GDPR Compliance
How LaraBug complies with GDPR and protects your data
Last updated: April 11, 2026
At LaraBug, we take data protection seriously. We are committed to complying with the General Data Protection Regulation (GDPR) and ensuring your data is processed lawfully, fairly, and transparently.
Quick Summary
LaraBug is a GDPR-compliant error tracking service operated by Intilli, a Belgian company. We process data within the EU, implement strong security measures, and respect all your data protection rights.
Self-service from your profile
Every GDPR right on this page is self-service. Log in and open the Data tab in your profile to:
- • Request a signed Data Processing Agreement (DPA)
- • Export a full copy of your data as a ZIP archive
- • Schedule your account for deletion, with a 30-day grace period to change your mind
Our Role Under GDPR
You (Data Controller)
You determine what data is logged in your application errors. You are responsible for ensuring compliance when logging personal data.
LaraBug (Data Processor)
We process error data on your behalf according to our Data Processing Agreement. We implement technical and organizational measures to protect your data.
GDPR Principles We Follow
Lawfulness, Fairness, and Transparency
We clearly communicate how we process your data and only do so lawfully.
Purpose Limitation
We only process data for the explicit purpose of error tracking and monitoring.
Data Minimization
We only collect data necessary for providing error tracking services.
Accuracy
You can update your account information at any time through your dashboard.
Storage Limitation
Data is automatically deleted according to your plan's retention period (7-365 days).
Integrity and Confidentiality
We use encryption, access controls, and security monitoring to protect your data.
Accountability
We maintain records of processing activities and conduct regular compliance reviews.
Your Rights Under GDPR
As a data subject in the EU, you have the following rights. We make it easy to exercise them:
| Right | How to Exercise |
|---|---|
| Access | Request a full data export from Profile → Data. We email you a ZIP archive with every record we hold on you. |
| Rectification | Update your profile, billing details, and email from the account settings. |
| Erasure | Delete your account from Profile → Data. You have a 30-day grace period to cancel via the email we send you. After day 30 the deletion is permanent. |
| Portability | Use the data export from Profile → Data. The archive ships as CSV, Markdown, and JSON, machine- and human-readable. |
| Restriction | Email support@larabug.com with the specific processing you want paused. |
| Objection | Unsubscribe from marketing via the link in any email, or email support@larabug.com for broader objections. |
Data Processing Location
EU-Based Infrastructure
All customer data is stored and processed within the European Union. We do not transfer personal data outside the EU/EEA without appropriate safeguards.
Security Measures
Technical Measures
- TLS/SSL encryption
- Database encryption at rest
- Secure password hashing
- Regular security audits
- Automated backups
Organizational Measures
- Role-based access control
- Staff training on data protection
- Confidentiality agreements
- Incident response procedures
- Privacy by design principles
Data Processing Agreement
For customers who require a formal Data Processing Agreement (DPA), we provide a comprehensive agreement that covers:
- Subject matter and duration of processing
- Nature and purpose of processing
- Types of personal data and categories of data subjects
- Obligations and rights of the controller
- Security measures and sub-processors
- Data breach notification procedures
Customers can request a signed DPA directly from Profile → Data. We prepare it against the company details on your billing profile and email it to your account address within 5 business days. If you need something custom, email support@larabug.com.
Data Breach Notification
In the unlikely event of a data breach that affects your personal data, we will:
- Notify the relevant supervisory authority within 72 hours
- Notify affected data subjects without undue delay if there is a high risk to their rights and freedoms
- Provide details about the nature of the breach, likely consequences, and measures taken to address it
- Document all breaches and remedial actions
Sub-processors
We work with the following sub-processors to provide our services:
| Service Provider | Purpose | Location |
|---|---|---|
| Mollie | Payment processing | Netherlands (EU) |
| Postmark | Transactional email delivery | EU data region |
| Hetzner | Infrastructure and server hosting | Germany (EU) |
| Ploi | Deployment and server management | Netherlands (EU) |
Questions or Concerns?
If you have any questions about GDPR compliance, want to exercise your rights, or have concerns about how your data is processed:
Intilli
Nazarethsesteenweg 13
9800 Deinze
Belgium
Registration: 0740.911.734
VAT: BE0740.911.734
support@larabug.com
You also have the right to lodge a complaint with the Belgian Data Protection Authority (GBA) if you believe we have not handled your data appropriately.