Sentry DPA Acknowledgement
Status: PENDING OPERATOR ACTION Trigger: Before first EU customer Last updated: 2026-05-19 UTC
Vendor Details
| Field | Value |
|---|---|
| Vendor | Functional Software, Inc. (d/b/a Sentry) |
| Vendor address | 45 Fremont Street, 8th Floor, San Francisco, CA 94105, USA |
| Role | Error monitoring and performance observability — may capture user IDs, IP addresses, and user-generated content fragments in error stack traces |
| DPA URL | https://sentry.io/legal/dpa/ |
| DPA execution | Self-serve — in Sentry organization settings |
| SCC mechanism | Yes — Sentry's standard DPA includes 2021 EU Commission SCCs (Module 2, Controller-to-Processor) and UK Addendum |
How to Execute
Time estimate: ~10 minutes
- Log in to Sentry at
https://sentry.io/ - Navigate to Settings → (your organization) → Legal → Data Processing Agreement
- Direct path:
https://sentry.io/settings/<your-org-slug>/legal/ - Review the Sentry Data Processing Agreement.
- Click the agreement acceptance button. Sentry countersigns automatically.
- Download the executed PDF — the legal page provides a download link after acceptance.
- Save the PDF to Google Drive at:
legal/DPAs/sentry-dpa-<year>.pdf - Update this document (fields below) and the summary table in
vendor-dpas-status.md.
Note on finding your org slug: In the Sentry URL bar after login, it appears as
https://sentry.io/organizations/<your-org-slug>/. It is typically raxx or moosequest.
Execution Record
Fill in this section after signing.
| Field | Value |
|---|---|
| Signed date | PENDING |
| Signed by | Kristerpher, MooseQuest LLC dba Raxx (operator / data controller) |
| Sentry organization slug | [fill in] |
| Sentry DPA version | [fill in — shown on the legal page, e.g., "v2.0"] |
| SCC modules confirmed | [fill in — confirm Module 2 Controller-to-Processor is included] |
| UK Addendum included | [yes/no] |
| Google Drive file | [fill in — full Drive URL after upload] |
| Drive folder | legal/DPAs/ |
| Notes | [any notes — particularly confirm whether the sentry_backend feature flag is enabled and what data Sentry is currently receiving] |
What This Covers
Sentry's DPA covers Sentry's role as an error monitoring sub-processor for: - Error event data (stack traces, exception messages) - User IDs and session identifiers (if Sentry's user context is configured) - IP addresses (if not scrubbed) - Request metadata and URLs
Important action item (independent of DPA execution): Confirm that Sentry's Data Scrubbing settings are configured to mask PII fields in error payloads. In Sentry: Settings → Security & Privacy → Data Scrubbing — verify email addresses, names, and other identifiers are in the scrubbing rules before EU customers are onboarded.
This is a technical control that is required regardless of DPA status. The DPA covers Sentry's contractual obligations; scrubbing rules prevent PII from entering Sentry in the first place.
Version History
| Date | Change | By |
|---|---|---|
| 2026-05-19 UTC | Document created | raxx-dev-bot (feature/vendor-dpa-acknowledgements) |