Learn how we handle privacy
Do you keep my data?
No. Zaraz operates as a more efficient pipeline for your data. It transmits your data to the tools you choose, in whatever way you want, but it can never save it, partially or fully, and we will never sell or share what we simply do not retain.
What about personal information?
Any information you send to your third-party tools is pre-processed by our service. We apply the logic you defined to decide which tools to load, when, and how. We use your configuration to know what exact pieces of information need to reach which third-party. However, we never save any of that information. Our infrastructure is designed as a set of storageless and stateless functions. It’s technically impossible for us to save that data, since we wouldn’t even have anywhere to save it! Advertising is not in our business model, so there's no need to worry about your PIIs. In fact, since Zaraz allows you detailed control over the ins and outs of how your third-parties are operating together, it actually allows you finer granularity regarding what you share with them than you’d have without Zaraz. For more information, read about Data Masking below.
How is data processed?
Information usually reaches us from your visitors’ browsers (always using HTTPS), and then we apply your configuration to decide where and how to direct it. This process usually takes less than 5ms, during which the data is held in our service memory but isn’t saved to any persistent storage. By the end of this short processing period, all network requests are constructed and ready to be executed either by the browser or by our service. Once processing is finished, the data is no longer accessible to anyone, not even to us.
What's Data Masking?
Since Zaraz controls the ins and outs of how your third-parties are operating, it actually allows you a level of granularity that has never existed before regarding what you share with your third-parties. Want to hide your visitors’ IP addresses from your Analytics provider? Load a tool without using cookies? Not share the type of device your visitors are using with a specific provider? Zaraz can do all that and more.
Learn about our security posture
What's your approach to security?
Communication between your website and the Zaraz service is secured by TLS. We always use HTTPS to communicate with your third-parties. Since the best security isn’t a strong encryption but a strong design, we designed our systems to never store your visitors’ data, intentionally or unintentionally. Therefore, we have no visitor data to encrypt at rest. Your access to our configuration dashboard is always secured by TLS, and your passwords are encrypted with scrypt.
Can my visitors’ data be leaked if Zaraz is hacked?
Zaraz doesn’t save your visitors’ data, period. Therefore, no data can be leaked, because it’s just not there to be leaked. 😊