Vestara logoVestara

    Legal

    Privacy Policy

    Last updated: April 2026

    What we collect

    • Crash reports: stack traces, device model, OS version, and app version
    • Log events: developer-sent log lines, log level, and timestamp
    • Session replay data: DOM interactions, clicks, and scrolls on web only
    • Real user metrics: Core Web Vitals, cold start time, and performance timings
    • Device identifiers: a stable UUID generated by the SDK, not IDFA or IDFV
    • User-set identifiers: only if the developer calls setUser() in the SDK

    What we do NOT collect

    • Vestara is not designed to collect passwords or payment card data through the SDK
    • Session replay is designed to mask known password input types by default, along with elements marked data-sensitive
    • We do not sell your data to third parties
    • We do not run advertising

    Data retention

    • Free plan: 5 days
    • Paid plans: 30 to 90 days depending on plan
    • You can delete your project and all associated data at any time from the dashboard

    BYODB (Bring Your Own Database)

    • If you connect your own Neon database, your event data is stored at rest in your connected database after being processed through Vestara’s ingestion pipeline
    • We store only your encrypted connection string

    Data location

    • Data is stored in the EU (Ireland) by default
    • Enterprise plans can request alternative regions

    Contact

    privacy@vestara.dev