Data Security & Residency

Assumetr is designed to minimize your compliance surface area by handling data securely and transiently. This page outlines our core security posture and residency guarantees.

Security by Design

The Assumetr architecture separates your telemetry processing from long-term storage, acting primarily as a secure routing and governance layer.

1. Transient Data Processing

Raw telemetry data (the events generated by your web application) is processed entirely in memory or in transient message queues (Redis Streams). We do not retain a permanent copy of your user events.

Once data is successfully routed to your configured Destinations (e.g., Snowflake, Mixpanel), the local temporary copy is marked for purging according to your Retention Window (default: 90 Days).

2. Encryption

In Transit: All data sent from the Assumetr snippet to our ingest servers, and from our servers to your Destinations, is encrypted using TLS 1.2 or higher.
At Rest: All underlying datastores (PostgreSQL, Redis, ClickHouse) are encrypted at rest using AES-256.

3. Shared Responsibility Model

We operate under a Shared Responsibility Model:

Assumetr is responsible for the security of the platform (infrastructure, encryption, API security).
You are responsible for security in the platform (configuring your Privacy Controls, managing your Destination API keys, and securing your Workspace).

Data Residency

Assumetr operates multiple deployment regions to help you meet local data residency requirements.

Cloud Deployment

By default, Assumetr Cloud processing nodes are located in the United States (US-East). Enterprise customers can request dedicated instances in the European Union (EU-Central) to guarantee data sovereignty.

Data Security & Residency ​

Security by Design ​

1. Transient Data Processing ​

2. Encryption ​

3. Shared Responsibility Model ​

Data Residency ​