Trust and privacy
Last updated: 2026-04-01
Nimriz is designed for trustworthy reporting while minimizing sensitive data collection. This page summarizes what we store, what we avoid, and how analytics are produced.
We do
- Store link and domain configuration in Nimriz's primary database.
- Store raw click events in Cloudflare Analytics Engine and build dashboard views from aggregated summaries.
- Keep raw events out of your workspace database so reporting stays fast without per-click writes to primary storage.
- Load Amplitude for product analytics only after analytics consent is granted.
- Send product analytics data to Amplitude's EU residency environment.
- Flag likely bots/prefetch traffic so reports can filter it.
We don’t
- Store raw IP addresses in the analytics event store.
- Store full User-Agent strings in the analytics event store.
- Increment per-click totals in the primary database on every redirect.
- Alias apex and www hosts implicitly (host matching is strict).
Privacy mode
Privacy mode defaults on for new accounts. When enabled, Nimriz omits IP and User-Agent from click events. When disabled, Nimriz stores only daily-salted hashes to support per-day deduplication without long-term tracking.
Consent-gated product analytics
Website and dashboard product analytics are initialized only after analytics consent. That consent-gated setup may also enable related features such as Session Replay, Experiment, and Guides and Surveys, depending on the current product configuration.
Retention and deletion
Workspace and profile deletion remove configuration data and aggregated records from Nimriz's primary systems. Raw click events in append-only analytics infrastructure age out on platform retention schedules rather than being selectively erased per account.
Safety controls
On link creation, Nimriz enforces destination scheme validation (blocking unsafe schemes), reserved slug rules on first-party domains, and managed-domain loop prevention.