PRIVACY & DATA HANDLING
How Query Fanout handles logs submitted for design-partner autopsies and hosted API usage.
AUTOPSY UPLOADS
- Input: search queries and search counts you choose to export. We do not require full agent traces or customer records.
- Validation: uploaded files are scanned for common PII patterns (emails, API keys, SSN-like strings) and flagged in the validation response.
- Retention: raw uploaded files are deleted within 14 days of delivering your report.
- Report output: aggregate savings, patterns, and example queries — no raw customer PII in deliverables.
- Access: uploads are stored per-tenant on isolated hosted storage; only Query Fanout team processes design-partner submissions.
HOSTED API /evidence
- Queries and audit metadata are written to your tenant’s audit log for governance and dashboard metrics.
- Search results pass through to your agent; we do not sell or share query data with third parties.
- API keys are tenant-scoped. Rotate or revoke keys on request.
YOUR OBLIGATIONS
Redact end-user identifiers before sending logs. If your export pipeline cannot redact automatically, email us and we will help scope a safe subset.
Questions: autopsy@queryfanout.dev · contact page
CHANGES
Design-partner terms may evolve as we move to paid contracts. Material changes will be communicated to active design partners by email.
Last updated: June 2026