Learn about Seizn's security practices, data protection, and compliance features.
인제스트 상한과 폴백 동작이 프로덕션 안전 기본값으로 고정되었습니다.
재시도 및 중복 이벤트가 lock-claim-finalize 경로로 처리됩니다.
마이그레이션 이후 검증으로 RPC 및 오버로드 회귀를 탐지합니다.
Failure Notification & Analysis 운영 가이드를 추가했습니다.
권장 마이그레이션 워크플로우:
node scripts/run-migration-file.mjs <sql-file> npm run verify:e2e-encryption-db
`run-migration-file.mjs`는 기본적으로 `verify:e2e-encryption-db`를 실행하며, 오버로드 또는 RPC 회귀를 빠르게 실패 처리합니다. `SKIP_E2E_VERIFY=1`은 긴급 우회가 필요한 경우에만 사용하세요.
All data is encrypted using AES-256 encryption. Memory content, embeddings, and metadata are protected at all times.
All API connections use TLS 1.3. We enforce HTTPS for all endpoints with no fallback to unencrypted connections.
Complete data separation between accounts. Row-level security (RLS) ensures no cross-tenant data access.
API keys are stored as SHA-256 hashes. The original key is shown only once at creation time.
Create multiple active keys and rotate them without downtime. Old keys can be revoked instantly.
Configure keys to auto-expire after 30, 60, 90 days, or custom periods. Expired keys are automatically rejected.
Monitor per-key usage in real-time. See request counts, last used time, and associated activity.
Export all your data anytime via API or dashboard. Full data portability with no lock-in.
When you delete memories, they are permanently removed. No retention beyond 30-day backup window.
Full GDPR/CCPA support. Request deletion of all user data with auditable confirmation.
Full compliance with EU General Data Protection Regulation. Data subject rights supported including access, rectification, and erasure.
California Consumer Privacy Act compliance. Know what data is collected and request deletion at any time.
Enterprise-grade security controls audited annually. Security, availability, and confidentiality principles.
Information security management system certification. Systematic approach to managing sensitive data.
Seizn provides comprehensive governance features for enterprise deployments:
Complete audit trail of all API operations. Who accessed what, when, and from where.
Define policies for data handling: allow, deny, mask, or encrypt based on content type, tags, or patterns.
Automatic detection and handling of personally identifiable information. Configure masking or blocking rules.
Generate comprehensive audit bundles for compliance reviews. Includes policy configs, PII events, and deletion reports.
Seizn uses monthly quotas for billing and per-minute rate limits for burst protection:
API calls and memory storage are billed monthly. Quotas reset at UTC midnight on the 1st of each month.
Per-minute request limits protect against burst traffic. Limits vary by plan (60-3000 RPM).
RFC-Compliant Headers: All responses include RateLimit-* and X-Quota-* headers for programmatic limit tracking.
For security concerns, vulnerability reports, or compliance inquiries: