What benefits does Looker provide with regard to GDPR compliance?
One of the architectural benefits of the Looker platform is that it creates a single, governed location for users to access data. This reduces data sprawl, leverages the world-class security of today’s most advanced databases, and gives administrators control over who’s accessing data and how long it’s cached for. The Looker platform helps businesses to empower users to analyze data and gain insights to drive business outcomes, but leaves control of your data where it belongs, in your hands.
What personal data does Looker collect and store, and for what purposes?
Looker holds two classes of data: information about Looker users and the customer data necessary to answer users’ queries.
Information about Looker users includes end-user login/registration information for Looker users as well as metadata about their usage. Metadata is used to facilitate product improvements, customer support and license auditing. Login information is controlled by customers directly as it is entered on their Looker instance and they can delete their users’ (i.e. their employees’) information at any time. We retain basic user contact information to send product updates, relevant marketing, training and events based on the users’ contact preferences.
Once Looker is connected to a customer database, the Looker cache retains data from the customer’s database that is fetched in response to a users’ queries. This data is encrypted and stored by Looker for a maximum of 30 days or 2GB of data—whichever occurs first. If you prefer, you can also take additional steps to reduce the amount of time that query results are held in cache.
Is Looker in the EU-U.S. Privacy Shield?
Looker is in the Privacy Shield effective June 7, 2018.
May I opt out of Looker Communications?
Yes. We retain basic user contact information to communicate with our customers and their users about product and security updates, relevant marketing, training and events. Looker users may opt-out of communications here.
Where does Looker host customer data?
Looker-hosted instances are hosted in the Amazon Web Services cloud. By default, Looker hosts in the Virginia (US) region, but at the customer’s request, we can host in various other regions, including within the EU. For customers who need to be hosted inside the EU, we host in AWS’s Dublin region. Customers can also host their own Looker instance on their servers.
Has Looker evaluated its security policies, management, and controls to meet GDPR?
Our data security program is designed to ensure that the policies, controls and processes are appropriate to the type of personal data and data processing collected. You can find our security policy here: https://looker.com/product/security
What security certifications does Looker have?
We have received certification for SOC2 Type 1 Report for the Looker Cloud Hosted Data Platform. We are currently in the audit evidence period for our SOC 2 Type 2 report.
How long does Looker retain customer data? Will Looker delete customer data when requested?
As a customer of Looker, you remain in control of your data and data about your users. When you remove users from your Looker instance, their data will be removed from Looker’s databases within 30 days. If you wish to delete a Looker user’s account data, we have a process to permanently anonymize the data by data engineering. If you would like Looker to delete your customer data or Looker user account detail, please send an email to firstname.lastname@example.org.
Where can I find a list of Looker’s vendors and subprocessors?
||Nature of Processing:
||Logging and security monitoring.
|Amazon Web Services (includes Cloudtrail)
||Hosting services for Looker software deployments.
||Repository of software code used to implement Looker software deployments.
||Authentication, business management.
||Marketing automation platform. Email delivery services for communications to data exporter personnel involved in the data exporter-data importer relationship. Contains names and contact information.
||Looker system cloud backups.
||Customer relationship management software. Contains names and contact information for data exporter personnel involved in the data exporter-data importer relationship.
||Email delivery services for communications to data exporter personnel involved in the data exporter-data importer relationship.
||Support chat services within the Looker software.
Where can I find Looker’s Data Protection Addendum (DPA)?
You can obtain a copy of our DPA here.
Has Looker appointed a Data Protection Officer (DPO)? Please provide contact information for the DPO.
We have appointed Lillian Pang of Taceo Limited as our DPO, email@example.com.
EU Region Headquarters
Looker Data Sciences Ireland Limited
John O'Keeffe, VP, EMEA
Block D, Iveagh Court, Harcourt Rd., Saint Kevin’s
Dublin 2, Ireland
Corporate Headquarters (U.S.)
Looker Data Sciences, Inc.
101 Church Street, 4th Floor, Santa Cruz, CA 95060