anonym.legal

By · Last updated 2026-06-05

Späť na blogTechnické

GDPR v logoch aplikacii: Sulaad JSON s OOU

Aplikacne logy obsahuju emailove adresy zakaznikov, IP adresy a cisla uctov, ktore GDPR clanok 5(1)(e) vyzaduje spravovat.

June 5, 20266 min čítania
API logsGDPR complianceJSON anonymizationobservabilitystorage limitation

Tiché riziko GDPR vo vasom logovom zasobniku

Aktualizovane pre rok 2026

Vacsina timov kontroluje svoju databazu kvoli osobnym udajom. Menej z nich robi to iste pre svoj logovaci system.

GDPR clanok 5(1)(e) obmedzuje, ako dlho mozete ukladat osobne udaje. Pre databazy timy nastavuju politiky a spustaju vymazavacie ulohy. Pre logove subory je pravidlo jednoduchsie: uchovat vsetko 90 dni na ladenie.

Problemon? Tieto zaznamy obsahuju osobne udaje. Zaznamy poziadaviek obsahuju emaily pouzivatelov. Zachytenia chyb obsahuju surove vstupne hodnoty. Zaznamy pristupov obsahuju IP adresy. Kazda z tychto hodnot sa pocita ako osobne udaje podla GDPR. Vas tim potrebuje pravny zaklad a plan uchovannia pre kazdu z nich.

Co skoncuje vo vasich logových suboroch

Standardne logovanie webovych aplikacii prinas siroky rad OOU.

Zaznamy pristupov (nginx/Apache):

  • IP adresy - osobne udaje podla usmernenia EDPB
  • Retazce user-agent - mozu umoznit snimanie odtlacku zariadenia
  • Tokeny relacii - ak su zapisane do vystupu

Zaznamy aplikacie (strukturovany JSON):

  • ID pouzivatelov a emailove adresy
  • Chyby vstupu - casto obsahuju surovu neplatnu hodnotu, ktora moze byt skutocna informacia pouzivatela
  • Obchodne udalosti - ID objednavok prepojene so zakazn ickymi uctmi
  • Vyhladavacie dotazy - mozu obsahovat mena alebo adresy

Zaznamy API brany:

  • Autentifikacne hlavicky - ciastocne zachytene v niektorch nastaveniach
  • Parametre dotazu - mozu obsahovat ID pouzivatelov, mena alebo emaily
  • Tela poziadaviek a odpovedi - pritomne v nastaveniach na urovni ladenia

Auditove zaznamy databazy:

  • SQL dotazy s klauzulami WHERE ako email = 'pouzivatel@example.com'
  • Doslovna osobne hodnoty v parametroch dotazu

Toto sa nedeje umyselne. Je to vedlajsi efekt logovania vytvoreho pre ladenie, nie GDPR.

Usmernenie EDPB k IP adresam

Europska rada pre ochranu udajov uvadza, ze IP adresy su osobne udaje. Poskytovatelia internetovych sluzieb ich mozu priradit k odberatelom. V ramci organizacie mozu identifikovat konkretnych pouzivatelov.

Dopat je priamy. Zaznamy pristupov s IP adresami su osobne zaznamy. Uchovanie vystupu nginx 12 mesiacov znamena uchovanie osobnych udajov 12 mesiacov. To potrebuje pravny zaklad podla clanku 6. Potrebuje tiez, aby period uchovavania zodpovedal vasmu deklarovanemu ucelu.

Vacsina timov tento krok preskoci. "Uchovame zaznamy 90 dni, lebo to hovori bezpecnost" je palcova pravidlo. Nie je to prezkum GDPR clanku 5(1)(e). Pozrite si nasu prirucku k pravnemu sulaadu pre to, ako toto zapadda do srirsieho programu.

Ako dosiahnut sulaad

Prakticka cesta pre vacsinu timov nie je skratit okna uchovavania. Operacne a bezpecnostne dovody pre dlhsie okna su opodstatnene. Lepsia cesta je maskovat zaznamy pred dlhodobym ukladanim.

Dobre funguje vrstveny model.

0-7 dni: Plne surove zaznamy pre aktivne ladenie. Sedem dni je dostatocne kratke pre vacsinu timov.

7-90 dni: Maskovane zaznamy pre analyzu trendov a bezpecnostnu kontrolu. IP adresy su vymnenene. Uzivatelske emaily sa stanú stabilnymi tokenmi. Cisla uctov su maskovane. Klucove polia - casove razitka, chybove kody, latencia, endpointy - su zachovane.

90+ dni (ak je potrebne): Iba agregatny vystup. Pocty udalosti, miery chyb, rozsahy latencie. Nezostanu ziadne zaznamy na urovni pouzivatela.

Osobne udaje sa zastavia na siedmich dnoch. Agregatny vystup moze pokracovat bez ohrozenia kohokovek. Pozri Bezpecnost a suland pre viac detailov.

Zachovajte strukturu neporosenou pre monitoring

Dobre maskovanie zachovava strukturu JSON nerusene. Iba zameni obsah. To zachovava uzitocnost vystupu pre ladenie a upozornenia.

Ponechane nezmenene:

  • Kluce JSON a vnorenie
  • Casove razitka a casove poradie
  • Typy chyb a stavove kody HTTP
  • HTTP metody, cesty a hodnoty latencie
  • Typy obchodnych udalosti

Vymenenene:

  • Emailove adresy -> stabilny token pre povodny (napr. user1@example.com)
  • IP adresy -> rozsahy RFC 5737 (192.0.2.x)
  • Cisla uctov -> ACCT_XXXXX
  • Telefonne cisla -> +XX XXX XXX XXXX
  • Mena v chybovom texte -> [OSOBA]

Stabilne tokeny zachovavaju tracky uzitocnymi. Trace pre user1@example.com napriec 40 zaznammi funguje rovnako ako povodny. Agregatne metriky - miery chyb, latencia, priepustnost - nepotrebuju vobec osobne udaje. Pozri Glosár pre pojmy pseudonymizacia a anonymizacia.

Tri sposoby integracie

Tri vzory pokryvaju vacsinu inzinierskych timov.

Moznost 1 - Maskovanie v pipeline: Fluentd alebo Logstash zachyti kazdy riadok pred jeho odoslanim. Krok maskovania bezi inline. Elastic alebo Datadog dostanu iba ocistene zaznamy. Nie su potrebne zmeny kodu aplikacie.

Moznost 2 - Nocna davka: Surove zaznamy pristuju do lokalneho ukladania. Nocna uloha maskuje vystup z predchazdajuceho dna a vymaze surovu verziu. Maskovane zaznamy idu do dlhodobeho ukladania. Surovy vystup je uchovavany iba sedem dni.

Moznost 3 - Maskovanie pred zdielanim: Surove zaznamy zostanu interne s prisnymi kontrolami pristupu. Pred zdielanim s penetracnymi testermi alebo externymi dodavatelmi spustite maskovaci prechod. Externie strany vzdy dostanu ciste verzie.

Pre dokumentaciu GDPR je maskovanie "technickym opatrenim" podla clanku 32. Zaznamente nastroj, jeho nastavenie a vasu politiku uchovavania v zaznamoch o cinnostiach spracovania (RoPA) podla clanku 30. Pozri nase FAQ pre bezne otazky k RoPA.

Chcete realny priklad? Pozrite sa na pripadove studie pre konkretne detaily implementacie. Moze tiez prezriet nase cennik a zistit, ktory plan zahrnuje vstavane maskovacie pipeline.

Zdroje

Súvisiace články

Technické

Cross-Platform PII: Mac, Linux, and Windows

Privacy officers on Mac, legal on Windows, data engineers on Linux — all processing the same data with different tools. Here's why OS-agnostic detection.

Technické

Cross-Application PII: Word, Chrome, and AI

Customer data flows from browser research to Word drafts to Claude prompts. Each context switch is a potential leakage point.

Technické

GDPR Log Anonymization: Keep Debugging

Application logs silently accumulate user emails, IPs, and account numbers. Here's how to share logs with third parties, contractors, and observability.

Pripravení chrániť vaše údaje?

Začnite anonymizovať PII s 285+ typmi entít v 48 jazykoch.

Začať bezplatnú skúšobnú verziuZobraziť funkcie

About this page

We update this page when our platform or the law changes.

Read our founder note for how we work.

Each change shows up in the timestamp at the top.

Related reading

We follow these rules

  • GDPR (EU 2016/679).
  • ISO/IEC 27001:2022.
  • NIS2 (EU 2022/2555).
  • HIPAA safe harbor under 45 CFR § 164.514(b)(2).

Our promise

We do not sell your data.

We do not train models on your text.

We store your files in Germany.

You can delete your account at any time.

You own your work.

Where we run

Our servers live in Falkenstein, Germany.

We use Hetzner. They hold ISO 27001 certification.

All data stays in the EU.

Backups run every day.

Need help?

Email support@anonym.legal.

We reply within one business day.

How we test

We run a full check suite on every release.

Each surface gets its own sweep script and report.

Human reviewers spot-check the output each week.

We track recall and precision on a labelled set.

Bad runs block the deploy.

What we never do

  • We never sell your information to third parties.
  • We never train models on what you upload.
  • We never keep your work after you delete it.
  • We never share keys with any outside firm.
  • We never run ads inside the product.

Plans in plain words

We sell credits, not seats.

One credit covers one short job.

Long jobs use a few credits each.

You can top up at any time.

Unused credits roll over each month.

Read the plans page for current rates.

Who built this

A small team of engineers and lawyers built this.

We ship from Europe and work in the open.

Our founder note spells out why we started.

Where to start

How the parts fit

A browser add-on cleans text inside Chrome.

A Word plug-in handles drafts in Office.

A small desktop tool works on whole folders.

An agent protocol link feeds large models safely.

All four share one core engine and one rule set.

Words from our team

We started this work after a lunch about cookies.

One friend kept getting odd ads on her phone.

We asked why a court file leaked through a draft.

We sketched the first build on a napkin that week.

By month three we had a tiny demo for a friend.

She used it on her first case the next day.

Common questions we hear

Can the tool read scanned PDFs? Yes, with OCR.

Does it work on long files? Yes, in small chunks.

Can I roll my own rule set? Yes, save it as a preset.

Does it run offline? The desktop build runs offline.

Do you keep my files? No, the cloud build wipes after each run.

Will it learn from my work? No, we never train on inputs.

A short tour of the workflow

Upload a file or paste a snippet of prose.

Pick the entities you want gone from the draft.

Choose a method: replace, mask, hash, encrypt, or redact.

Press run and watch the side panel show each hit.

Skim the result and tweak any rule that misfired.

Save the cleaned file or send it to a teammate.