Your logs are your data.
Production data is a meaningful trust decision. Here's how we handle yours.
Your logs never train anyone's model
Customer log content is never used to train AI models. The AI layer receives only the structured evidence required to draft a root cause: service names, error categories, top patterns, log timestamps. Inputs are not retained by the AI provider beyond standard abuse-monitoring windows.
Encrypted in transit and at rest
TLS in transit, modern cipher suites only. Sensitive configuration (notification webhooks, integration credentials) is encrypted at rest. Application database runs on a managed relational backend with provider-side encryption.
Tenant isolation on every query
Every read, every write, and every detection query carries account and project identifiers. Ingest streams are tenant-scoped. Concurrency limits apply per tenant so no one's workload starves another.
Retention and deletion
14-day retention during trial. 30 days on Team. 30 days on Growth. Custom on Enterprise. Permanent deletion at end of retention. Tenant-scoped delete on request for GDPR right-to-erasure.
Access controls
Login via Google Workspace today. Enterprise SSO on roadmap. API keys are scoped — read, ingest, or both — and listed per-tenant. Alert state changes are recorded with timestamps and actor for after-the-fact review.
Compliance and deployment
GDPR-aligned. DPA on request. Custom data residency on Enterprise. Self-hosted and dedicated deployments on request.
Have a security questionnaire?
We answer SIG, CAIQ, and custom questionnaires on request. Procurement, legal, and IT teams welcome.
Contact us →