Data Privacy
LogVault is built with privacy-first principles. We automatically detect and protect sensitive data before it's stored.
Automatic PII Scrubbing
Our ingestion engine automatically detects and masks personally identifiable information (PII) in your event metadata. This happens before data is written to disk.
What We Detect
- Email addresses →
j***@example.com - Credit card numbers →
[REDACTED] - Social Security Numbers (SSN/BSN) →
[REDACTED] - IBAN numbers →
NL**ABNA*****1234 - Phone numbers →
+31 6 **** **89 - API keys →
sk_live_**** - IP addresses → Optionally anonymized
How It Works
When you send an event like this:
Python
1client.log(2 action="payment.processed",3 actor_id="user_123",4 metadata={5 "email": "john.doe@example.com",6 "card_number": "4111111111111111",7 "amount": 99.998 }9)
LogVault stores it as:
JSON
1{2 "action": "payment.processed",3 "actor_id": "user_123",4 "metadata": {5 "email": "j***@example.com",6 "card_number": "[REDACTED]",7 "amount": 99.998 }9}
Configuration Options
You can customize the scrubbing behavior in your organization settings:
| Option | Default | Description |
|---|---|---|
scrub_emails | true | Mask email addresses |
scrub_credit_cards | true | Redact credit card numbers |
anonymize_ips | false | Anonymize IP addresses |
custom_patterns | [] | Custom regex patterns to scrub |
GDPR Compliance
LogVault helps you comply with GDPR requirements:
- Data Minimization - Only store what you need, automatically scrub the rest
- Right to Erasure - Export and delete user data on request
- Data Portability - Export audit logs in standard formats
- EU Hosting - All data stored in Frankfurt (eu-central-1)
Data Retention
Events are retained based on your plan's retention period. After expiration, data is automatically and permanently deleted.
| Plan | Retention |
|---|---|
| Free | 30 days |
| Starter | 12 months |
| Growth | 12 months (customizable) |
| Enterprise | 7 years (FinTech compliance) |