Security & retention enforcement
The retention values in our Privacy Policy are not aspirational — they are enforced by code that runs every day. This page documents that enforcement and the controls around it.
Automated retention enforcement
A scheduled job runs daily at 03:17 UTC inside our API worker. It hard-deletes each category of data by age — a hard delete in the database, not a soft-delete flag. Account deletion is immediate and cascades to all of the customer's rows. Current schedule:
- Raw crash logs (Free and Team): 30 days
- Diagnosis results, failure signatures, follow-up chat, and feedback: 90 days (Growth and Data Center: 1 year)
- Alert delivery log (subject, recipient, timestamp): 90 days
- Rate-limit counters (hashed IP token only): 2 days
- Login attempts (email + IP, brute-force defense): 30 days
- Payment-event records (Stripe webhook events): 30 days
- Cookie-consent receipts: 3 years
- Audit log (tamper-evident SHA-256 hash chain, retained for SOC 2): 2 years
- Billing records (retained to meet US tax obligations): 7 years
Encryption
All traffic is TLS 1.3 in transit. Data at rest is encrypted by our infrastructure provider (Cloudflare). Data Center customers can supply their own AES-256-GCM key (BYOK), in which case diagnosis logs are encrypted with the customer-managed key before they are stored and cannot be read without it.
Access control & tenant isolation
Every API query is scoped to the authenticated customer's ID at the database layer (row-level security enforced in code and covered by integration tests). Sessions are short-lived JWTs; API keys are revocable per key. Client-side privacy masking on the agent scans for and redacts PII/PHI before any log leaves the customer's host. On Scale, Growth, and Data Center plans the agent runs inside your own VPC, so raw logs never leave your boundary — only anonymized failure signatures (failure type, fix, timestamps) are sent off-cluster.
Where to go deeper
The Security page covers the full program. The Trust Center hosts our SOC 2 status, sub-processor list, data-flow diagram, and one-click requests for DPA, BAA, and assessment documents. Report vulnerabilities to security@denpex.com.