Account Information: Email address, name, company name, billing details. Collected when you register or subscribe.

Usage Metrics (Prometheus): Log10x products send anonymized Prometheus metrics to our management console including: event patterns (structural templates, no content), optional enrichments (geo country codes, HTTP status codes, severity levels, Kubernetes pod/namespace names), license verification, aggregate event counts and sizes. We never receive log message content, application data, or customer PII.

Website Analytics: When implemented, Google Analytics will track page views and session data with prior consent via cookie banner. You control whether analytics cookies are placed.

Authentication: Auth0 session cookies for login. These are strictly necessary cookies required for platform functionality.

All Products Run in Your Infrastructure: Unlike traditional SaaS platforms, Log10x products process your logs entirely within your environment. Your log content never leaves your infrastructure.

Edge Products (Edge Reporter, Edge Regulator, Edge Optimizer): Deploy as DaemonSets or sidecars in your Kubernetes cluster. Process logs locally in real-time. Send only Prometheus metrics to Log10x management console.

Cloud Products (Cloud Reporter, Storage Streamer): Run in your cloud environment (your AWS/Azure/GCP account). Process data locally within your infrastructure. Send only aggregated metrics to Log10x monitoring.

What Log10x Receives: Only Prometheus metrics containing anonymized patterns, optional enrichments, and aggregate statistics. What Log10x Never Receives: Log message content, application data, customer PII, environment variables, secrets, or credentials.

Service Delivery: Process compilations, generate cost reports, stream archived data. Provide the core platform functionality.

Billing & Payment: Process payments via Stripe and AWS Marketplace. Send invoices and payment notifications.

Product Improvement: Analyze usage patterns to enhance features and performance. All analysis uses aggregated, anonymized data.

Support: Respond to inquiries, troubleshoot issues, provide technical assistance. Access customer data only with explicit permission.

Legal Compliance: Meet legal obligations, enforce terms, protect our rights and your security.

No Data Selling: We never sell, rent, or trade your information. Period.

Service Providers: Limited sharing with subprocessors necessary to operate the platform:
• Stripe - Payment processing
• AWS Marketplace - Alternative payment & billing
• AWS - Infrastructure hosting for management console (US regions)
• Auth0 - Authentication services
• Google Analytics - Website analytics with cookie consent (when implemented)

Legal Requirements: May disclose if required by law, subpoena, or to protect rights and safety.

Business Transfers: In event of merger/acquisition, data transfers only with equivalent privacy protections.

Account Data: Retained while your account is active and for 30 days after cancellation (for potential recovery).

Prometheus Metrics: Usage metrics retained for 90 days by default. Configurable retention periods available.

Log Content: Log10x does NOT receive or retain your log content. All log processing occurs in your infrastructure. We never have access to your observability data.

Backups: Deleted account data purged from backups within 60 days.

Your Rights: Request data export, deletion, or correction anytime via privacy@log10x.com. We respond within 30 days.

Current Service Area: Log10x currently provides Services to customers located in the United States and other non-EEA jurisdictions. We do not currently offer Services to residents of the European Economic Area (EEA), United Kingdom, or Switzerland.

If Located in EEA/UK/Switzerland: Please do not use our Services or provide personal information to us. We plan to expand European availability in the future. For inquiries about European service availability, contact legal@log10x.com.

Data Processing Location: All Log10x products process data in your infrastructure (your geographic location). Our management console operates in US-based AWS regions. Given our zero-egress architecture, your log data never leaves your environment regardless of where our management console operates.

California Residents: Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), you have the following rights:

Right to Know: Request categories and specific pieces of personal information we collect, use, disclose, or sell.

Right to Delete: Request deletion of your personal information, subject to certain exceptions.

Right to Opt-Out: We do not sell personal information and have not done so in the past 12 months.

Right to Correct: Request correction of inaccurate personal information.

Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

Exercise Your Rights: Email privacy@log10x.com with subject "California Privacy Request." We respond within 45 days. For faster service, include your account email and specify which right you're exercising.

Policy Updates: We may update this privacy policy. Material changes announced 30 days in advance via email and website notice. Continued use constitutes acceptance.

Policy Version: Last updated December 15, 2024

Privacy Contact: privacy@log10x.com

General Contact: hello@log10x.com

Mailing Address: Log10x Inc., 190 Weston Rd Ste 1 Unit 1085, Weston, CT 06883

DPA/BAA Requests: Email legal@log10x.com with subject "DPA Request" or "BAA Request"