AI assistant data handling

TL;DR

• The AI assistant processes your questions, database metadata, and query results to answer and build visualizations.

• Conversation history is stored on the platform so users can continue a thread.

• Sub-agents (query building, chart building, exploration) run in isolated steps; only the main assistant thread keeps long-lived history.

• Third-party AI providers may receive prompts and context when AI features run — see Third-party subprocessors.

When to use this

Use this page when assessing privacy impact of AI chat, what may be retained after a session, and what may be sent to external AI services.

What the assistant processes

During a conversation, the assistant may use:

• User messages and assistant replies

• Database metadata (table and column names, descriptions) to understand your data model

• Query results from your connected database (for example previews or aggregated answers)

• Optional context from your embed integration (non-identifying clues you provide)

Query results used in AI workflows are fetched on demand from your database; they are not bulk-downloaded into a Toucan data store. See Data storage & retention.

What the assistant stores

Clearing a conversation removes that thread’s stored assistant history.

Third-party processing

Depending on configuration, AI requests may be processed by:

• An LLM provider (for example Mistral or another provider configured for your deployment)

• Analytics or tracing tools (for example product analytics or execution tracing)

Best practices

• Do not include personal data in optional AI context fields.

• Use row-level security so the assistant only queries data the end user is allowed to see.

• Clear conversation history when your product requires it (for example on logout or account closure workflows you implement).

• Review subprocessors if your compliance program requires a register of external processors.