At Studio 24 we work with a lot of government and public sector clients, who are understandly keen to comply with GDPR and are therefore careful about where data is sent and stored.
There is a strong preference to use services that store all data within UK or the European Economic Area (EEA).
This is an issue for many SaaS products since most of them store data in the US or Canada. While there is the EU-US Privacy Shield agreement this has become uncertain after Brexit.
Where possible, we aim to use EAA or UK hosted data for public sector digital services. Where that’s not possible we can use non-EU hosted data for services, but we need to justify this with our clients.
Two tools we currently use for error reporting and monitoring are Bugsnag and Usersnap. After my review I discovered Bugsnag is hosted in the US, though Usersnap is hosted in Europe. A summary of my research on data storage locations is below.
In addition I’ve also added notes on where you can strip indentifying user data from external data storage. This can be helpful for data privacy.
Hosted in EAA
Usersnap
Data hosted on AWS in Europe (Germany or Ireland). GDPR docs are a bit sparse but you can request more details via email. It’s not really possible to strip data via Usersnap due to how it works (on demand screenshot tool rather than automated monitoring).
New Relic
It is possible to select EU data storage when setting up your account. New Relic publish information on security and privacy. HTTP parameters are not logged by default to avoid logging user data.
DataDog
You can use the EU site to ensure all data is stored within the EU. View GDPR docs.
Hosted in US only
Airbrake
Data hosted in USA. GDPR documentation is available on request.
Bugsnag
Data hosted on Google Cloud in USA. Bugsnag does have a detailed Data Processing Agreement and some examples on how to delete user data for data deletion requests which is nice to see.
Loggly
As far as I can tell data is stored in USA.
LogRocket
Data is stored in USA. Lots of options to exclude sensitive data.
Raygun
Data is stored in USA. You can remove sensitive data.
Rollbar
Data is stored in USA. There is some docs on scrubbing data in JS.
Sentry
Data is stored in USA. See data privacy docs. Sentry has data scrubbing tools.