I still think the company could somehow get access to the user data. The server enryption sounds pretty solid, and I beleive you saying that it would be really hard or impossible to get the encrypted data from the servers, but the information shown in the browser is unecrypted and accessible. Let's say your company grows and gets acquired by someone like Google and suddenly they want to get the stats of the tracked websites. Isn't there a way they could modify the UI source code, so that for example, they send back the unecrypted stats from the browser to a different server? I assume the dashboard's UI is hosted and served by your platform, so they could just add some JavaScript to it to send all data visible on screen, right?

I think your product could be really useful and I'm not trying to attack it in any way, I am just making sure I understand what the encryption means and if it does indeed provide extra value.