Your data is the product.
Protecting it is the job.

BeQuery holds a copy of your store's most valuable asset. This page explains — concretely, not in slogans — how it's isolated, encrypted, verified and kept read-only.

Tenant isolation by construction

Every team gets its own PostgreSQL schema. Queries execute through a server-side guard that physically fences them inside your schema — cross-tenant references, system catalogs and dynamic-SQL escape hatches are all blocked, and we red-team this boundary continuously.

Read-only, always

Every query — typed, templated or AI-generated — runs through a SELECT-only guard in a read-only transaction. There is no code path that can write to your clone from the editor, the API, reports or alerts.

AES-256-GCM encrypted credentials

Your database credentials are encrypted at rest with authenticated encryption and versioned keys. Plaintext passwords are never stored, and connection secrets are stripped from every API response.

Verified after every sync

The engine re-checks the clone against what it recorded as synced — missing tables, shortfalls, even overcounts. The verdict is shown on your dashboard, and anomalies page our operators directly.

Least-privilege access to your database

BeQuery only needs a read-only MySQL user — we generate the exact GRANT SELECT statement for you. SSH tunnels and SSL connections are supported for stores that don't expose MySQL directly.

GDPR-aware processing

EU-hosted processing, documented sub-processors in our privacy policy, and AI features that only ever see schema names and aggregated metrics — never raw customer rows.

Questions or a security report?

We take reports seriously and answer fast. Write to security@bequery.pro. For how we handle personal data, see the privacy policy.

Start free