❔ Privacy, data & security FAQ

Data retention

Data sent to Helios - through instrumentation, OTel collector, or server integration - is stored for a default period of 10 days before it's scraped. The number of days in the retention period may vary based on the specific organization's plan, and can be accessed under Settings > Plans.

Specific traces are preserved longer than the default retention period - for example, traces that have been shared or those where their trace visualization was viewed.

At any point it's possible to trigger a complete data deletion by selecting a service and deleting it. This action results in removing all spans (operations) of this service from our database.

Source code

Helios doesn't rely on your source code to perform any sort of analysis.

In order to use the product, all you need to do is to install the Helios OpenTelemetry SDK in your services, a standard practice used by vendors such as DataDog, New Relic, Sentry, Logz.io, etc.

Standards and certifications

Helios is compliant with different standards, including SOC II Type II, ISO 27001 and being GDPR-ready.

The Helios application is hosted on AWS us-east-1 datacenter, and can be extended to run from other geo-locations. Helios offers various controls and configurations (such as metadata-only mode) to mitigate various privacy restrictions. Please don't hesitate to contact us to learn more.

Sensitive data collection

Helios supports various instrumentation layers when it comes to collecting sensitive data so that each team can adopt distributed tracing while meeting its respective privacy needs.

The range of layers goes all the way from full payload collection, through blocklists and allowlists, to metadata-only mode and finally to preventing specific URLs from being collected altogether.