Security

Last updated: March 21, 2026

Approach

Aizen tries to reduce risk by collecting less data, limiting persistent identifiers, and applying access controls around the data that is stored. This page describes the measures we currently implement in the product. It is not a promise of any certification, audit opinion, or uninterrupted service level.

Data Minimization

The tracker does not use analytics cookies or local storage, does not create cross-site identifiers, and does not intentionally write raw IP addresses or full raw user-agent strings into the analytics database.

  • Raw IP addresses are used transiently in memory for rate limiting, approximate geolocation lookup, and day-scoped session hashing
  • Raw user-agent strings are parsed into browser, OS, and device fields and then discarded by the application
  • Referrer paths and query strings are stripped before storage
  • Session hashes are scoped to one site and one day

What We Do Store

To provide the product, Aizen does store analytics metadata such as normalized page URLs, referrer origin/domain, browser and OS breakdowns, device type, timestamps, day-scoped session hashes, custom events, and approximate location data derived from GeoLite2.

Approximate latitude and longitude are also stored for authorized realtime map views. Built-in click tracking records normalized destination URLs through exit_link and link_click events, so customers should not deploy Aizen on flows where those URLs or CTA identifiers may contain secrets or sensitive personal data.

Authentication, Secrets, and Credentials

  • Dashboard access requires authentication
  • Account passwords are stored as hashes, not plaintext passwords
  • Google Search Console access and refresh tokens are encrypted before storage
  • Site API keys are stored as hashes and the full token is shown only when created
  • Session cookies are used for authenticated product access

Transport and Access Controls

  • Managed-service product traffic is served over HTTPS/TLS
  • Site-level authorization checks gate dashboard and management routes
  • Site owners can invite guest users with limited access to shared sites
  • Public share links and API keys are opt-in and can be disabled, revoked, or rotated
  • Customer data is partitioned by site identifiers throughout the product

Abuse Controls

Aizen applies several abuse-prevention measures in the application, including bot filtering, origin validation for event collection, rate limiting on event ingestion, rate limiting on public share links, rate limiting on the public stats API, and login rate limits through the authentication layer.

Retention and Deletion

  • Raw analytics events are retained for 90 days
  • Daily aggregate rollups are retained for 3 years on Starter and 5 years on Growth
  • Daily salts used for session hashing are deleted after about 48 hours
  • Search Console data is retained for up to 16 months
  • Account deletion is processed after a 7-day grace period

Important Limits

Aizen tries to filter some obvious personal data from custom events, but that filtering is heuristic only and can miss data. Customers remain responsible for not sending sensitive or prohibited data into the service.

This page does not claim that Aizen holds any specific security certification, that every provider log is free of raw request metadata, that encryption at rest is enabled in every environment, or that service availability will always be uninterrupted.

Browser Privacy Signals

The tracker does not currently react to the Do Not Track browser signal. Aizen does not sell personal data or share personal data for cross-context behavioral advertising.

Vulnerability Reporting

If you discover a security issue, report it to [email protected] with "Security" in the subject line. Please do not publicly disclose the issue until we have had a reasonable chance to investigate and address it.

Contact

For security questions, contact [email protected] with "Security" in the subject line.

← Back to home