Profiles Copilot Security and Compliance

Understand Profiles Copilot’s security model, data access scope, and privacy guarantees when building Profiles projects.

2 minute read

This guide explains Profiles Copilot’s security model, access scope, and data privacy guarantees when building Profiles projects.

Overview

Profiles Copilot is a web-based IDE hosted by RudderStack that includes an AI-powered chat interface to help you build Profiles projects.

Since Profiles functions as a semantic model builder for customer data, the AI copilot may need to query your data warehouse to provide relevant assistance. These queries may access tables containing personally identifiable information (PII) as stored in your warehouse.

Access control

This section explains Profiles Copilot’s access control policy.

Warehouse selection

When entering Copilot, you select the warehouse destination to use from your configured RudderStack connections. Copilot inherits the permissions of the selected warehouse connection.

Tip: Follow the principle of least privilege when configuring warehouse credentials.
Grant read-only access to source data tables and write access only to Profiles output schemas.

What Copilot can access

Copilot operates within your selected warehouse connection’s permissions. If your warehouse credentials allow access to tables containing PII, Copilot can query that data to provide relevant assistance.

Warehouse isolation

Copilot can only access the warehouse connection you explicitly select. It cannot access other connections you may have configured, or other parts of the workspace.

Data privacy

This section covers details on the model provider used for Profiles Copilot and its data retention and PII handling policies.

PII handling

Unlike RudderStack’s AI chatbot (Rudder AI), Copilot does not mask PII. When Copilot queries your warehouse to answer questions, raw results, including any PII in those tables, are processed to generate responses.

Configure your warehouse connection permissions carefully — your warehouse credentials determine what PII Copilot can access.

AI model provider

Profiles Copilot uses foundation models (for example, Claude Sonnet) hosted on Amazon Bedrock to process your queries and generate responses.

According to AWS Bedrock’s data protection policies:

Your prompts and warehouse query results are not shared with third-party model providers (Anthropic, Meta, etc.)
Amazon Bedrock does not use your data to train models
Data remains in the region where your RudderStack control plane is hosted
All data is encrypted in transit (TLS 1.2+) and at rest

What RudderStack collects

RudderStack collects Copilot usage data for product improvement, including chat interactions and warehouse queries executed during sessions.

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.

Questions? Contact us by Email or on Slack