Are there any examples of privacy policy sections Sentry Users (i.e. companies) can use to put into their own terms to share with their own users what data is collected by Sentry (as an EU-based company)?
I only want to log very basic information about which exceptions are thrown in an Android App and (later) on a React Web App and iOS App.
I only use:
Sentry.captureException(e)
And messages with non-user-data like:
Sentry.captureMessage(errorCode.name() + ": " + errorMessage)
In the Sentry Settings I selected the following options to protect the users:
- Allow Shared Issues: No
- Enhanced Privacy: Yes
- Allow JavaScript Source Fetching: Yes
- Store Native Crash Reports: Disabled
- Require Data Scrubber: Yes
- Require Using Default Scrubbers: Yes
- Global Sensitive Fields: None
- Global Safe Fields: None
- Prevent Storing of IP Addresses: Yes
- Signed Privacy Policy, Terms & Conditions, DPA
- Added Company Details, EU Representative, Data Protection Oficer
In the Sentry issues collected I find information about:
- Error messages that occur while using the app
- Information about the use of the app immediately before the error occurred and when the app was started
- Date and time of the errors
- Device information: operating system and version, app version and device model
- identifier to to identify errors from the same device
- Status of the device: battery charge and temperature, charging state, boot time, memory space and connection type (Wi-Fi/mobile data), (free) storage space, preferred language, device orientation, screen resolution and density, time zone
- IP address of the machine (when the connection is established)
Does this cover all information collected about the users? Or did I miss something? As far as I know I have to inform the user exactly about what data is collected, even by 3rd party solutions like Sentry. I am a bit puzzled, that i don’t find anything about this in the forum. Others must have the same problem.
I’m aware that you cannot inform me about what information may be contained in the exceptions thrown by the operating system which I forward to sentry but I would extend my Sentry terms section as soon as I notice that additional private information is contained there and would inform the user about that.