DrillerDB Product Labs

Privacy for early-access experiments

These public experiments use sample data only. Do not submit customer records, job files, production data, credentials, or regulated documents.

Sample workspace state on this device

Each domain app stores its fictional sample workspace in this browser's first-party localStorage. The domain apps do not send that sample workspace state to DrillerDB. Never enter real customer, job, regulated, credential, or production data.

Confirming the app's Reset demo control removes only that app's saved localStorage workspace and restores its fictional seed. It does not clear the selected demo role, the experiment cookie, or server-side experiment records. The fictional demo role is stored separately in first-party sessionStorage. Switch demo role removes that app's demo-role key; closing the browser tab or window clears its sessionStorage. Clearing this site's browser data removes both kinds of browser storage.

First-party session and interaction records

Opening a marked product page creates a product-scoped first-party session cookie that expires after 14 days. The experiment service records fixed interactions such as opening early access, opening the sample workspace, opening or submitting structured feedback, selecting an offer response, or recording return interest. Those records contain the product, time, interaction type, fixed response where applicable, and a pseudonymous keyed session value. They do not contain raw IP addresses. A separate keyed, product-scoped IP value is used only for abuse controls.

Server-side session and structured interaction records are retained for the duration of this bounded experiment so the experiment can be evaluated. Early-access and feedback records are retained with that experiment dataset unless a supported deletion request is completed. Contact support@drillerdb.com to request deletion of a record you submitted.

Early-access, feedback, deletion, and recovery

When you deliberately submit an early-access or feedback form, contact fields are encrypted at rest. Separate keyed blind indexes are used only for limited duplicate handling. Controlled plaintext follow-up exports are automatically removed after 7 days. Same-host encrypted recovery sets are automatically removed after 30 days. Independently encrypted off-host recovery sets use a separate operator-confirmed 30-day pruning procedure; that off-host pruning is not automatic.

A verified deletion removes the matching live experiment session graph and any matching controlled follow-up export that has not already been copied or actioned outside the controlled directory. Immutable older recovery sets are not rewritten. Instead, an independently preserved latest deletion ledger is required during every restore and prevents an older recovery set from resurrecting a deleted session. A deletion cannot retract information that was already copied or actioned outside that controlled export directory.

What is not enabled

There are no third-party analytics or ad trackers, uploads, passwords, payment collection, automated email, ad activation, or customer-workflow integrations in this experiment.

Qualification responses remain unadjudicated and are not a commercial gate conclusion.

Return to Product Labs