Privacy Policy
Last updated: June 26, 2026
1. Introduction and Who We Are
This Privacy Policy describes how LogPulse ("we", "us", "our") collects, uses, stores, and protects information when you use our log management and observability platform, websites, and related services ("the Service").
LogPulse is the controller for personal data about your account and your use of the Service. For the log and event data you submit, your organization is the controller and we act as a processor on your behalf (see "Our Role" below). The legal entity that operates LogPulse and its registered details will be identified here; for any privacy question you can always reach us at [email protected].
2. Data We Collect
We collect the following categories of information:
Account Information: Name, email address, and organization details provided during registration.
Log Data: Log entries, metrics, and other observability data you submit to the Service for indexing and analysis. This is your data. We process it to provide the Service.
Usage Data: Information about how you interact with the Service, including pages visited, features used, queries executed, and session duration.
Technical Data: Browser type, IP address, device information, and operating system, collected automatically for security and performance purposes.
Billing Information: Where you purchase a paid plan, billing details and VAT information. Card and payment details are handled by our payment provider and are not stored by us.
3. How We Use Your Data
We use your data to:
• Provide, maintain, and improve the Service.
• Index, search, and analyze log data as directed by you.
• Run anomaly detection and AI investigation features on your log data.
• Send service-related communications (account notifications, security alerts, and billing).
• Monitor and improve service performance and reliability.
• Detect and prevent fraud or abuse, and comply with our legal obligations.
We do not sell your personal data. We do not use your log data for advertising purposes.
4. Legal Basis for Processing
Where the GDPR applies, we process your personal data on the following legal bases:
• Performance of a contract: to provide the Service to you and your organization under our Terms of Service.
• Legitimate interests: to secure, maintain, and improve the Service, prevent abuse, and communicate about service operations, balanced against your rights and freedoms.
• Legal obligation: where we are required to process data to comply with the law.
• Consent: where we ask for it specifically, for example for optional communications. You can withdraw consent at any time.
5. Our Role: Controller and Processor
We act in two capacities:
• As a processor for the log and event data you submit ("Customer Data"): your organization decides what data to send and why, and we process it only on your instructions to provide the Service. A Data Processing Agreement (DPA) is available on request.
• As a controller for the account, billing, usage, and technical data we need to operate and secure the Service and run our business.
You are responsible for ensuring you have a lawful basis to submit Customer Data, including any personal data it may contain, and for informing your own users where required.
6. Data Storage and Location
Your data is stored on cloud infrastructure in the European Union (GCP Amsterdam, Netherlands). Compute and storage stay within the EU region. We use industry-standard encryption for data in transit (TLS 1.2+) and at rest.
If we ever need to change the location or provider of data storage, we will update this policy and notify users of any change that affects where personal data is processed.
7. International Data Transfers
We design the Service to keep your data within the European Union. Log data, account data, and AI processing all stay within EU regions during normal operation, and we do not transfer your data to the United States for routine operation.
If a specific feature or subprocessor ever required a transfer of personal data outside the European Economic Area, we would only do so with an appropriate safeguard in place under the GDPR (such as an adequacy decision or Standard Contractual Clauses), and we would update this policy accordingly.
8. Data Sharing and Subprocessors
We may share your information with:
Service Providers and Subprocessors: Third parties that help us operate the Service (for example cloud hosting and email delivery). They are bound by appropriate data protection obligations and may only process data on our instructions.
AI Subprocessor (Anthropic via Amazon Bedrock): When you use AI features (AI Investigator, AI Query Generator), schema metadata and your natural-language prompts are processed by Claude models via Amazon Bedrock in the EU (AWS Europe). Your raw log content is never sent. Processing stays within EU regions, no US transfer, and your data is not retained or used for training.
Legal Requirements: When required by law, regulation, legal process, or governmental request.
Business Transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred; we will notify you of any such transfer.
We do not share your log data with third parties for their own purposes. A current list of subprocessors is available on our security/compliance page, and we will give notice of material changes.
9. AI Features and Automated Decisions
Some features use AI models to help you work with your data: for example generating queries from natural language, summarising findings, and assisting investigations. These features are designed to keep a human in the loop: they produce suggestions and analysis, and they do not make decisions that produce legal or similarly significant effects about you without human involvement.
AI processing runs on Anthropic's Claude models via Amazon Bedrock within the EU. Your raw log content is not sent to the model; your prompts and limited metadata are, and they are not retained by the model provider or used to train models. You remain responsible for reviewing AI-generated output before acting on it.
10. Cookies and Tracking
We use essential cookies to maintain your session and preferences (theme, language). We use minimal analytics to understand Service usage.
We do not use third-party advertising trackers. We do not build advertising profiles from your data.
11. Marketing Communications
We may send you service-related messages that are necessary to operate your account, such as security and billing notices; these are not marketing and you cannot opt out of them while you have an account.
We will only send you marketing communications where you have agreed to receive them or where permitted by law. You can opt out at any time using the unsubscribe link in those messages or by contacting us at [email protected].
12. Your Rights
Depending on your location, you may have the right to:
• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your data.
• Export your data in a portable format.
• Object to or restrict processing of your data.
• Withdraw consent where processing is based on consent.
To exercise these rights, contact us at [email protected]. We will respond within 30 days. Where we process Customer Data as a processor, we will refer your request to the relevant controller (your organization) or assist them in responding.
13. Data Retention
We retain your data for as long as your account is active or as needed to provide the Service.
Log data retention periods are configured by you within the Service. After account deletion, account data is retained for 30 days and then deleted, except where we are required to retain it longer to comply with a legal obligation (for example billing and tax records).
14. Security
We implement technical and organizational measures to protect your data, including:
• Encryption in transit (TLS 1.2+) and at rest.
• Access controls, authentication, and least-privilege access for our team.
• Regular security reviews of our code and infrastructure.
• EU data residency, so your data does not leave the region during normal operation.
No system can be guaranteed to be completely secure. If we become aware of a personal data breach affecting you, we will notify you and the relevant supervisory authority where required by law.
15. Children's Privacy
The Service is not intended for use by individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact us and we will delete it.
16. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice in the Service. The "last updated" date at the top reflects the latest version, and your continued use after changes constitutes acceptance of the updated policy.
17. Contact and Complaints
For privacy-related questions or to exercise your rights, contact us at:
Email: [email protected]
If you are in the EU and believe we have not handled your personal data lawfully, you also have the right to lodge a complaint with your local data protection supervisory authority. In the Netherlands this is the Autoriteit Persoonsgegevens (autoriteitpersoonsgegevens.nl).