Top Gradient

SELECT's AI Policy

Last updated

Sunday, January 18, 2026

This policy sets out how AI is leveraged at SELECT to deliver meaningful value and minimize risks.

Why do we use AI?

We have a cautious approach to any new technology, AI included. In recent months, the capabilities of LLMs have accelerated at pace, and present clear opportunities for SELECT to provide even more value to our customers. AI has been proven to excel at tasks such as interpretation of disparate data, summarisation, and communicating complex information in understandable and natural language. We leverage these capabilities across SELECT to:

  1. Summarise key Snowflake query data which previously required manual exploration and analysis
  2. Provide understandable, concise descriptions of complex queries
  3. Identifying inefficiencies and propose remedial actions across your Snowflake account

Your data will always be your data

  1. Strict data lifecycle. All data you provide to SELECT is processed only for the purposes you authorize, and is securely deleted afterwards.
  2. We don’t train AI on your data. We never use your data in the training of AI models.
  3. Data Ownership. You retain ownership of all of your data. We have zero data retention agreements in place with our AI model providers. We do not sell your data, nor share it with any third parties except where required for the operation of the service. Our list of subprocessors is maintained and publicly available on our website.

How AI features are implemented at SELECT

  1. Data Retention: When we engage third-party AI tools or services, your Snowflake usage metadata is processed only in a secure, transient manner. The only data transmitted to our AI subprocessors are sanitized query text and performance metrics - no sensitive data. We are currently working on establishing ZDR policies with our AI sub-processors, who by default retain prompt data for up to 30 days for identification of abuse and illegal activity. Once ZDR is enabled, the metadata will be neither stored nor retained by the third party.
  2. Compliant Vendors Only: We carefully select and vet our third-party partners to ensure they meet the most stringent compliance standards, including GDPR, CCPA, SOC 2, ISO 27001, and HIPAA. Each vendor must demonstrate adherence to rigorous privacy, security, and ethical guidelines before being integrated into our systems.
  3. Vetting and Monitoring: Our due diligence process doesn’t stop at onboarding. We continuously monitor all third-party tools to ensure they maintain compliance with our security standards, adapting to any regulatory changes or emerging threats.

Compliance and auditing

SELECT is committed to meeting and exceeding industry standards to give you complete peace of mind. Our compliance measures include:

  1. SOC 2 Type 2 Certification: This certification demonstrates our unwavering commitment to managing your data securely and protecting the privacy and interests of your organization. It covers critical areas like security, availability, processing integrity, confidentiality, and privacy.
  2. Regular Audits: We conduct routine internal and external audits to verify that our practices align with the latest compliance standards. This proactive approach ensures we stay ahead of potential risks and regulatory changes.

Fortified Architecture for Data Security

We employ security technologies and practices to safeguard your data at every step of its journey.:

  1. End-to-End Encryption: Your data is encrypted at all times—whether at rest or in transit—using AES-256, the highest encryption standard available. This ensures that even if intercepted, your data remains completely unreadable.
  2. Secure APIs: All data exchanges occur through authenticated APIs, ensuring that only authorized systems and personnel can access your data.
  3. Zero-Trust Policies: Our systems operate on a zero-trust basis, meaning no user or device is trusted by default. Every access request is verified, authenticated, and logged, ensuring maximum security at all times.
  4. Multi-Factor Authentication (MFA): We require MFA for all access points to prevent unauthorized logins, even if credentials are compromised.
  5. Data Backups and Disaster Recovery: Redundant backups and a robust disaster recovery plan ensure your data is safe and accessible, even in the unlikely event of a system failure.

More information on our security policies can be shared upon request.

Transparent and Explainable AI

Trust in AI depends on transparency and the ability to understand its decisions. That’s why we emphasize:

  1. Auditable Decisions: Every output produced by our AI systems is logged in a comprehensive audit trail to ensure compliance and accountability.
  2. Minimize "Black Box" Solutions: We prioritize explainability, ensuring you understand how and why decisions are made. To this end, we minimize the risk of hallucinations by hand-writing key decision making logic, using AI only for use-cases which benefit such as SQL generation, once we have high confidence in the initial recommendation.
  3. Human-in-the-loop: Our AI features do not take any actions automatically. Instead, the outputs are provided as recommendations and are to be used as direction-setting by our users, who apply their own judgement in their application.

Secure By Design

SELECT ensures the security and privacy of your data with the following additional safeguards:

  1. Data Siloing: Each client’s data is processed in isolated, virtualized environments. This eliminates cross-contamination risks, ensuring that your data remains completely separate from other clients’ information.
  2. Failsafes and Redundancies: Our systems are built with multiple layers of failsafes, including redundant storage solutions. These measures ensure that unauthorized access, data corruption, or unexpected outages are swiftly mitigated.
  3. Real-Time Monitoring: We monitors systems 24/7, using advanced analytics to detect and respond to potential threats in real time.
  4. Incident Response Plan: In the unlikely event of a security issue, we have a dedicated incident response team trained to contain, investigate, and resolve the issue quickly, minimizing any potential impact.

Our Commitment to You

At SELECT, we are committed to delivering on the value that AI can provide without compromising your data security. If you have any questions about our practices or would like to discuss your specific security requirements, reach out to [email protected].