This document describes how Phoebe protects customer data. We start with key principles:
We only access and store the minimum necessary data to provide impactful reliability intelligence.
We integrate privacy by design and default into every phase of our product development and system design.
We are always transparent about how we use and protect data and don’t obfuscate with fine print or ambiguity.
Each customer’s data is used for their benefit only and is not used for training Large Language Models (LLMs).
Phoebe uses log and alert data from customers’ observability systems and unstructured incident text from Slack and historic postmortems. We do not require access to consumer Personally Identifiable Information (PII) such as sensitive transaction data. All practices are compliant with GDPR regulations.
We do not claim any ownership rights over customer data. Phoebe will access, process, and use customer data only as necessary and permitted by the customer to deliver our services.
Phoebe’s services run on AWS, exclusively in the eu-west-1 region (Ireland), and we are currently migrating all LLM hosting to EU (to be completed November 2025).E2B will be hosted in the EU from November 2025 (currently US hosted), but it’s only used for short retention (15 minutes) code repository analysis — and only when you explicitly enable that feature.The data processing flows are as follows — refer to Appendix 1 for the diagram. Appendix 2 lists the downstream 3rd party data processors.
Amazon ECS (in Public Subnet): Our data processing starts here. We use containerised applications for better isolation and scalability. Data is segregated from other customers logically with separate access controls for each organisation_id.
Amazon S3: We store incoming data securely in S3. It’s encrypted both when stored and during transfer, protecting data before further processing.
Amazon ECS (In Private Subnet): We process sensitive data, such as Personal Identifiable Information, in a private subnet for extra security, keeping it separate from external access.
Amazon RDS Backups: Regular, automated backups ensure data recoverability and help maintain data integrity. Data is retained for 7 days and encrypted at rest.
Datadog: Application logs from our Amazon ECS services are forwarded to Datadog for monitoring and debugging. Logs are transmitted via HTTPS (TLS) to Datadog’s log intake endpoints, and are deleted automatically after 15 days. Datadog data is hosted in the EU region.
LangSmith: LangSmith offers tools for monitoring and debugging our LLM calls. It is a subprocessor of query results of customer’s data, which includes records of observability and code analysis. We send data to LangSmith securely over HTTPS for evaluating our language models and analysing results. LangSmith data is hosted in the EU region. Organisations’ traces are logically separated from each other in a ClickHouse database and encrypted in transit. Traces are deleted automatically after 14 days.
PostHog: We use PostHog to track how users interact with our product in order to improve features and fix bugs. We only log email addresses as identifiers, no other personal information. Data is encrypted in encrypted in transit and at rest in secure EU servers for up to 90 days.
OpenAI: We use OpenAI LLM models for part of the data analysis process, including query results of observability and code analysis data. We use OpenAI Enterprise APIs hosted in the EU and US and from November 2025 will be EU-only. We use OpenAI on a zero-day data retention policy, meaning that context data is deleted shortly after processing.
Anthropic: We have begun using an Anthropic LLM model for part of the data analysis process, including query results of observability and code analysis data. We use an Anthropic Enterprise API hosted in the US with a zero-day data retention policy. We will migrate this to EU hosting during November 2025.
E2B: E2B provides secure cloud-based execution environments for code repository analysis. Customer code is processed in isolated sandboxes (powered by Firecracker microVMs) designed for running untrusted workflows. Sandboxes are ephemeral and deleted after each session. All transfers are encrypted. E2B will be hosted in the EU from November 2025 (currently US hosted).
Access to data is strictly controlled and limited to Phoebe employees. This includes data scientists, engineers, and researchers working to improve and maintain the system. These individuals are bound by confidentiality agreements and privacy policies.
Phoebe receives incident-related data from customer communication (Slack channels) and software observability systems. This may include PII such as employee, client and vendor names. PII data used in LLM models for inference are not redacted, in order to improve the utility of assistant responses - for example, an individual user will be able to see the names of their colleagues that worked on a specific incident. All customer data, including PII, used by 3rd party LLM models is strictly not used for training, and is held by 3rd parties on a zero day retention basis.If you want Phoebe to remove personal data about you from our systems, please contact us at [email protected].
Nightly backups are stored in the same region as the data. The retention period is 7 days. The backups are encrypted at rest. It is not possible to exclude specific datasets for the backups. The backups are snapshots of database files on disk.
All data is encrypted at rest, server-side with Amazon S3 (256-bit Advanced Encryption Standard Galois/Counter Mode). Encryption keys are managed by Amazon managed key service (SSE-S3) that encrypts and rotates the keys. Access is controlled using multi-factor authentication, password policies and role-based access control. The physical security of our infrastructure is managed by AWS. Employee endpoints are protected with full disk encryption.Phoebe engages independent security firms to conduct security audits on a semiannual basis. These audits thoroughly assess our infrastructure, applications, and processes to identify any potential vulnerabilities or areas for improvement. Identified issues will be prioritized and addressed promptly.
Phoebe is GDPR compliant. Customers have the right to access, rectify, or request the erasure of their personal data. Upon request, Phoebe will retain data for up to 7 days after which it will be securely deleted from storage.Phoebe is ISO27001 compliant. You can request access to the trust center here: trust.phoebe.ai
Phoebe commits to reviewing our data security policies annually to keep them effective and up-to-date with evolving regulations, industry standards, and technological advancements. This allows us to proactively enhance our protection of customer data. Customers will immediately be notified of any changes to the Phoebe Data Privacy Policy.
