Security and trust

Datplan DataPull is designed to give users a controlled way to pull authorised source data, prepare reporting outputs, and understand what happened during each run.

Security model in plain English

User-authorised access

Supported sources use user-authorised access flows where available. Users should only connect accounts they are authorised to use.

Source-specific access

Source access is controlled by the source and plan purchased for the user email address.

Support-safe diagnostics

Support content should avoid access tokens, secrets, local paths, raw datasets, and screenshots containing sensitive information.

For IT and technical reviewers

Datplan DataPull is not positioned as a cloud-hosted analytics warehouse. The product focuses on user-authorised source pulls, desktop reporting workflows, ETL, export generation, audit output, and reconciliation logs. Public documentation avoids exposing internal infrastructure names, secrets, private URLs, or implementation identifiers.

Technical reviewers should assess user access, source permissions, export handling, device controls, support-data handling, and source-provider permissions as part of their own internal controls.

Support safety rules

Use app-generated diagnostics where available.
Do not send raw tokens or secrets.
Do not upload raw source datasets unless Datplan requests them through a secure channel.
Blur or remove client names, emails, IDs, and sensitive financial or CRM data from screenshots.