Has sentry taken steps to comply with GDPR?

tobias · February 21, 2018, 5:37pm

Do you provide a data processing agreement?

GDPR stands for General Data Protection Regulation and is applicable to every business which has European customers. Even when you’re a not a EU business. If you deliver goods and/or services within the EU as a non-EU company, GDPR will be applied to you as well. The goal of GDPR: protect personal data of citizens of the European Union (EU) and regulate how it may be used. The GDPR regulation will be enforced from May 25th 2018. EU regulators are very clear: They won’t accept any excuse for non-compliance after this date. Especially in cases like leaking sensitive data or personal data stolen from your system. This excludes United Kingdom from GDPR due to Brexit. They expect the UK will have their own version of GDPR. Be aware of this when you have a large customer base in the UK.
https://melv1n.com/gdpr-guide-product-managers/

zeeg · February 22, 2018, 7:03pm

tobias · February 22, 2018, 10:54pm

I saw that. But I think, a lot of logging data contains personal data of users.
I’m not asking, if you are going to strip out data like file paths, etc.
For example, I use sentry for a django site and set it up according to the instructions on https://docs.sentry.io/clients/python/integrations/django/. This way, if an error occurs, it is logged at sentry with the user email. I believe a lot of your customers are in the same situation.
If they do business in europe, they have to be compliant with the GDPR. That means, they have to sign a data processing contract with you or they have to make sure, that no personal data is logged.

zeeg · February 22, 2018, 11:12pm

Did you read the whole comment? We will be supporting the GDPR.

tobias · February 22, 2018, 11:47pm

I overlooked it in the original thread and this time I didn’t see that your comment is expandable. Thanks for the heads up.