0

Running Grafana v5.0.0-beta1

Grafana collects stats on user logins to grafana projects.

EU GDPR legistation (from May 25th 2018) has strict regulation concerning PII (personal identifiable information).

Does anyone know what info Grafana collects from users logins by default, where it is stored (e.g. database), and how to manage this data to make it GDPR compliant (e.g. remove IP addresses periodically)?

To be clear I am not referring to data I am collecting and displaying with grafana, I am solely concerned about data grafana collects on user logins to generate user access stats within projects

HBruijn
  • 72,524
  • 21
  • 127
  • 192
Compendius
  • 21
  • 3
  • 3
    Grafana doesn't collect data; it displays data you have collected elsewhere. Is there some specific data you are concerned about? – Michael Hampton Apr 09 '18 at 16:29
  • 2
    An easy way to make **almost anything** GDPR compliant: 1) Document clearly what data you are collecting, for which purposes, from which sources and what's your retention period. 2) Get an _explicit consent_ from your users to do this. 3) Don't leak the information. / / The easiest way: anonymize the data by removing any information linked to a natural person. Now it isn't in the scope of GDPR anymore. – Esa Jokinen Apr 09 '18 at 16:40
  • To be explicit I am not referring to data I am collecting from elsewhere. I am referring to data collected by grafana when a user logs into grafana to view a project. Grafana records user logins and displays them as project stats. I need to know what grafana is recording (for example a users IP address on login to grafana) – Compendius Apr 09 '18 at 16:55

1 Answers1

2

I asked the same question on the Grafana community and received the answer. In short there is no PII data stored in user login stats.

If you are talking about usage statistics, then from my technical point of view Grafana doesn’t collect any PII. They are just technical metrics (counters, version reporting, …), so you can’t apply GDPR here.

Esa Jokinen
  • 43,252
  • 2
  • 75
  • 122
Compendius
  • 21
  • 3