|
| 1 | +--- |
| 2 | +title: Data Collected |
| 3 | +description: "See what data is collected by the Sentry SDK." |
| 4 | +sidebar_order: 1 |
| 5 | +--- |
| 6 | + |
| 7 | +Sentry takes data privacy very seriously and has default settings in place that prioritize data safety, especially when it comes to personally identifiable information (PII) data. When you add the Sentry SDK to your application, you allow it to collect data and send it to Sentry during the runtime of your application. |
| 8 | + |
| 9 | +The category types and amount of data collected vary, depending on the integrations you've enabled in the Sentry SDK. This page lists data categories that the Apple SDK collects. |
| 10 | + |
| 11 | +## HTTP Headers |
| 12 | + |
| 13 | +The <PlatformLink to="/configuration/http-client-errors">HTTP Client Errors</PlatformLink>, which are enabled by default, send the HTTP headers of the failed request and response to Sentry. The SDK uses a [denylist](https://github.com/getsentry/sentry-cocoa/blob/main/Sources/Swift/Tools/HTTPHeaderSanitizer.swift) to filter out any headers that contain sensitive data. |
| 14 | + |
| 15 | + |
| 16 | +## Request URL |
| 17 | + |
| 18 | +When the Apple SDK sends URLs to Sentry it always sends a sanitized URL which means it removes the query string and the fragment of the URL. Although the Apple SDK sanitizes the URL by removing the query string and the fragment of the URL, depending on your application, this could contain PII data. |
| 19 | + |
| 20 | +Network breadcrumbs and HTTP Client Errors, both enabled by default, send a sanitized URL for outgoing HTTP requests. You can disable network breadcrumbs by setting the option `enableNetworkBreadcrumbs` to `false` and you can disable HTTP Client Errors by setting the option `enableCaptureFailedRequests` to `false`. |
| 21 | + |
| 22 | +When you enable <PlatformLink to="/tracing">tracing</PlatformLink>, which is disabled per default, <PlatformLink to="/tracing/instrumentation/automatic-instrumentation/#network-tracking"> network tracing</PlatformLink> sends a sanitized URL for outgoing HTTP requests. |
| 23 | + |
| 24 | +## Source Context |
| 25 | + |
| 26 | +You can upload your source code to Sentry, which can then used to show the lines of code where an error happened in the Issue Details page, via the <PlatformLink to="/sourcecontext/#1-manually-upload-with-the-sentry-cli">sentry-cli</PlatformLink> or the <PlatformLink to="/sourcecontext/#2-fastlane-plugin">Sentry Fastlane plugin</PlatformLink>. |
| 27 | + |
| 28 | +To opt into sending this source context to Sentry, you have to enable the feature as described in <PlatformLink to="/sourcecontext/">the Source Context documentation</PlatformLink>. |
| 29 | + |
| 30 | +## File I/O |
| 31 | + |
| 32 | +When you enable tracing, which is disabled per default, the Apple SDK <PlatformLink to="/tracing/instrumentation/automatic-instrumentation/#file-io-tracing">instruments file I/O operations</PlatformLink> and sends the file names and paths to Sentry. |
| 33 | + |
| 34 | +## Core Data Queries |
| 35 | + |
| 36 | +When you enable <PlatformLink to="/tracing">tracing</PlatformLink>, which is disabled per default, the Apple SDK <PlatformLink to="/tracing/instrumentation/automatic-instrumentation/#core-data-tracing">instruments Core Data queries</PlatformLink> and sends the Core Data queries to Sentry. Neither the full SQL query (`SELECT 'User' WHERE name == 'username'`), nor the values of its parameters will ever be sent. A parameterized version of the query (`SELECT 'User' WHERE name == %@`) is sent instead. |
| 37 | + |
| 38 | +<PlatformSection supported={["apple.ios", "apple.visionos"]}> |
| 39 | + |
| 40 | +## Screenshots |
| 41 | + |
| 42 | +The <PlatformLink to="/enriching-events/screenshots">screenshot feature</PlatformLink> is disabled per default, but when enabled the screenshots may contain PII data. |
| 43 | + |
| 44 | +## View Hierarchy |
| 45 | + |
| 46 | +The <PlatformLink to="/enriching-events/viewhierarchy">view hierarchy feature</PlatformLink> is disabled per default, but when enabled the view hierarchy may contain PII data when using the `accessibilityIdentifier` property with personal information. |
| 47 | + |
| 48 | +</PlatformSection> |
| 49 | + |
| 50 | +<PlatformSection supported={["apple.ios"]}> |
| 51 | + |
| 52 | +## Session Replay |
| 53 | + |
| 54 | +By default, our Session Replay SDK masks all text content, images, webviews, and user input. This helps ensure that no sensitive data is exposed. You can find <PlatformLink to="/session-replay/#privacy">more details in the Session Replay documentation</PlatformLink>. |
| 55 | + |
| 56 | +</PlatformSection> |
0 commit comments