Security

Security at GStatus πŸ”’ #

At GStatus, we understand that trust is earned through robust security and privacy practices. That’s why we’ve designed our platform with security by default to protect your data and your users’ privacy.

1. Data Privacy by Design πŸ›‘οΈ #

GStatus is built to prioritize privacy and comply with the world’s most stringent data protection regulations:

  • GDPR Compliance: All user data is anonymized, and no personally identifiable information (PII) is stored.
  • CCPA Compliance: GStatus respects user rights, including data access and deletion requests.
  • “Do Not Track” Support: GStatus automatically disables tracking for users who enable the “Do Not Track” setting in their browser.

2. Secure Data Transmission πŸ” #

We use industry-standard encryption protocols to protect data during transmission:

  • HTTPS Everywhere: All data is transmitted over encrypted HTTPS connections.
  • TLS 1.2+: Ensures secure communication between clients and servers.

3. Local Data Storage Options 🏠 #

GStatus allows you to store analytics data locally, giving you complete control over your users’ information:

  • Self-Hosting: Host the GStatus backend on your own server for maximum security.
  • No Third-Party Dependencies: GStatus doesn’t rely on third-party storage providers unless you choose to.

Example Configuration: # 

GStatus.init({
  apiEndpoint: 'https://your-custom-server.com',
  siteId: 'YOUR_SITE_ID',
});

4. Data Minimization πŸ“‰ #

We believe in collecting only what’s necessary:

  • No collection of PII by default.
  • Support for anonymized analytics, ensuring compliance with privacy regulations.

5. Regular Security Audits πŸ› οΈ #

Our commitment to transparency includes regular security audits:

  • Open-Source Code: GStatus is fully open-source, allowing the community to review and improve security measures.
  • Penetration Testing: Regularly conducted to identify and mitigate vulnerabilities.

Want to contribute to improving our security? Explore GStatus on GitHub.

6. Authentication and API Security πŸ”‘ #

Protect your API with robust authentication:

  • API Keys: Only authorized requests are processed, reducing the risk of unauthorized data access.
  • Rate Limiting: Prevents abuse by limiting the number of API calls per user or application.

7. Incident Response Plan 🚨 #

In the unlikely event of a security breach:

  • We immediately notify affected users.
  • A detailed analysis is conducted to identify the root cause and prevent future incidents.
  • Updates are transparently shared via our Security Announcements Page.

8. Best Practices for Users βœ… #

To maximize security when using GStatus:

  • Always use HTTPS for your website.
  • Regularly update your GStatus library to the latest version.
  • Review your tracking configurations to ensure compliance with privacy laws.