Learn about Seizn's security practices, data protection, and compliance features.
インジェスト上限とフォールバック動作を本番向けの安全な既定値に固定しました。
再試行と重複イベントは lock-claim-finalize フローで処理されます。
マイグレーション後の検証で RPC と過負荷の回帰を検出します。
Failure Notification & Analysis の運用ガイドを追加しました。
推奨マイグレーションワークフロー:
node scripts/run-migration-file.mjs <sql-file> npm run verify:e2e-encryption-db
`run-migration-file.mjs` は既定で `verify:e2e-encryption-db` を実行し、過負荷または RPC 回帰で即時に失敗します。`SKIP_E2E_VERIFY=1` は緊急回避時のみ使用してください。
All data is encrypted using AES-256 encryption. Memory content, embeddings, and metadata are protected at all times.
All API connections use TLS 1.3. We enforce HTTPS for all endpoints with no fallback to unencrypted connections.
Complete data separation between accounts. Row-level security (RLS) ensures no cross-tenant data access.
API keys are stored as SHA-256 hashes. The original key is shown only once at creation time.
Create multiple active keys and rotate them without downtime. Old keys can be revoked instantly.
Configure keys to auto-expire after 30, 60, 90 days, or custom periods. Expired keys are automatically rejected.
Monitor per-key usage in real-time. See request counts, last used time, and associated activity.
Export all your data anytime via API or dashboard. Full data portability with no lock-in.
When you delete memories, they are permanently removed. No retention beyond 30-day backup window.
Full GDPR/CCPA support. Request deletion of all user data with auditable confirmation.
Full compliance with EU General Data Protection Regulation. Data subject rights supported including access, rectification, and erasure.
California Consumer Privacy Act compliance. Know what data is collected and request deletion at any time.
Enterprise-grade security controls audited annually. Security, availability, and confidentiality principles.
Information security management system certification. Systematic approach to managing sensitive data.
Seizn provides comprehensive governance features for enterprise deployments:
Complete audit trail of all API operations. Who accessed what, when, and from where.
Define policies for data handling: allow, deny, mask, or encrypt based on content type, tags, or patterns.
Automatic detection and handling of personally identifiable information. Configure masking or blocking rules.
Generate comprehensive audit bundles for compliance reviews. Includes policy configs, PII events, and deletion reports.
Seizn uses monthly quotas for billing and per-minute rate limits for burst protection:
API calls and memory storage are billed monthly. Quotas reset at UTC midnight on the 1st of each month.
Per-minute request limits protect against burst traffic. Limits vary by plan (60-3000 RPM).
RFC-Compliant Headers: All responses include RateLimit-* and X-Quota-* headers for programmatic limit tracking.
For security concerns, vulnerability reports, or compliance inquiries: