Appearance

Quickstart

If you've just created your Assumetr account, the fastest way to generate your first evidence packet is to follow this 3-step process.

1. Create a Site

Log in to the Assumetr Dashboard. You'll be prompted to create your first Site. A Site represents a single application boundary (like app.yourcompany.com).

2. Configure Privacy Controls

Once your site is created, you'll enter the Privacy Controls configuration step. This is where you declare exactly what data your site is allowed to collect.

By default, Assumetr strictly enforces a privacy-first posture:

  • IP Addresses are hashed.
  • Session Stitching is enabled but time-limited.
  • User-Agents are parsed but raw strings are discarded.

You can modify these based on your company's data collection policy.

3. Generate Evidence

After saving your controls, Assumetr begins monitoring your site. At any time, you can navigate to the Compliance Evidence tab and click Generate Evidence Packet.

This will instantly produce a cryptographically signed JSON and PDF record of:

  1. The exact Privacy Controls enforced during the reporting period.
  2. The schema of the data collected.
  3. Every third-party destination that raw telemetry data was routed to.

You can hand this exact packet to your SOC 2 auditor, and they can independently verify its cryptographic signature to prove it was not altered.

4. Verify Your Setup

After installing the snippet and generating your first events:

  1. Check the Dashboard — navigate to your Site's overview page. You should see incoming event counts within 1–2 minutes of the snippet loading.
  2. Inspect the Privacy Controls — confirm that the controls shown on the dashboard match what you configured. Changes take effect immediately.
  3. Generate a Test Evidence Packet — click Generate Evidence Packet and open the PDF. Verify that:
    • The Privacy Controls section reflects your settings.
    • The Data Schema section lists the fields your site is collecting.
    • The Destinations section lists all configured third-party integrations.

Troubleshooting

If you don't see events arriving, check:

  • The snippet is loaded on the correct domain.
  • Your site's Allowed Origins includes your domain.
  • There are no browser extensions blocking the request.

See the Troubleshooting Guide for more help.

Next Steps

  • Configure Privacy Controls — learn how each setting affects your compliance posture. See Privacy Controls.
  • Share Evidence with an Auditor — learn how to generate a secure share link in Evidence Packets.
  • Understand Compliance Mapping — see how Assumetr evidence maps to SOC 2 Criteria and GDPR Article 30.
  • Manage Your Workspace — invite team members and manage your plan. See Workspace Admin.