This article is written in collaboration with a law agency. However, it is intended for general information purposes only. It does not constitute a client-attorney relationship or personalized legal advice.
Yes! But you don’t need to delete them if someone requests you to delete their data.
From a legal perspective, server logs fall under the category of “things we must be able to do so that we could actually provide our service for you.”
We use your personal data to:
- provide our service to you.
So this covers that.
However, GDPR still applies to logs. You are still responsible for any personal data in the logs and all the bad things that could happen to it. Store as little data as possible in the logs, make sure it is hidden from anyone who doesn’t need to see it and get rid of all sensitive data there.