Security

Enterprise-grade security, built in from day one

Your analytics data is sensitive. Here is exactly how we protect it at every layer.

Data Storage

  • All data stored in Neon PostgreSQL (SOC 2 Type II certified)
  • Hosted on AWS infrastructure
  • Data encrypted at rest and in transit (TLS 1.2+)

Authentication

  • Magic link email authentication (no passwords stored)
  • Session tokens with automatic expiry
  • Role-based access control (owner, editor, viewer)

Google Integration

  • OAuth 2.0 with minimal scopes (read-only for analytics, edit for GTM only when needed)
  • Tokens encrypted at rest using AES-256 via SETTINGS_ENCRYPTION_KEY
  • No Google passwords are ever stored
  • Users can disconnect Google and all tokens are deleted immediately

Data Access

  • Your data is never shared with other workspaces
  • AI analysis is performed using your configured API key
  • We do not train models on your data

Compliance

  • GDPR-ready: data deletion available on request
  • No tracking cookies on the app itself (only your own GA4/GTM)
  • Audit log of all configuration changes

Have security questions?

We are happy to walk through our security posture in detail. Reach out for our full security documentation or to schedule a review.

Contact Security Team