Data Security & Privacy

Data Privacy and Security

At Langfuse, we prioritize data privacy and security. We understand that the data you entrust to us is a vital asset to your business, and we treat it with the utmost care.

With Langfuse Cloud, we handle:

  • Deployment
  • Scaling
  • Upgrades and security patches
  • Ensuring high availability:

Security Measures

Langfuse Cloud

  • We encrypt all data at rest and in transit using TLS.
  • Our database and application run on AWS infrastructure, managed by Supabase and Vercel.
    • Default data regions:
      Langfuse RegionDomainData location
      Europecloud.langfuse.comFrankfurt, Germany (AWS eu-central-1) California, US (AWS us-west-1)
    • We offer other regions and dedicated deployments for enterprise customers.
  • We use Point-in-Time Recovery (PITR) with database backups and Write Ahead Log.
  • All users have access to SSO (Single Sign-On) through OAuth 2.0 with Google and GitHub. We can enforce SSO for your organization (Team plan and above) to require 2FA (Two-Factor Authentication).
  • For security inquiries, please contact us at [email protected]

Self-hosted Instances

Privacy Measures

Compliance Measures

We are actively working towards achieving SOC 2 and ISO 27001 compliance.

For specific compliance requirements or questions, please contact us at [email protected]

Responsible Disclosure of Security Vulnerabilities

We value the security community and prioritize system security. We encourage the disclosure of security vulnerabilities to help us protect the security and privacy of our users. Please send actionable vulnerability reports to [email protected].


We encourage employees and third parties to report breaches to us via email ([email protected]) or postal mail (address available here). You can contact us anonymously or request that we protect your privacy. For more information, employees can refer to Langfuse's internal Responsible Disclosure Policy.

Was this page useful?

Questions? We're here to help

Subscribe to updates