Compliance GDPR

If you are a company that collects and processes data from EU residents, you are likely a data controller and would be required to comply with the new EU General Data Protection Regulation (GDPR) that came into effect on May 25th, 2018.

The GDPR was enacted to strengthen the privacy and control EU residents have over their personal data. Part of that is achieved by extending certain data protection requirements that previously were only for data controllers to data processors as well.

As a data controller, you are now required to work only with GDPR-compliant data processors. Because Rollbar processes data on your behalf, we are a data processor to you and are directly obligated to comply with this regulation.

Rollbar treats all data received as potentially containing personal data, and only processes data that you provide to us for the purpose of monitoring errors in your applications.

Common questions

Where does your data reside?

Our data center, where data is stored and encrypted at rest, is located in Iowa, USA and compliant with industry standards including AICPA SOC 2 and 3. We also use a global PoP network for fast & reliable experience.
I am a free user. What kind of data protection do I get?

We protect all users’ data with encryption at rest and in transit. You can prevent sensitive data from getting sent to Rollbar by using the data scrubbing filters in our SDKs. As a free user, your data retention period is set according to the free plan, which is 30 days. If you want to customize your retention period, please upgrade to a paid plan.
I'm not sure if I must comply with GDPR. Could you help?

Please keep in mind this content is not intended to provide you with, or should be used as a substitute for, legal advice. You should seek legal advice on your status and obligations under the GDPR from a lawyer.
Can I see a copy of your Data Processing Agreement?

Sure, please visit this page to review our standard DPA.
What is Rollbar Compliant SaaS?

Compliant SaaS is an edition of Rollbar that comes with contract agreements for compliance such as the Business Associate Agreement (BAA) for HIPAA, and advanced security features such as application-level encryption at rest. See our Compliance page or contact Sales to learn more.
I have other questions. How do I reach you?

Please contact us directly at privacy@rollbar.com.

Rollbar and GDPR

Data Processing Agreement

Data Encryption

Data Retention

Data Scrubbing

Person Data Deletion

Data Protection Officer

More on Security & Compliance

Common questions

Where does your data reside?

I am a free user. What kind of data protection do I get?

I'm not sure if I must comply with GDPR. Could you help?

Can I see a copy of your Data Processing Agreement?

What is Rollbar Compliant SaaS?

I have other questions. How do I reach you?

Start continuously improving your code today.