Privacy FAQ

This page addresses frequently asked questions and common privacy topics for Langfuse.

If you don’t find a solution to your issue here, try using Ask AI for instant answers or reach out to privacy@langfuse.com

Do you use customer data to train AI models?

No. Langfuse does not train or fine‑tunes ML/LLM models on Client Data. See terms of service for more details.

Can we enter into a Data Processing Agreement (DPA)?

Yes. You can enter into a DPA with Langfuse.

How long is data retained?

Data retention can be defined via project‑level policies: ≥ 3 days up to unlimited. Data is purged nightly.

How can we delete data?

Customers can delete single traces, batches, projects, organisations, or user accounts via the UI or the public API. See data deletion documentation for more details.

How do you delete data after the End of the Contract?

Upon termination, Langfuse will return or destroy Client Data within 30 days. If return or destruction is required or infeasible, Langfuse will continue to protect Client Data and limit further uses and disclosures.

How does your data classification policy look like?

Our Data Classification Policy organizes all information to ensure it receives the appropriate level of security based on its sensitivity. Data is categorized into three levels: Confidential for sensitive customer and employee data, Internal Use for default business information, and Public for information with no access restrictions. Each classification level has specific handling rules, such as limiting access to Confidential data on a strict need-to-know basis, to prevent unauthorized disclosure.

How does your data protection policy look like?

Our Data Protection Policy ensures all customer data at rest is stored on encrypted volumes, with direct employee access to production systems disabled by default. We enforce strict logical separation of customer data at both the database and API layers to prevent unauthorized access, while continuously monitoring our cloud infrastructure. Any necessary access to production data is granted on a temporary, need-to-know basis with explicit leadership approval, and all personnel are bound by non-disclosure agreements.

How does your data retention policy look like?

Our Data Retention Policy states that customer data is retained for as long as an account remains active. Once an account is voluntarily closed, the associated data enters an expired state and is permanently removed within a maximum of 30 days. For involuntarily suspended accounts, a grace period of at least 30 days is provided to resolve any issues before the account is closed and the standard data deletion process begins.

Was this page helpful?