We need to be able to answer the following questions so that we can accurately complete our Privacy Policy: What logs do we have? Where are we storing them? How long are we storing said logs (in days)?
Within this investigation we will:
- Document the current state of logging (answering the above questions)
- Re-evaluate the situation and decide if there are any logs which should be altered (data, duration) based on the purposes of keeping them
Expected outcome:
For the privacy policy, we need to give an explicit number of days we keep different logs before deleting them, and this number should be justifiable based on why we need them/what they are for. So, the number of days is added to the policy, but we should know why that number is the right one.
Note: look at logs both created and stored by the wbstack application and also those created by google cloud's infrastructure