Trust and privacy

Privacy-aware analytics for branded link infrastructure

Nimriz is designed to make campaign reporting reviewable while minimizing sensitive analytics collection. This page summarizes what we store, what we avoid, and how analytics are produced.

Standard privacy
Default analytics posture
Never stored
Raw IP and full User-Agent
Strict hosts
No implicit apex/www aliasing

Evaluator summary

What Nimriz stores and avoids

Last updated: 2026-04-01

We do

  • Store link and domain configuration in Nimriz's primary database.
  • Store raw click events in Cloudflare Analytics Engine and build dashboard views from aggregated summaries.
  • Keep raw events out of your workspace database so reporting stays fast without per-click writes to primary storage.
  • Load Amplitude for product analytics only after analytics consent is granted.
  • Flag likely bots/prefetch traffic so reports can filter it.

We do not

  • Store raw IP addresses in the analytics event store.
  • Store full User-Agent strings in the analytics event store.
  • Increment per-click totals in the primary database on every redirect.
  • Alias apex and www hosts implicitly (host matching is strict).

Analytics event flow

1
Redirect event

A click or QR scan reaches the edge redirect path.

2
Privacy handling

Raw IP and full User-Agent are never stored; strict privacy also omits visitor hashes.

3
Reporting model

Dashboard reporting uses aggregated summaries instead of per-click writes to primary storage.

Analytics privacy

Standard privacy-aware analytics is the default. Raw IP and full User-Agent values are never stored; standard mode may keep daily-salted hashes for dedupe, and strict privacy omits those hashes.

Consent-gated product analytics

Website and dashboard product analytics are initialized only after analytics consent. That consent-gated setup may also enable related features such as Session Replay, Experiment, and Guides and Surveys, depending on the current product configuration.

Retention and deletion

Workspace and profile deletion remove configuration data and aggregated records from Nimriz's primary systems. Raw click events in append-only analytics infrastructure age out on platform retention schedules rather than being selectively erased per account.

Safety controls

On link creation, Nimriz enforces destination scheme validation (blocking unsafe schemes), reserved slug rules on first-party domains, and managed-domain loop prevention.

Related policies

Read the full Privacy Policy, Terms of Service, Refund Policy, and Cookie Policy.

Trust and privacy questions

Short answers for evaluators reviewing data boundaries and host behavior.

What do standard and strict privacy change?
Raw IP addresses and full User-Agent strings are never stored. Standard privacy-aware analytics may use daily-salted hashes for per-day deduplication; strict privacy omits those hashes.
Are raw click events written to the workspace database?
No. Raw click events are handled through append-only analytics infrastructure, and dashboard reporting relies on aggregated summaries instead of per-click writes to primary storage.
Does Nimriz alias apex and www domains?
No. Host matching is strict, so apex and www hosts are treated as separate domains unless both are added and managed explicitly.

Related next steps

Review the details, then start with a free workspace

The trust, privacy, security, and documentation pages stay public so evaluators can review the mechanics before signing up.