Skip to main content
Vizuna app iconVizuna
Sign in

Legal

Security Overview

Last Updated: 2026-03-12

A short, procurement-friendly overview of how Vizuna protects user data, controls access, and handles security operations.

On this page

1. High-level posture

Vizuna is designed to be privacy-first. Reflections may include sensitive workplace context, so the product is built to minimise exposure, avoid attribution, and limit what organisations can access.

2. Data access and privacy boundaries

  • Individual reflections and free-form feedback are not provided to organisations as raw text.
  • Where organisation-level reporting exists, it is designed to be anonymised and aggregated.
  • VizunaAI outputs are intended to be pattern-based and should not reveal who said what.
  • Recipient-level outreach tracking records, where used for Vizuna's own cold-email operations, are restricted to internal roles that need them for business development or customer-facing work and are not exposed to customer organisations.

3. Account and authentication

  • Vizuna uses authenticated sessions to control access to user data.
  • Sensitive actions such as account deletion and data export require additional confirmation or re-authentication flows.

4. Logging and operational safety

Vizuna treats free-form reflection text and VizunaAI chat content as sensitive. Operational logging is designed to avoid storing:

  • Reflection text
  • VizunaAI chat transcripts
  • Tokens and credentials
  • Device tokens and notification bodies

5. Operational tooling

Vizuna does not use a dedicated error-tracking vendor (such as Sentry or Datadog). The operational tooling that may process limited, non-personal metadata includes:

  • Plausible Analytics — cookie-free, privacy-focused web analytics. Collects aggregate page views, referral sources, and country-level location. Does not collect personal data or track individuals across sites.
  • Vercel Speed Insights — lightweight web performance telemetry (page load times, core web vitals). Does not collect personal content.
  • Vizuna outreach-link tracking — internal cold-email reporting currently records tracked link clicks server-side. We do not currently use an outreach attribution cookie or downstream browsing attribution for this flow.

6. Incident response

Vizuna maintains an internal incident response playbook and escalation process for security and privacy incidents.

7. Compliance targets

Vizuna aims to align with GDPR-style privacy principles globally and to support enterprise procurement needs (including SOC 2 readiness over time). Any formal certifications (for example, "SOC 2 Type II certified") should only be claimed once completed and verified.

8. Contact

For security questions or to request additional security documentation, please contact us at support@vizuna.com.

← Back to LegalBack to top