Is Sigma Computing safe with your data?

Sigma Computing

Sigma Computing, Inc.

56/100

Partial disclosure · high confidence

Sigma Computing earns a C (56/100) because it discloses its data practices only in part.

#85

of 116 apps ranked

score · BI & analytics avg —

—

vs category average

Grade scaleA · 85–100B · 70–84C · 55–69D · 40–54F · 0–39

Sigma Computing's controller-side privacy notice covers data-subject rights and international transfer safeguards well. It says nothing about AI model training, and its retention and security disclosures are vague and generic, which places it in the middle of the C band. Because it is a controller document for a BI platform, customer-uploaded data and outputs are governed by a separate Customer Agreement and are outside this policy's scope.

What Sigma Computing's privacy policy says about your data

Detailed rights with a response window

Section 5 lists access, correction, deletion, portability, restriction, and opt-out rights. Section 5.3 commits to confirming receipt within 10 business days and responding within 30 to 45 calendar days.

Named transfer safeguards

Section 7 relies on the European Commission Standard Contractual Clauses and the UK International Data Transfer Addendum. Sigma is also self-certified under the EU-U.S., UK Extension, and Swiss-U.S. Data Privacy Framework.

Vague retention with no timeline

Section 8 keeps data only so long as reasonably necessary for legitimate business purposes, with no day-count and no deletion timeline. This is the weakest part of the notice.

Generic security and no breach clause

Section 9 promises industry standard technical and organizational measures with no named controls such as TLS or AES-256. The notice never states a breach notification commitment.

What the policy is silent or vague on

Not stated: keeping user inputs out of model training
Not stated: a way to opt out of training
Not stated: whether training use differs by plan
Not stated: your ownership of generated outputs

Sigma Computing privacy rating

Training-data use0 of 4 disclosed

Keeps user inputs out of model training, or makes training opt-inSilent

Names a way to opt out of or into trainingSilent

Says whether training use differs by plan or tierSilent

Lets the user keep ownership of generated outputsSilent

Data-subject rights5 of 5 disclosed

Grants a right to access your dataDisclosed

Grants a right to delete your dataDisclosed

Offers data portability in a usable formatDisclosed

Grants a right to correct your dataDisclosed

Grants a way to object to or opt out of processingDisclosed

Retention and deletion0 of 4 disclosed

States a retention period for your dataPartial

States a deletion timeline after closure or requestSilent

Sets a shorter retention for AI conversation logsSilent

Commits to collecting only the data it needsPartial

Third-party sharing3 of 5 disclosed

Lists the categories of third parties it shares withDisclosed

References a sub-processor list or data processing agreementPartial

Does not sell or share data for advertising, or offers opt-outPartial

Names a safeguard for international data transfersDisclosed

States a standard for government and law-enforcement accessDisclosed

Transparency3 of 4 disclosed

Discloses that you are interacting with AIDisclosed

Enumerates the categories of data it collectsDisclosed

Maps processing purposes to legal basesPartial

Is versioned and dated, with change noticeDisclosed

Sensitive data and children2 of 2 disclosed

Discloses automated decisions and a human-review pathNot applicable

Limits the use of special-category dataDisclosed

States protections for children's dataDisclosed

Security and accountability1 of 3 disclosed

Describes its security safeguardsPartial

Commits to breach notificationSilent

Names a certification or a privacy contactDisclosed

DisclosedPartialSilentAdverseNot applicable

Details

Category: BI & analytics
Modalities: text
Processes biometrics: No
Policy last updated: 2026-02-11
Region scored: Global / US-default
Assessed: 2026-06-20

Read Sigma Computing's privacy policy

Other bi & analytics apps

ThoughtSpotC

Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.