Data Processing Agreement

Last updated: February 1, 2026

1. Introduction

This Data Processing Agreement ("DPA") forms part of the Terms of Service between you ("Customer", "Controller") and Aizen Analytics ("Aizen", "Processor") for the use of our analytics services. This DPA applies to the extent that Aizen processes personal data on behalf of the Customer in the course of providing the service.

2. Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person
  • Processing: Any operation performed on Personal Data
  • Data Controller: The Customer, who determines the purposes and means of processing by choosing to install the Aizen tracking script on their website
  • Data Processor: Aizen Analytics, which processes data on behalf of the Controller to provide analytics services
  • Data Subject: An identifiable natural person whose data is processed
  • Subprocessor: A third party engaged by Aizen to assist in processing Personal Data

3. Scope and Purpose of Processing

Aizen processes data solely to provide website analytics services to the Customer. The purpose is to generate aggregate statistics about website traffic, including visitor counts, page views, traffic sources, geographic distribution, and device breakdowns.

Aizen does not use Customer data for any other purpose, including advertising, profiling, selling, or sharing with third parties beyond what is necessary to operate the service.

4. Categories of Data Subjects and Data

Data subjects: Visitors to the Customer's website(s) and the Customer's account holders/team members.

Website visitor data processed:

  • Page URL and path (query parameters stripped except UTM tags)
  • Referring domain (path stripped)
  • UTM campaign parameters (source, medium, campaign, term, content)
  • Browser name
  • Operating system name
  • Device type (desktop, mobile, tablet)
  • Approximate geolocation (country, region, city) derived from IP lookup
  • A pseudonymous day-scoped session identifier (see Section 6)
  • Timestamp
  • Custom event names and properties sent by the Customer (subject to automatic PII filtering)

Data explicitly not stored:

  • IP addresses (used transiently for rate limiting, geolocation, and session hashing, then discarded)
  • Full user-agent strings (parsed into browser/OS/device type, then discarded)
  • Cookies or local storage values (not used by the tracking script)
  • Referrer URL paths (only the referring domain is stored)
  • Cross-site or cross-device identifiers

Customer account data processed: Email address, hashed password, website URLs, notification preferences, and billing metadata (subscription status and plan). Full payment details are processed by Stripe and are not accessible to Aizen.

5. Data Processing Principles

Aizen processes data in accordance with:

  • Lawfulness, fairness, and transparency: We process only the data described in this DPA, for the purposes described, and document our practices openly
  • Purpose limitation: Data is processed solely to provide analytics services to the Customer
  • Data minimization: We collect the minimum data needed for meaningful analytics, with no cookies, no persistent identifiers, and automatic PII filtering
  • Accuracy: Analytics data reflects actual website traffic as accurately as possible given our privacy-preserving approach
  • Storage limitation: Individual event data is deleted after 90 days; only aggregated counts are retained long-term
  • Integrity and confidentiality: We implement appropriate technical and organizational security measures (see Section 6)

6. Technical and Organizational Security Measures

Aizen implements the following measures to protect data:

  • Encryption in transit: All data is transmitted over HTTPS/TLS. The tracking script is served over HTTPS and event data is sent over encrypted connections.
  • No persistent identifiers: Unique visitors are counted using a hashed identifier derived from a daily rotating random salt, the site ID, the visitor's IP address, and user agent. The daily salt is automatically deleted after 48 hours, making it impossible to reconstruct the identifier or link it to any individual after that point.
  • IP address handling: IP addresses are processed in memory only — used for rate limiting, geolocation lookup, and session hash generation — and are never written to the database.
  • Automatic PII filtering: Event properties submitted by the Customer's tracking code are automatically scanned server-side. Values that resemble email addresses, phone numbers, UUIDs, long identifiers, or IP addresses are silently removed before storage.
  • Data retention controls: Individual event records are retained for 90 days and then deleted. Aggregated daily counts (containing no session-level detail) are retained for 3–5 years depending on the Customer's plan.
  • Access controls: Access to production systems and data is restricted to authorized personnel. Customer data is logically separated by site.
  • Privacy signals: The tracking script does not currently respond to the Do Not Track (DNT) browser signal.
  • Password security: Account passwords are stored using industry-standard hashing algorithms.

7. Subprocessors

Aizen uses the following categories of subprocessors to provide the service:

  • Cloud hosting provider: For running the application, storing the database, and processing events
  • CDN and security provider: For delivering the tracking script, caching, and protecting against abuse
  • Email service provider: For sending transactional emails such as weekly reports, usage alerts, and account notifications
  • Payment processor (Stripe): For processing subscription payments

All subprocessors are bound by written agreements that require them to provide at least the same level of data protection as this DPA. A current list of specific subprocessors with their names and locations is available on request by emailing [email protected].

We will notify Customers of any intended changes to subprocessors with reasonable advance notice, giving Customers the opportunity to object.

8. International Data Transfers

Aizen stores and processes data on servers in the United States. For Customers located in the European Economic Area (EEA), United Kingdom, or Switzerland, this constitutes an international transfer of data.

We support these transfers with the following safeguards:

  • Standard Contractual Clauses (SCCs): This DPA incorporates the European Commission's Standard Contractual Clauses for the transfer of personal data to third countries (Module 2: Controller to Processor). By agreeing to this DPA, both parties are deemed to have signed the SCCs.
  • Supplementary measures: In addition to the SCCs, Aizen implements technical measures that significantly reduce the risk associated with international transfers. Specifically: IP addresses are never stored, session identifiers are pseudonymous and day-scoped with rotating salts deleted after 48 hours, referrer paths are stripped, event properties are automatically filtered for PII, and individual event data is deleted after 90 days. These measures mean that the stored data is, in practice, non-identifying.

9. Data Subject Rights

Aizen will assist the Customer in responding to data subject requests to the extent technically feasible. Due to the privacy-preserving design of our service, we do not store data that can be linked to an identifiable individual. We cannot look up, access, rectify, or delete data for a specific website visitor because we do not know who they are.

For Customer account holders, data subject rights (access, rectification, erasure, portability) can be exercised directly through account settings or by contacting us.

10. Data Retention and Deletion

Individual event records are automatically deleted after 90 days. Aggregated daily statistics (containing no session-level or individual-level detail) are retained for 3 years (Starter plan) or 5 years (Growth plan).

Upon termination of the Customer's account, all associated data — including event records, aggregated statistics, site configurations, and account information — is deleted within 30 days.

11. Breach Notification

In the event of a personal data breach, Aizen will notify the Customer without undue delay and no later than 72 hours after becoming aware of the breach. The notification will include the nature of the breach, the categories and approximate number of data records affected, the likely consequences, and the measures taken or proposed to address the breach.

12. Audit

Aizen will make available to the Customer, on request, the information necessary to demonstrate compliance with this DPA. This may include documentation of our technical and organizational measures, subprocessor agreements, and processing records. Where further assurance is needed, Aizen will cooperate with reasonable audit requests at the Customer's expense with reasonable advance notice.

13. Term and Termination

This DPA remains in effect for as long as the Customer uses the Aizen service. Upon termination, Aizen will delete all Customer data in accordance with Section 10. The obligations regarding data protection, confidentiality, and breach notification survive termination.

14. Contact

For DPA inquiries, to request a signed copy, or to obtain the current list of subprocessors, contact us at [email protected]

← Back to home