LLM. Original values restored in output.

CapabilityPrivacy

Hybrid

Stats only

AI sees column statistics. Full table rendered locally — rows never exposed.

CapabilityPrivacy

Most private

Local template

Pure server-side rendering. Zero external API calls.

—Privacy

Plus API key + origin guard — every widget locked to your domain.

Answer modes

Flexible for every use case.

Same engine, four operating profiles. Configure per customer, per table, or per plan tier.

Full AI

Complete AI answer with formatted markdown, bullet insights, data summary, and auto-selected chart.

LLM + full data

Masked data

Text values tokenized before the LLM. AI answers with masked data; original values restored in the output your users see.

LLM + tokens only

Stats only (Hybrid)

AI generates narrative from column statistics. Full data table rendered locally — rows never exposed to the model.

LLM + aggregates

Local template

Pure server-side rendering with deterministic templates. Zero external AI calls. Maximum data privacy and infrastructure control.

No LLM calls

Origin guard

Every API key is bound to your domains. Requests from any other origin are rejected at the edge.

Locked to your domain

Audit & access

Every prompt, query, and answer logged. Role-based access. SSO and SCIM on enterprise plans.

SSO · SCIM · Audit log

In practice

Set the policy. Inherit it everywhere.

You configure the mode at workspace level. The widget, the API, and the Chrome extension all inherit the same policy — your customers never see a less-strict surface by accident.

→ Per-customer overrides for regulated tenants
→ Per-table overrides for PII-heavy datasets
→ BYO LLM key on enterprise — route through your own provider
→ SOC 2 Type II in flight

policy.yamlworkspace · acme

defaults:
  mode: full_ai
  log_queries: true
  byo_llm: false

overrides:
  # EU enterprise tenants stay masked.
  - match:    customer.region == "EU"
    mode:     masked

  # PII tables never leave our infra.
  - match:    table.tags.contains("pii")
    mode:     local_template

Talk to us

Want to see the modes live?

We’ll walk through the exact policy you’d set for your customer base.

Book a security review See pricing