This is mentioned on the site:

We only ever fetch aggregate data, so none of your user's Personally Identifiable Information ever hits our servers.

when the client has provided with you all the access and secret keys, you can run any query and get the company level data from them, can you plz elaborate how you are providing the reliability to the companies

We use the access to pull aggregate information by using common table expressions (for SQL sources). We always give you all the SQL that was used to generate the data (view queries). All connection information is stored encrypted or in environment variables. Finally, since we're open source, you're welcome to look to see we are not doing anything that would compromise a clients data

@rough-forest-14169 — I am simply a growthbook user so not speaking for growthbook. But if you want to hide all data that is unnecessary (PII or otherwise) you can take the step of managing the user access you give to the user account you setup in snowflake/redshift/bigquery etc. Just don’t give that user access to the schemas, tables, and/or columns that you want to isolate from the experimentation. So you do have control over that if you want to take the time to setup an account on your database that has a least-privilege security setup.