Privacy Policy

What we collect

When you use the hosted DebugBundle service, we collect:

• Account information (email address, hashed password)
• Event data submitted through SDKs and the ingestion API
• Usage metrics (bundle requests, event counts, alert deliveries)
• Session data for authentication purposes

How we use your data

Event data is used solely to provide DebugBundle services: incident grouping, bundle generation, alerting, and retrieval. We do not sell event data or use it for advertising.

Redaction

DebugBundle applies automatic redaction to sensitive patterns (passwords, authentication headers, cookies, card numbers, SSNs) before storage. See the redaction documentation for details.

Data retention

Data retention follows your plan tier: Free (7 days), Solo (14–30 days), Team (30–90 days). Self-hosted instances control their own retention.

Access, export, and deletion

Hosted organization owners can review their account settings to download a JSON export of retained organization-account data and to permanently delete the current organization account. Deletion removes retained projects, incidents, tokens, audit history, and stored debugging artifacts for that organization.

Local-first mode

When using DebugBundle in local-only mode, no data leaves your machine. All processing happens locally and no information is transmitted to DebugBundle servers.

Contact

For privacy-related questions, see our contact page.