Privacy Policy
We believe observability tooling should be transparent about what it observes. This policy explains what data tokentrace collects, why, and how you can control it.
Last updated: May 2026By default, tokentrace captures the full content of every LLM request and response — including prompts, completions, system messages, and any data passed to the model. This data is stored in your traces and visible in the dashboard.
If your prompts or completions contain personally identifiable information (PII), you can disable content capture per-call using the redactInputs and redactOutputs options, or strip PII globally via the piiRedaction SDK config. See the SDK docs →
What we collect
Trace data — when you use the tokentrace SDK, each LLM call generates a trace containing:
- Request inputs (prompt, messages, system prompt)
- Model response (completion text, tool calls)
- Model name, provider, token counts, latency
- Estimated cost based on public model pricing
- Timestamp and your project API key
Account data — when you sign up:
- Email address
- Name (optional)
- OAuth tokens if you use GitHub or Google sign-in
Usage analytics — we collect anonymized product usage (page views, feature interactions) to improve the dashboard. No request content is included.
Disabling PII capture
If your application handles sensitive user data, you have two options:
- Per-call redaction — pass
{ redactInputs: true, redactOutputs: true }to suppress content on individual traces while keeping metadata (tokens, cost, latency). - Global PII filter — configure
piiRedaction: truein the SDK init to apply automatic regex-based scrubbing of emails, phone numbers, and card patterns before data leaves your server.
Metadata (model, tokens, latency, cost) is always captured regardless of redaction settings — it contains no user content.
How we use your data
- Render your dashboard and power search/filters
- Compute cost and latency aggregations
- Send account-related emails (billing alerts, team invites)
- Improve the product via aggregated, anonymized analytics
We do not sell your data, use your LLM traces to train models, or share content with third parties outside of what's required to operate the service.
Data retention
- Free plan — traces kept for 7 days
- Team plan — traces kept for 90 days
- Account data deleted within 30 days of account closure
Third-party subprocessors
We use a small number of infrastructure providers to operate the service. Data may be processed by them under equivalent or stronger privacy protections.
Your rights
You can request export or deletion of your data at any time by emailing privacy@tokentrace.app. We will respond within 30 days.
Contact
Questions about this policy: privacy@tokentrace.app