> For the complete documentation index, see [llms.txt](https://docs.infotopics.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.infotopics.com/deployment-and-licensing/security-and-data-protection/product-data-handling-and-architecture.md).
# Product data handling & architecture
### How Tableau extensions work
Tableau Extensions (`.trex` files) are web applications that run **inside Tableau dashboards** using Tableau’s Extensions API.
Key security characteristics:
* Extensions cannot access data unless Tableau explicitly provides it
* Tableau governs authentication and permissions
* Extensions operate within Tableau’s security boundaries
* Data access is scoped to the workbook and user permissions
This ensures extensions cannot bypass Tableau’s built-in security model.
***
### Product-level data processing
Not all Apps for Tableau store or process data externally.
| **Product** | **Stores Data** | **Type of Data (if any)** |
| ------------------ | --------------- | ------------------------------------------------- |
| SuperTables | No | – |
| PowerKPIs | No | – |
| ShowMeMore | No | – |
| DrillDownTree | No | – |
| EasyDesigns | No | – |
| HierarchyFilter | No | – |
| Marginal Histogram | No | – |
| PictureThis | No | – |
| ProcessMining | No | – |
| DashboardGuide | No | – |
| WriteBackExtreme | Yes | – |
| MailScheduler | Yes | Audit logs, mailing lists (incl. email addresses) |
| DashboardUsage | Yes | Fingerprints, user actions |
### Share vs Enterprise security model
#### Share (SaaS)
* Hosted in segregated Azure environments
* Infrastructure managed by Infotopics
* Security controls aligned with ISO standards
* Customers manage Tableau permissions only
#### Enterprise (Self-hosted)
* Hosted in customer-controlled infrastructure
* Customers manage OS, network, access, and backups
* Infotopics provides the application and documentation
Both models use the same application codebase and follow the same security principles.
***
### Environment isolation
For Share deployments:
* Each customer operates in a segregated environment
* No data is shared between customers
* Logical and operational isolation is enforced
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:
```
GET https://docs.infotopics.com/deployment-and-licensing/security-and-data-protection/product-data-handling-and-architecture.md?ask=&goal=
```
`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.