Data Privacy & Retention
Understand what data Sazabi collects, how long we retain it, and your rights under GDPR.
Sazabi processes telemetry data from your applications. This page explains what data we collect, where it's stored, and how you can control it.
Data collection
Telemetry data
When you send logs, traces, or events to Sazabi, we collect:
| Data type | Description |
|---|---|
| Log messages | The log content your application sends |
| Timestamps | When events occurred |
| Metadata | Service name, environment, log level |
| Trace context | Span IDs, trace IDs for distributed tracing |
| Custom fields | Any additional fields you include in your logs |
Do not send sensitive personal data (passwords, SSNs, credit card numbers) in log messages. Filter sensitive data before sending logs to any observability platform.
Account data
We collect standard account information:
- Email address and name
- Organization and team membership
- Authentication credentials (hashed)
- Billing information (processed by Stripe)
Usage data
We collect aggregated usage data to improve our service:
- Feature usage patterns
- API request volumes
- Performance metrics
This data is anonymized and not linked to individual log content.
Data storage
Storage locations
| Data type | Primary storage | Region |
|---|---|---|
| Log data | ClickHouse | US (us-west-2) or EU |
| Account data | PostgreSQL | US (us-west-2) |
| File uploads | S3 | Matches log region |
Data residency
For customers with data residency requirements, we offer:
- EU region: Logs stored entirely within EU data centers (eu-central-1)
- US region: Logs stored in US data centers (us-west-2)
Contact us to configure data residency for your organization.
Retention policies
Log data retention
Log data is retained based on your plan. Contact support for details on retention periods and options for your account.
Account data retention
- Active accounts: Data retained while account is active
- Billing records: Retained for 7 years per legal requirements
Data deletion
Deleting log data
You can delete log data in several ways:
- Manual deletion: Contact support to request deletion of specific data
- Project deletion: Deleting a project removes all associated log data
Deleting your account
To delete your account and all associated data, contact support@sazabi.ai. Account deletion removes:
- Your user profile and authentication data
- Membership in all organizations (other members retain access)
- Any organizations where you are the sole owner
Organization data is only deleted when the last member leaves or when explicitly requested.
GDPR compliance
Sazabi supports GDPR compliance for customers processing EU personal data.
Data processing agreement
We provide a Data Processing Agreement (DPA) that covers:
- Our role as a data processor
- Security measures we implement
- Sub-processor list
- Data transfer mechanisms
Contact privacy@sazabi.ai to request a DPA.
Data subject rights
We support the following data subject rights:
| Right | How we support it |
|---|---|
| Right to access | Export your data via API or support request |
| Right to erasure | Request log data deletion via support |
| Right to portability | Export data in standard formats |
| Right to rectify | Update account information in settings |
Sub-processors
We use the following sub-processors:
| Provider | Purpose | Location |
|---|---|---|
| AWS | Infrastructure hosting | US, EU |
| Stripe | Payment processing | US |
| PostHog | Product analytics | EU |
We notify customers of sub-processor changes via email.
Data transfers
For data transferred outside the EU, we rely on:
- AWS's Standard Contractual Clauses for infrastructure
- Stripe's Binding Corporate Rules for payment processing
Security practices
For details on how we secure your data, see: