Last updated: June 2026
This policy explains what data Overscore collects, how we use it, where it flows, and the control you have over it. We've kept it in plain English because we want you to actually read it. Overscore is a free beta product provided "as is," and you use it at your own risk; the most important thing to understand up front is the split below.
This policy covers the data we control (your account, the things you build, our marketing and website data). The data that flows from your own data warehouse through Overscore is handled on your behalf as a processor under our Terms of Service, not under this policy. This Privacy Policy is part of, and subordinate to, our Terms of Service; if the two ever conflict on a matter of liability, warranties, or acceptable use, the Terms control.
Overscore is a product of Query Ventures LLC (United States), which is the controller of the data covered by this policy and is responsible for it. You can reach us about privacy at privacy@overscore.dev. References to "Overscore," "we," "us," and "our" mean Query Ventures LLC.
There are two very different kinds of data involved when you use Overscore, and they are governed differently.
Data we control. This is the data we decide what to do with: your account and profile, the metadata for the projects and dashboards you build, the query names and SQL you register, the marketing and inquiry data you give us through our website, and our usage analytics. This Privacy Policy covers that data, and for it we act as the data controller.
Data we process for you. When you connect your own data warehouse and we run the queries you've registered, the rows that come back belong to you. We only touch them to do the job you asked us to do, on your instructions. For that data you are the controller and we are your processor. How we handle it is governed by our Terms of Service (and, where we act as your processor, by the data processing terms referenced there) and by your own privacy obligations to the people that data is about — not by this policy. We don't decide what's in your warehouse, what you query, or who you share the results with. You do.
If any of the people whose information sits in your warehouse have privacy questions, those go to you, not to us. You are responsible for telling your own users and viewers how their data is used.
Not for regulated or sensitive data. Overscore is a beta product with no compliance certifications. It is not intended for, and you must not connect, query, or publish, data subject to HIPAA, PCI-DSS, or other regulated regimes, or any personal, health, or financial records, without first anonymizing or aggregating it. See the acceptable-use section of our Terms of Service for the full restrictions, which you accept when you use the service. The controller/processor split above depends on you honoring this.
Account and profile. When you sign in with Google, we receive your name, email address, and profile picture, and we store them to identify your account. If you choose to set up a public profile, we also store the optional fields you add: a handle, a short bio, whether your profile is public, whether you're available for work, and links to your LinkedIn and website. New accounts are gated behind a beta-access step during the beta.
Projects, dashboards, and analyses. We store the metadata for the things you build: names, slugs, descriptions, visibility and access settings, and how you group them into collections. We also store the SQL query text and query names you register, and any project context or knowledge notes you author to guide your local tooling. These are stored as written, so please don't put secrets, passwords, or anything sensitive in query names, SQL, or context notes — and remember that project members and our staff with database access can see them.
Your warehouse credentials. If you connect a warehouse, we store the service-account credential you upload, encrypted. See "Connecting your data" below for exactly how this is handled.
Access and team data. We store project memberships and roles, your invitations, and — for API and command-line access — keys and device tokens, which we keep only as one-way hashes, never as readable secrets.
Uploaded datasets. If you upload a dataset directly (rather than querying a warehouse), we store that file and its basic metadata, such as row and column counts and size.
Query results. When you don't enable caching, results pass through to your browser and are not stored. When you do enable caching, we store the results for the time you configure. See "Your results, and caching" below.
Operational logs. We keep limited security and operational logs to run the service safely and to spot problems — for example, records used to monitor access to sensitive data, to track refreshes of cached results, and to enforce rate limits. We also keep daily usage snapshots (for example, billable seat counts and how much storage a project is using) so we can show you what your usage would cost on a paid plan. Nothing is being charged during beta.
Marketing and inquiry data. If you fill out one of our website forms (for example, to request access or contact us), we collect the name, email, and any answers you provide, along with basic campaign and referral information (such as the link or ad that brought you to us) and the page you submitted from. If we offer a way to book a call, that booking is handled by a third-party scheduling provider, which collects your booking details as a separate controller under its own privacy policy; we only record that a booking happened.
Usage analytics. We use a product-analytics provider to understand how the product is used — page views, page exits, interactions, and product events like signing up or deploying a dashboard. The data tied to these events can include your user ID, email, the pages you visit, your browser's user-agent, and names or slugs of the features and projects you touch. Our analytics provider does not receive your query content or your result rows. Analytics is optional and is not enabled in local development.
Cookies. We set the cookies needed to keep you signed in and to grant access to dashboards shared with a team, plus the analytics described above. See "Cookies" below.
To read from your data warehouse (currently Google BigQuery), you give Overscore a service-account credential. Here's exactly what happens to it:
The most important part is on your side. You control what that credential can do. We strongly recommend you create a dedicated, read-only service account scoped to only the datasets Overscore needs, and never grant it write, edit, or owner permissions. And do not connect datasets containing regulated or highly sensitive data — Overscore is a beta product with no compliance certifications (see "Scope" above and our Terms). Read-only access on your side is the real security boundary. Overscore offers guidance and a best-effort warning if a connected account looks too powerful, but we cannot enforce least privilege — only you can, through your warehouse's own permission settings.
You also pay your own warehouse bill. Overscore runs your queries against your warehouse using your credential, so any data your queries scan is billed to your own cloud account. You're responsible for safeguarding, rotating, and revoking your own credentials and keys; if a credential is ever compromised, revoke it in your cloud provider's console.
Caching is optional and you configure it per dashboard.
When caching is off, results are transient. They pass through to your browser to render and are not stored on our servers afterward.
When caching is on, we store the results only for the retention period you configure, and delete them when it expires. We refresh or expire them according to the mode and timing you choose, and we periodically clean up results that are no longer in use. While stored, results are protected in transit, and we check that the requester is authorized before we issue the link that returns the data. Cached results are not separately encrypted at rest, so the protection for cached data is access control plus short expiry, not at-rest encryption — don't cache anything you wouldn't be comfortable storing unencrypted.
Two things to understand and design around. First, a dashboard's cache is shared by everyone who can view that dashboard — there is no per-person or per-row filtering within a single cached result, and isolation between accounts operates at the project level, not within a shared dashboard cache. If different viewers should see different data, build that as separate queries or dashboards rather than relying on the cache to split it. Second, a link that returns cached data acts as access for its short lifetime, so treat any URL that returns data as something to keep private and share it only with people who should see that data. Because such a link works on its own until it expires, revoking a person's access does not immediately invalidate a link they have already obtained — their access ends when the link expires.
Overscore is AI-enabled, not AI-powered. All AI work — generating templates, authoring queries, producing sample data, binding a template to your data — runs entirely on your own machine, in your own local Claude Code session, on your own tokens.
Overscore makes no server-side AI calls of any kind. We don't run, proxy, bill for, or even see that AI activity. Our role is to store the project context you author so it can be made available to your own local tooling. That context is returned only to you (your authenticated session or command-line tool) and is never forwarded to any AI service. No query content or result rows are ever sent to any AI model — by us or through us. We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.
We use the data we control to:
You decide who can see what you build. Each dashboard or analysis has a visibility setting:
Be deliberate with Public. A public dashboard or analysis exposes its full results to anyone who has the URL. There is no sign-in, no password, and no link expiry on a public link. Only publish publicly what you're comfortable being seen by anyone who comes across the link, and only point your queries at data you're allowed to share that way (and never regulated or sensitive data — see "Scope").
Marketplace templates are different and safer by design: a published template carries only your design, sample (dummy) data, and the names of your queries — never your real SQL and never real warehouse data. Even so, before publishing one, make sure the design and sample data contain nothing you wouldn't want public, because we don't anonymize them for you.
We do not sell your data, and we don't share it with anyone for advertising. We share data only with the service providers that help us run Overscore, and only as needed for them to do their job. We describe them here by function rather than by name, because publishing our exact vendor list is a security risk. They include:
Your own data warehouse (currently Google BigQuery) is, of course, your service, not ours — you hold its contract, billing, and data residency. Overscore simply runs your queries against it with the credential you provide. The end-user-facing sign-in method we use to identify you is "Sign in with Google."
We may also share data if we're legally required to, or to protect Overscore, our users, or the public. If Overscore is ever involved in a merger or acquisition, data may transfer as part of that; we'll let you know, and this policy (or a successor that protects your data to an equivalent standard) will continue to govern it.
More specific details about the categories of service providers we use are available on request — email privacy@overscore.dev.
We use cookies for two purposes. The first is strictly necessary: cookies that keep you signed in and that grant access to dashboards shared with a team. Without these, the service can't function. The second is analytics, as described above, which is optional and not enabled in local development.
We do not use third-party advertising cookies, advertising pixels, or session-replay trackers.
We keep account and profile data, and the metadata for the things you build, for as long as your account is active. If you close your account, we delete that data within 30 days. (Before you can close an account, you'll need to transfer or delete any projects you own.)
Cached results are deleted when the retention period you set expires, on a best-effort basis, and any leftover results are removed by a background cleanup. Uncached results aren't stored at all.
We retain operational and security logs, marketing and inquiry data, and analytics data only as long as we need them for the purposes described in this policy or as required by law, and we are working to publish concrete retention windows for each category. You can ask us to delete data about you at any time using the contacts below. If you'd like a precise retention period for a specific category in the meantime, email privacy@overscore.dev.
We take reasonable measures to protect the data we hold. In plain terms: we encrypt data in transit; we encrypt your warehouse credentials at rest and decrypt them only briefly within our secured backend to run a query; we tightly restrict access to our most sensitive data; and we enforce isolation between projects so one project's data isn't visible to another. (As noted under "Your results, and caching," this isolation operates at the project level — a dashboard's cached results are shared by everyone who can view that dashboard.) Published dashboards are served with strict security headers and are isolated from our main application, and every request is authorized before files are served. API keys and command-line tokens are stored only as one-way hashes.
These descriptions are provided for transparency and do not create any warranty. Overscore is a beta product, and no system is ever completely secure. We can't guarantee absolute security, and you use the service at your own risk. The strongest protection for your warehouse data is the read-only, least-privilege access you grant on your own side. Your use of Overscore is governed by, and subject to the disclaimers and limitations of liability in, our Terms of Service.
Overscore is operated from, and hosts data in, the United States. If you access the service from outside the U.S. — including from the EEA or the UK — your data will be transferred to and processed in the U.S. and in other countries where our service providers operate. Where required, we put appropriate safeguards in place for these transfers (such as the European Commission's Standard Contractual Clauses and the UK addendum) with providers that support them. By using Overscore, you understand that your data will be processed in the U.S.
Wherever you are, you can ask us to access or delete data we hold about you — just email privacy@overscore.dev and we'll respond within 30 days. We handle these requests manually today, and we may need to verify your identity first.
If you're in the EEA or the UK. You have the right to access your personal data; to correct it; to have it erased; to restrict or object to our processing of it; to data portability; and, where we rely on consent, to withdraw that consent at any time. You also have the right to lodge a complaint with your local data-protection authority.
If you're in California. Under the CCPA/CPRA, you have the right to know what personal information we collect and how we use it; to request deletion; to correct inaccurate information; and to opt out of any "sale" or "sharing" of personal information. We don't sell or share your personal information, so there's nothing to opt out of, and a Global Privacy Control or "Do Not Track" signal therefore has nothing to apply to — but you won't be treated differently for exercising any of your rights.
If you're in Nevada. We do not sell your personal information as defined under Nevada law; if you'd like to register a request not to sell, email privacy@overscore.dev.
Overscore is a business tool and is not directed to anyone under 18, consistent with the age requirement in our Terms of Service. We don't knowingly collect personal information from children. If you believe a child has provided us information, email privacy@overscore.dev and we'll delete it.
We may update this policy as the product evolves. When we make a material change, we'll update the "Last updated" date at the top and give reasonable notice; material changes take effect 30 days after we post them. Continued use of Overscore after a change takes effect means you accept the updated policy.
Privacy questions or requests: privacy@overscore.dev. For anything else, you can reach us at hello@overscore.dev.