I think what they do is host an instance/shard of their tools for each customer, probably on a public cloud provider like AWS. Palantir manage the software, the customer provides the data.
Palantir’s engineers absolutely could have access to any data in their tools if they wanted it enough (they write the software, after all), but I would assume that there are various safeguards in place - the CIA absolutely wouldn’t want Palantir staff accessing their data, but on the flipside the CIA might be very keen for Palantir staff to help them access data owned by another country’s intelligence agencies…
I think what they do is host an instance/shard of their tools for each customer, probably on a public cloud provider like AWS. Palantir manage the software, the customer provides the data.
Palantir’s engineers absolutely could have access to any data in their tools if they wanted it enough (they write the software, after all), but I would assume that there are various safeguards in place - the CIA absolutely wouldn’t want Palantir staff accessing their data, but on the flipside the CIA might be very keen for Palantir staff to help them access data owned by another country’s intelligence agencies…