Rollbar is compliant with GDPR and can serve as a data processor for customers who control data from individuals in the EU. We provide the following measures to enable our customers to maintain GDPR compliance:
Data Processing Agreement
Rollbar provides a data processing agreement (DPA) which can be viewed and accepted by going to Account Settings -> Security -> Data Processing Agreement.
To ensure that you retain your customer's identifiable data no longer than necessary, we've added the option in paid Rollbar accounts to customize your data retention period between 7-180 days. You can update this by going to Account Settings -> Security -> Data Retention.
Right to be Forgotten
We've added an API for deleting person tracking data. See our API docs for details.
Data Subprocessor Explanation
If you are required to list Rollbar as a data subprocessor, the following information can be provided:
- Purpose: Exception reporting
- Location: USA
Don't hesitate to contact us via firstname.lastname@example.org.