Couple GDPR questions

Hi,

We’re using the JS SDK and I’m aware that Sentry is GDPR compliant however as a SaaS platform we’re also trying to be GDPR compliant and had a couple questions:

  • We currently have a single ‘project’ in Sentry which records all exceptions from various different sites. Is it required to separate those sites out into separate project in Sentry for GDPR compliance?
  • We currently set user ID as a tag but will have to remove that I presume. However for existing data can we remove those user ids?
  • Same for storing IP addresses, we’ll disable it but do we have to do anything for existing logs?
  • Anything else specifically that we have to look out for?

Thanks!