Learn about Seizn's security practices, data protection, and compliance features.
写入上限和回退行为已锁定为生产安全默认值。
重试和重复事件现在走 lock-claim-finalize 流程。
迁移后的校验会捕获 RPC 和过载回归。
已补充 Failure Notification & Analysis 运营指南。
推荐的迁移工作流:
node scripts/run-migration-file.mjs <sql-file> npm run verify:e2e-encryption-db
`run-migration-file.mjs` 默认会触发 `verify:e2e-encryption-db`,并在过载或 RPC 回归时快速失败。仅在紧急绕过场景下使用 `SKIP_E2E_VERIFY=1`。
All data is encrypted using AES-256 encryption. Memory content, embeddings, and metadata are protected at all times.
All API connections use TLS 1.3. We enforce HTTPS for all endpoints with no fallback to unencrypted connections.
Complete data separation between accounts. Row-level security (RLS) ensures no cross-tenant data access.
API keys are stored as SHA-256 hashes. The original key is shown only once at creation time.
Create multiple active keys and rotate them without downtime. Old keys can be revoked instantly.
Configure keys to auto-expire after 30, 60, 90 days, or custom periods. Expired keys are automatically rejected.
Monitor per-key usage in real-time. See request counts, last used time, and associated activity.
Export all your data anytime via API or dashboard. Full data portability with no lock-in.
When you delete memories, they are permanently removed. No retention beyond 30-day backup window.
Full GDPR/CCPA support. Request deletion of all user data with auditable confirmation.
Full compliance with EU General Data Protection Regulation. Data subject rights supported including access, rectification, and erasure.
California Consumer Privacy Act compliance. Know what data is collected and request deletion at any time.
Enterprise-grade security controls audited annually. Security, availability, and confidentiality principles.
Information security management system certification. Systematic approach to managing sensitive data.
Seizn provides comprehensive governance features for enterprise deployments:
Complete audit trail of all API operations. Who accessed what, when, and from where.
Define policies for data handling: allow, deny, mask, or encrypt based on content type, tags, or patterns.
Automatic detection and handling of personally identifiable information. Configure masking or blocking rules.
Generate comprehensive audit bundles for compliance reviews. Includes policy configs, PII events, and deletion reports.
Seizn uses monthly quotas for billing and per-minute rate limits for burst protection:
API calls and memory storage are billed monthly. Quotas reset at UTC midnight on the 1st of each month.
Per-minute request limits protect against burst traffic. Limits vary by plan (60-3000 RPM).
RFC-Compliant Headers: All responses include RateLimit-* and X-Quota-* headers for programmatic limit tracking.
For security concerns, vulnerability reports, or compliance inquiries: