Logging

The logs we keep cover system health, not message content.

#What is logged

• Errors, exceptions, and stack traces.
• Response times and throughput per endpoint.
• Authentication events for the dashboard.

#What is not logged

• The text you typed.
• The body of any API request that contains user content.
• Individual detections tied to identifiable users.

Application logs rotate on a 30-day rolling window. Detection metadata used for analytics is kept separately, for a maximum of 24 months. Account data follows Dutch financial law: contract duration plus 7 years.

#Aggregation in reports

Reporting is at organization or team level. The dashboard does not display statistics for groups smaller than 10 active users. The threshold is hardcoded.