Nudle deploys real changes to your production website. The controls below are how we earn the right to do that, every single day.
Last updated: May 3, 2026
Nudle only requests the permissions it needs to do the work you signed up for: read-only Search Console and Analytics reporting access, Analytics Admin edit access for GA4 setup, and Tag Manager edit/version/publish access for approved deploys. You can review every connection and revoke it from your dashboard at any time.
Every byte that travels between you, your connected platforms, and Nudle is encrypted in transit. Authentication tokens and connected-platform credentials are encrypted at rest with industry-standard symmetric encryption. Plaintext credentials never appear in logs, in support tooling, or in the Nudle dashboard.
Before any change reaches your production site, it passes through an automated safety review. Anything that touches passwords, payment fields, third-party storage, cookies, or arbitrary script injection is rejected outright. Nothing reaches your container that has not cleared that gate.
Every change Nudle pushes to your stack carries a signature tied to the change ID, your account, and a timestamp. If a tag claims to be from Nudle and the signature does not match, you will know. The verification endpoint is open and runs on demand.
Every action Nudle takes on your behalf is logged immutably and visible in your dashboard. Drafts, approvals, deploys, rollbacks, kill-switch activations, and access events all appear in one timeline. Export the log as CSV at any time. We never delete an audit row.
Every change that reaches your site triggers an email to your account admins with the before-and-after summary, the approver, a one-click rollback, and a one-click kill-switch link. A compromised account that triggers an unauthorised deploy alerts the owner within seconds.
The kill switch revokes every Nudle access token, pauses every tag we have deployed, and notifies your admins. Available from your dashboard at all times. No support ticket, no waiting period, no apology email required.
Server-side monitoring runs continuously across every Nudle account. If our automated systems see a pattern that looks unusual for you or for the platform overall, deploys pause and our on-call team is notified.
Nudle snapshots your Tag Manager container daily and compares it to the previous version. If a tag appears that we did not deploy and that we cannot attribute to your team, we flag it with a risk assessment so you can investigate. Nudle becomes the watchdog for everyone else who touches your container, including the tags that were there before us.
We follow responsible disclosure. Email security@nudle.dev with the details. We acknowledge within 24 hours and ask for 30 days to remediate before public disclosure. Validated findings are eligible for a thank-you reward.
Looking for sub-processors, retention, and rights? See our privacy policy.