Dash0 Raises $110M Series B at $1B Valuation

Last updated: March 26, 2026

Protect Data Privacy

Dash0's Web SDK is designed with privacy as a default, not an afterthought.

This topic explains the data the SDK collects, how it is stored and anonymized, and the controls you have to restrict or filter sensitive information.

Sensitive Data

The SDK is built to minimize the collection of personally identifiable information. User identification is strictly opt-in, and any data you do transmit through the Dash0 API is used only to support features within Dash0 — it is never interpreted for other purposes or correlated across customers.

  • By default, the SDK does not collect any data that uniquely identifies users.

  • No device or browser fingerprinting techniques are applied.

  • If you need to associate telemetry with specific users, you can opt in through the user identification API.

  • Data submitted via the user API is used exclusively to power product features visible in Dash0. It is not interpreted for other purposes or correlated across customers.

  • Dash0 supports ad-hoc deletion requests to comply with regulations such as the General Data Protection Regulation (GDPR).

Tip

Transmitting anonymized identifiers from the start — such as hashed user IDs — avoids the need for deletion requests entirely and simplifies long-term compliance.

IP Addresses and Geo-location

IP addresses are anonymized by default: for IPv4, the last octet is zeroed out; for IPv6, the last 80 bits are replaced. Stricter anonymization can be configured in your organization's dataset settings.

  • The SDK does not access IP addresses directly. They are obtained from the network connection to the telemetry server and anonymized before any enrichment takes place.

  • Geo-location is derived from IP-to-geo mapping, using either the source IP address of telemetry requests or the X-Forwarded-For header. Results are approximate and default to city-level precision. Precision can be further restricted in your organization's dataset settings.

Note

If you route telemetry through a proxy, Dash0 will see the proxy's IP address rather than your users' IP addresses, and geo-location will reflect the proxy's location. To preserve accurate geo-location data in this setup, configure your proxy to forward the X-Forwarded-For header. See Proxy the Ingestion Endpoint for details.

Storage and Tracking

The SDK does not use cookies.

Session tracking information is maintained using localStorage and sessionStorage.

The maximum session duration is configurable in the SDK.

Note

Browsers running in private or incognito mode typically clear localStorage and sessionStorage when the session ends. This means returning users in private mode will be treated as new sessions.

  • Data is stored in Amazon Web Services (AWS) or Google Cloud regions based on where your Dash0 organization is hosted.

  • You can identify the storage region from the SDK endpoint URL — for example, events sent to ingress.eu-west-1.aws.dash0.com are stored in the eu-west-1 AWS region.

Filtering Sensitive Data

The SDK includes built-in filtering to prevent sensitive data from being transmitted.

  • Credentials are automatically redacted.

  • Additional filtering rules can be defined at SDK initialization and applied to page URLs as well as HTTP request contents.

Tip

Filtering is applied in the browser before data is transmitted — redacted values never leave the client. This is distinct from deletion requests, which remove data that has already been ingested.