Applications you create with Aha! Builder handle data in compliance with Aha!'s enterprise privacy standards. Run privacy reviews to evaluate how your application handles personal data, then share the results with your compliance team.
Click any of the following links to skip ahead:
Privacy reviews
Navigate to Operate → Documents → Security → Privacy to access four on-demand reviews:
PII related data in use: Identifies personal data your application collects, processes, and stores
GDPR review: Assesses compliance with the General Data Protection Regulation
CCPA review: Assesses compliance with the California Consumer Privacy Act
Cookie usage review: Analyzes cookies used by the application and their purposes and lifespans
Click Run review to generate results for any review. Run these reviews before deploying to production or whenever you add new data-handling functionality to your application.
Did your application fail a review or pass with a low score? Give the Report to Elle (the AI assistant) and ask for suggested improvements, then rerun the review.
Data isolation
Each application you create in Aha! Builder gets its own PostgreSQL database and data model. Application data is isolated at the database level — it is not shared across applications or with other customers' data.
Compliance
Aha! is GDPR compliant and participates in the EU-U.S. Data Privacy Framework. These commitments extend to the infrastructure that runs Aha! Builder applications. Aha! does not sell the personal data of application users.
Data ownership and portability
You own all data stored in your Aha! Builder applications. The underlying application code — including the database configuration — is fully visible and downloadable at any time. You can export the complete codebase and use it independently of Aha! software.
For information about how Aha! secures the code and infrastructure of Aha! Builder applications, see Aha! Builder application security.