Security & Permissions

FactorPrism runs entirely inside your Snowflake account and asks for the least access it possibly can — read-only, on just the table or view you choose.

Your data never leaves Snowflake

FactorPrism® is a Snowflake Native App. It installs and runs entirely within your own Snowflake account, and all analysis happens server-side inside Snowflake's secure infrastructure. Your business data is never copied out, never sent to an external service, and never transmitted to us. Even the AI-powered insights run in-account via Snowflake Cortex — so your data stays protected by your own Snowflake security controls end to end.

Read-only access to your data

The only access FactorPrism® ever has to your data is SELECT (read-only) on the single table or view you explicitly connect. The app cannot modify, delete, overwrite, or export your data — those permissions are never requested and, by Snowflake's design, cannot be granted to it. You choose exactly which object to analyze, and that choice is the entire scope of its reach into your data.

Exactly what the app requests

FactorPrism® follows the principle of least privilege. Here is the complete list of what it asks for at install:

1. Read your chosen data — required

SELECT on the one table or view you bind to the app. Read-only, scoped to that object alone.

2. Run AI inside Snowflake — required

A Snowflake-provided database role to invoke Snowflake Cortex AI functions, which generate the plain-language insights. This grants compute, not access to your data, and runs entirely within Snowflake.

3. Save your analyses — optional

An optional permission to create a database in your own account so the app can store your saved sessions and settings. This is used solely for the app's own storage; it gives the app no access to your existing data. Decline it and FactorPrism® still works — you simply won't be able to save sessions between visits.

What FactorPrism® never asks for

• No permission to write to, change, or delete your business data
• No account-administration or grant-management privileges
• No ability to move or export data out of your Snowflake account
• No sharing of your data with any third party
• Your data is never used to train any model

You stay in control

Every permission is granted — and can be revoked — through Snowflake's standard application Privileges and References screens, with a clear description of each. Your account's own security policies apply in full: network policies, multi-factor authentication, role hierarchy, and access controls all continue to govern the app exactly as they govern everything else in your account.

Security questions?

We're glad to support your security review. For questions, documentation requests, or vendor-assessment paperwork, contact us at info@factorprism.com. You can also review our Privacy Policy.