Privacy Policy

Last updated: February 1, 2026

Our Commitment to Privacy

At Aizen Analytics, privacy is at the core of everything we do. We built Aizen to provide website analytics without compromising the privacy of your visitors. Our tracking script does not use cookies or local storage, does not track visitors across websites, and does not collect personal data. You should not need a cookie consent banner because of Aizen alone.

Controller and Processor Roles

If you are an Aizen customer who adds our tracking script to your website, you are the data controller — you decide to measure your site's traffic. Aizen acts as the data processor, processing visitor analytics data on your behalf and according to your instructions.

For your Aizen account data (such as your email address and billing information), Aizen is the data controller.

What We Don't Collect

Our tracking script and analytics pipeline are designed to minimize data collection. Specifically:

  • We do not use cookies or local storage in our tracking script
  • We do not track visitors across websites or devices
  • We do not create persistent identifiers or fingerprints
  • We do not sell or share visitor data for advertising or any other purpose
  • We do not store raw IP addresses — they are used transiently and discarded
  • We do not store referrer URL paths — only the referring domain is kept
  • We do not store full user-agent strings

What We Collect for Website Analytics

When a visitor loads a page on your site, we process and store the following:

  • Page URL and path (query parameters are stripped except UTM tags)
  • Referring domain (without the path)
  • Browser name
  • Operating system name
  • Device type (desktop, mobile, or tablet)
  • Approximate location (country, region, city) derived from IP lookup
  • A pseudonymous session identifier (see below)
  • Timestamp
  • Custom event names and properties, if you choose to send them

IP addresses are used transiently for three purposes: rate limiting, approximate geolocation lookup, and generating the daily session identifier. They are never written to the database.

How We Count Unique Visitors

We count unique visitors using a hashed identifier derived from the visitor's IP address, user agent, and a random salt that is unique to each day. This identifier is scoped to a single website and a single day — it cannot be used to track someone across sites or across days.

The daily salt is automatically deleted after 48 hours. Once it is deleted, it is impossible to reconstruct the original identifier or link it back to any visitor, even by us.

Custom Event Properties

You control what custom event properties are sent from your site. We automatically filter incoming event properties on our server to detect and remove values that look like personal data, such as email addresses, phone numbers, or long identifiers. However, we encourage you to avoid sending sensitive personal data in custom events.

Do Not Track and Global Privacy Control

Our tracking script does not currently respond to the Do Not Track (DNT) browser signal. We limit data collection as described throughout this policy.

Global Privacy Control (GPC) is treated as an opt-out of the sale or sharing of personal data. Because Aizen does not sell or share analytics data with third parties for advertising or any other purpose, GPC does not disable analytics collection. Your visitors' data stays with you and is never monetized.

Account Data

When you create an Aizen account, we collect your email address for account access and communication, and your password which is stored using industry-standard hashing. We also store the website URLs you add to track and your notification preferences.

Billing information is processed by Stripe, our payment processor. We store limited billing metadata (such as subscription status and plan) needed to provide the service. We do not have access to your full credit card number.

Cookies and Local Storage

The analytics tracking script does not use cookies or local storage. The Aizen web application uses essential cookies for authentication and security when you are logged into your account. No analytics or advertising cookies are used anywhere.

Data Retention

Individual event data (with session identifiers and detailed breakdowns) is retained for 90 days. After that, events are aggregated into daily summary counts that contain no session-level detail. These aggregated counts are retained according to your subscription plan: 3 years on the Starter plan and 5 years on the Growth plan.

The daily salts used for visitor counting are deleted after 48 hours. Account data is retained while your account is active and deleted within 30 days of account closure.

Data Storage and International Transfers

All data is stored and processed on servers in the United States. If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, this means your data is transferred to the US. We support these transfers with appropriate safeguards, including Standard Contractual Clauses (SCCs) as part of our Data Processing Agreement.

For details, see our Data Processing Agreement.

Subprocessors

We use a small number of third-party services to operate Aizen:

  • Cloud hosting provider — for running the application and storing data
  • CDN and security provider — for delivering the tracking script and protecting against abuse
  • Email service provider — for sending transactional emails such as weekly reports and account notifications
  • Stripe — for processing subscription payments

All subprocessors are contractually bound to data protection requirements. A current list of specific subprocessors is available on request.

Third-Party Data

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Compliance

Aizen is designed to minimize data collection and support your obligations under GDPR, CCPA, PECR, and similar privacy regulations. Because our tracking script does not use cookies, local storage, or persistent identifiers, you should not need a cookie consent banner because of Aizen alone. However, if you use other tools on your site that set cookies or collect personal data, you may still need consent mechanisms for those. We do not provide legal advice.

Your Rights

If you are an Aizen account holder: you can access, update, or delete your account and all associated data at any time from your account settings. You can also contact us to exercise any data protection rights.

If you are a website visitor: Aizen does not collect data that identifies you personally. We do not store your IP address, name, email, or any persistent identifier. Because of this, we cannot look up or retrieve data about a specific individual. If you have questions or concerns, you are welcome to contact us and we will do our best to help.

Changes to This Policy

We may update this privacy policy from time to time. We will notify customers of significant changes via email. The "Last updated" date at the top of this page reflects when the policy was last modified.

Contact Us

If you have questions about this privacy policy or how we handle data, please contact us at [email protected]

← Back to home