At ObservabilityOS, we are committed to building an observability platform that respects your organization's privacy and keeps sensitive data safe. We design our client-side SDKs and ingestion engines with high-security scrubbing rules, ensuring that your customers' Personally Identifiable Information (PII) is redacted before it ever leaves your network.
1. Telemetry Data & Local PII Scrubbing
Unlike traditional cloud logging applications, ObservabilityOS provides a local, client-side SDK scrubbing mechanism (via scrubber.ts) that automatically processes all telemetry payloads.
- Sensitive Parameter Redaction: Database passwords, authorization bearer headers, JWT tokens, credit card numbers, and custom regex pattern matches are automatically replaced with a
[REDACTED]string at the microservice application runtime. - Ingestion Integrity: Only sanitized metrics, anonymized logs, and structural trace outlines are submitted to our ingestion gateways.
2. Data Encryption and Storage Security
For telemetry data stored on our platforms, we implement strict standard enterprise-grade compliance architectures:
- Encryption in Transit: All web transactions and API calls are secured with Transport Layer Security (TLS 1.3).
- Encryption at Rest: All log fragments and trace metadata are stored in AES-256 encrypted storage volumes.
- Retention Lifespans: Customers specify custom retention periods. Once the configured threshold is met, index records are purged from both active memory caches and backups.
3. Information Collected
When you create an account, we retrieve basic profile metadata from GitHub (username, avatar URL, email addresses) to manage authentication and workspaces. We do not sell, trade, or share your profile details with external advertising brokers or tracking agencies.
4. GDPR and Compliance Alignment
By utilizing our local scrubbing SDK configurations, you satisfy standard GDPR and HIPAA compliance mandates regarding telemetry data. Under GDPR rules, you retain complete rights to view, export, delete, or restrict processing of your tenant profile configurations by contacting support.
5. Contact and Inquiries
If you have any questions about this privacy statement, data protection guidelines, or your developer workspace configuration, reach out to our privacy compliance officer at: