Security

Security & Compliance

Enterprise-grade protection for your publications and your readers’ data.

Data Protection

Your content and your readers’ data are protected at every layer.

🔒

Encryption in transit

All data transmitted between readers and ZenFlip is encrypted using TLS 1.2 or higher. No unencrypted connections are accepted.

🗄️

Encryption at rest

Publication files stored on AWS S3 are encrypted using AES-256 server-side encryption. Your content is protected even at the storage level.

🌐

Global CDN delivery

Publications are served through Vercel Edge Network, delivering content from the nearest edge location for fast, secure access worldwide.

Access Controls

Control who can view your publications and how they access them.

🔑

Password protection

Require a password before readers can view a publication. Change or remove passwords anytime. Available on Creator plans and above.

📧

Email-gated access

Require readers to submit their email address before viewing. Captured leads appear in your dashboard and trigger Zapier webhooks.

🏢

SSO / SAML

Enterprise single sign-on for team access. Authenticate through your existing identity provider. Available on Enterprise plans.

👥

Team roles

Assign roles and permissions to team members. Control who can publish, edit, or view analytics. Available on Business plans and above.

Accessibility Compliance

Designed to meet WCAG 2.2 AA — one version ahead of the legal requirement.

♿

WCAG 2.2 AA target

ZenFlip is designed to meet WCAG 2.2 AA, which exceeds the WCAG 2.1 AA standard required by ADA Title II (deadline: April 24, 2026 for entities serving 50,000+ people).

🇪🇺

European Accessibility Act

The EAA has been in force since June 2025, requiring accessible digital products across EU member states. ZenFlip aligns with EN 301 549, the harmonised European standard.

📋

Published accessibility statement

We maintain a versioned accessibility statement at /legal/accessibility and run automated accessibility testing as part of our CI/CD pipeline.

Reader Privacy

Respect your readers’ privacy while still getting the analytics you need.

🛡️

No reader fingerprinting

ZenFlip does not use cookies, browser fingerprinting, or any personally identifiable tracking for reader analytics. All engagement data is aggregate.

📊

Aggregate analytics only

Analytics show page-level engagement patterns — views, time-on-page, heatmaps, geographic regions. Individual reader identity is never tracked or stored.

⚖️

GDPR-aligned design

ZenFlip is designed with GDPR data minimisation principles. We collect only what is necessary for the service to function and for publishers to understand content performance.

Frequently Asked Questions

Is ZenFlip GDPR compliant?

ZenFlip is designed with GDPR principles in mind. Reader analytics collect aggregate engagement data only — no personal data, cookies, or fingerprinting. Data is stored on AWS infrastructure in regions that support GDPR requirements.

Does ZenFlip support SSO?

Yes. SSO via SAML is available on Enterprise plans. Contact our sales team for configuration details.

Where is data stored?

Publication files are stored on AWS S3. The application is served globally via Vercel Edge Network. All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).

Can I password-protect a flipbook?

Yes. Password protection is available on Creator plans and above. Set a password in your publication settings — readers must enter it before viewing.

Does ZenFlip meet accessibility standards?

ZenFlip is designed to meet WCAG 2.2 AA, which exceeds the WCAG 2.1 AA requirement of ADA Title II (deadline April 24, 2026). We publish a versioned accessibility statement and run automated accessibility testing in CI/CD.

Publish with confidence

Start free. Enterprise security available when you need it.

Start free →Accessibility statement