Security

Privacy practices

• We do not use tracking analytics

• We do not sell personal data

• We do not use any cookie on api

• We do not save the user context from the sentry client - we create a unique hash and throw it away.

• We scrub personal data

• You can close your account or delete your data anytime

Encryption

We have encryption at rest and during transit, and we are also adding extra encryption on tags that are usually used for custom data.

Transit uses modern TLS, and the encryption at rest uses the most robust encryption, AES-256, and also, on extra encryption for some columns in the table, use AES-256 as well.

PII data

We can not stop all PII data as you might need some of them to debugging the issues. But we have reduce privacy data, such as:

• user context is not saved, an unique hash is made of that data and then thrown away, to count users that got that error. If you want to save user_id, outside user_context, add it to the tags.

• We scrub some data, like email, Social security, credit cards and ip addresses from tags.

• We leave the rest to you to hold the personal data of your users dearly and only send us what is needed for debugging.

Providers

We use Scalingo as a provider using 3DS Outscale, a French Operator. 3DS Outscale is ISO 27001 certified. By using Scalingo and 3DS Outscale, we are using EU providers, so there are no American-owned operators. This means no worry about the FISA act.

Data location

All our data is in France, at Scalingo. We use BunnyCDN, based in Slovakia, for CDN.

We use as few providers as possible to keep track of the data. We always look through our providers and ensure we use the best privacy.