General Data Protection Regulation (GDPR)

Last updated: April 2018

Overview

The General Data Protection Regulation (GDPR) is a new set of rules designed to give EU citizens more control over their personal data. It aims to simplify the regulatory environment for business so both citizens and businesses in the European Union can fully benefit from the digital economy.

The GDPR will be enforceable starting on 25 May 2018. Raygun is committed to GDPR compliance across all products and services. We are also committed to helping our customers with their GDPR compliance journey by providing robust privacy and security protections built into our services and contracts.

Protecting your data

As a Raygun customer, your data will be treated in accordance with the GDPR legislation.

Security of our customers' data is our number one priority, and Raygun has already obtained approval from EU data protection authorities, to enable transfer of data outside Europe, including to the U.S.

Raygun customers can continue to run their global operations using Raygun in full compliance with EU law. The Raygun Data Processing Addendum is available to all Raygun customers that are processing personal data whether they are established in Europe or a global company operating in the European Economic Area.

Raygun has appointed a Data Protection Officer where such appointment is required by Data Protection Laws and Regulations.

Compliance

Raygun will be implementing tools for administrators in your account settings to ensure they comply with GDPR and EU law before the legislation comes into effect on 25 May 2018. Making it easy for you and your team to manage compliance.

Raygun account owners will have the functionality to agree and sign the Data Processing Addendum between Raygun and your organization from within your account settings.

Raygun's GDPR settings page

This functionality will be made available to customers shortly.

Frequently asked questions

Does Raygun comply with GDPR (General Data Protection Regulation) with regards to the data of Raygun customers?
Yes.

Can I view Raygun’s data processing addendum (DPA)?
Yes. This can be found here.

Does Raygun collect any personally identifiable information from customer’s applications about their users, and what kind of data?
Raygun provides the ability to control the data you send to us from your applications. All Raygun providers offer the ability to exclude specific and sensitive information before being sent for us to process. Some Raygun features allow you to send IP address information, email addresses, usernames and other custom data to assist with issue diagnosis. Raygun does not collect this information by default. You are in full control of the data you send to us.

Where is the Raygun data stored geographically? Under which jurisdiction?
All Raygun data is stored in the US-EAST-1 region of the AWS Datacenter.

How long is the data retained for?
Data will remain in your Raygun account until your data retention period expires for that data, or you manually choose to delete this information from your account settings.

How do I prevent sensitive data from being sent into Raygun?
You are in complete control of the data you choose to send to Raygun, however should error and session details contain data you do not wish to be processed, Raygun allows you to remove sensitive information on the client side before the data is sent to us. For more information on how to accomplish this, please see this article.

Further information

If you have additional concerns or questions about GDPR compliance, feel free to contact us.