> ## Documentation Index
> Fetch the complete documentation index at: https://docs.traversal.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Data privacy

> How Traversal handles your data — including isolation guarantees, read-only access, integration scopes, and compliance alignment.

Traversal is built on a foundation of strict data privacy. Your data is never shared with other customers, never used to train models, and never processed beyond the scope of your own investigations.

## Core privacy principles

<CardGroup cols={2}>
  <Card title="No cross-customer data use" icon="users-slash">
    Your data is never used for cross-customer training, model improvement, or service optimization.
  </Card>

  <Card title="In-context processing only" icon="circle-dot">
    Any data processing is limited to in-context use for your organization only. Data from your investigations does not leave your context.
  </Card>

  <Card title="Strict isolation" icon="lock">
    All customer data is protected through strict tenant isolation, access controls, and privacy safeguards.
  </Card>

  <Card title="Read-only by design" icon="eye">
    Traversal cannot modify your systems or data. All integrations use read-only access only.
  </Card>
</CardGroup>

## What data Traversal accesses

Traversal only accesses what is necessary to perform investigations. All access is read-only.

<AccordionGroup>
  <Accordion title="Observability data">
    Traversal reads metrics, logs, traces, and alerts from your connected observability tools. This data is used in-context to perform root cause analysis and is not retained beyond the investigation.
  </Accordion>

  <Accordion title="Code repositories">
    Traversal requests read-only API access to your repositories to correlate deployment events and code diffs with incidents. Traversal has no write privileges to your codebase.
  </Accordion>

  <Accordion title="Slack">
    Traversal requests the minimal messaging scope required to post investigation results back into your channels. This scope is limited to messages from the Traversal app and does not grant data-plane write access to your systems.
  </Accordion>
</AccordionGroup>

<Note>
  No agents are deployed in your environment. Traversal operates without sidecars or background processes running in your infrastructure.
</Note>

## Compliance alignment

Traversal aligns with the following compliance frameworks:

| Framework     | Status   |
| ------------- | -------- |
| SOC 2 Type II | Attested |
| GDPR          | Aligned  |
| HIPAA         | Aligned  |

Traversal also undergoes regular third-party penetration testing.

<Tip>
  Visit the [Traversal Trust Center](https://trust.traversal.com/) to request compliance reports or review security documentation.
</Tip>

## Contact

For questions about data privacy, compliance requirements, or to request detailed documentation, contact [security@traversal.com](mailto:security@traversal.com).