Core privacy principles
No cross-customer data use
Your data is never used for cross-customer training, model improvement, or service optimization.
In-context processing only
Any data processing is limited to in-context use for your organization only. Data from your investigations does not leave your context.
Strict isolation
All customer data is protected through strict tenant isolation, access controls, and privacy safeguards.
Read-only by design
Traversal cannot modify your systems or data. All integrations use read-only access only.
What data Traversal accesses
Traversal only accesses what is necessary to perform investigations. All access is read-only.Observability data
Observability data
Traversal reads metrics, logs, traces, and alerts from your connected observability tools. This data is used in-context to perform root cause analysis and is not retained beyond the investigation.
Code repositories
Code repositories
Traversal requests read-only API access to your repositories to correlate deployment events and code diffs with incidents. Traversal has no write privileges to your codebase.
Slack
Slack
Traversal requests the minimal messaging scope required to post investigation results back into your channels. This scope is limited to messages from the Traversal app and does not grant data-plane write access to your systems.
No agents are deployed in your environment. Traversal operates without sidecars or background processes running in your infrastructure.
Compliance alignment
Traversal aligns with the following compliance frameworks:| Framework | Status |
|---|---|
| SOC 2 Type II | Attested |
| GDPR | Aligned |
| HIPAA | Aligned |