Your data flow,
in plain English.
We make a specific claim: your file's contents never leave your browser. This page documents exactly what that means technically — what stays local, what is sent for AI planning, and how you can verify both yourself in 30 seconds.
Here's exactly what happens when you use it.
No marketing language. Here it is.
- Every row of your fileCell values, formulas, names, numbers, dates — never transmitted.
- Computed resultsAggregations, totals, joins, pivots — calculated in-browser, stay in-browser.
- Intermediate node outputsEach step of your workflow runs locally. Outputs of one node feed the next without ever leaving.
- The file itselfUploaded files live in your browser's memory only. Cleared on page refresh.
- Column names (header row)So the AI knows what fields exist. If your header row contains sensitive labels (names, IDs), rename before upload.
- Column data types"date", "number", "text", etc. Inferred from sampling — values themselves stay local.
- Your prompt textThe natural-language question you ask. Treat it like a ChatGPT prompt — don't paste sensitive content into it.
- Generated SQLThe query the AI writes — it references column names but not values.
patient_ssn or salary_jane_doe — rename them before uploading. The column header row is the one piece of your file that does leave the browser. Generic names (id, amount, date) are always safe.Who else sees what.
Every service we use, what they see, and why. Standard SaaS infrastructure — no data brokers, no ad networks, no resale.
| Service | Purpose |
|---|---|
| OpenAI (gpt-5.5) | Workflow planning |
| Clerk | Account / authentication |
| Stripe | Billing (when subscribed) |
| PostHog | Product analytics |
| Render | Hosting infrastructure |
View "what they see" details (mobile)
Four things we never do with your data.
Each one is verifiable by inspecting the architecture or our agreements.
30 seconds. Browser DevTools. Done.
Don't trust the marketing. Trust the network tab.
- 1Open the canvas at gptbeyond.com/tryUse any browser that has DevTools (Chrome, Firefox, Edge, Safari).
- 2Press F12 to open DevToolsCmd+Opt+I on Mac. Click the "Network" tab.
- 3Clear the log, then drop a fileClick the 🚫 icon in the Network tab to clear. Drop your CSV/Excel onto the upload zone.
- 4Watch the Network tab as you dropResult: nothing new appears in the log. The file load is purely client-side — no upload request.
- 5Ask a question in the promptWhen you submit, you'll see a POST request to /api/chat. Click it.
- 6Inspect the request payloadIn the request body, you'll see your prompt text and the column metadata being sent to our server (which then calls OpenAI). You will NOT see file rows, cell values, or computed totals.
- 7Check the responseThe response contains the SQL the AI wrote — referencing column names but not values. The actual workflow execution happens after this, locally in DuckDB-WASM.
ZZZZZ-UNIQUE-MARKER-1234 in a few rows. Then search the entire Network log for that string. If it's not there, your row data is genuinely staying local.Reviewing this for company use?
Short version for IT review and DLP/whitelisting decisions. Pass this URL to your security team.
This page is our technical architecture and data-flow documentation. A formal Privacy Policy and Terms of Service will be published alongside our paid subscription launch.
For privacy questions in the meantime, email privacy@gptbeyond.com. For data-access or deletion requests under GDPR or CCPA, the same address.