Library / Vendor directory

PostHog

posthog.com · facts updated 1 day ago

Privacy facts at a glance
Jurisdictions
US · EU · EEA · UK · CH
Retention
PostHog keeps your info as long as your account is active, and you can delete it anytime.
Breach notification
The DPA references notifying the customer in the event of a data breach, but no specific hour SLA is stated in the excerpts provided.
Transfer mechanism
EU-US Data Privacy Framework
DPA available
Yes
Certifications
SOC 2 Type II
GDPR addressed
Yes
CCPA addressed
Yes

Tracked documents

Privacy policy
https://posthog.com/privacy checked 3 hours ago
Terms of service
https://posthog.com/terms checked 1 day ago
Data processing agreement
https://posthog.com/dpa checked 3 hours ago
Subprocessor list
https://posthog.com/dpa checked 2 hours ago
Security / trust page
https://posthog.com/handbook/company/security checked 23 hours ago

Recent changes

moderate Subprocessor list 1 day ago

PostHog replaced the DPA generator form (which collected company details and sent documents via PandaDoc for countersignature) with a self-service flow directing users to generate and countersign DPAs inside the PostHog app at app.posthog.com/legal.

moderate Data processing agreement 1 day ago

PostHog replaced the DPA generator form (which collected company details and sent documents via PandaDoc for countersignature) with a self-service flow directing users to generate and countersign DPAs inside the PostHog app at app.posthog.com/legal.

Public summary; per-account review history visible to subscribers tracking this vendor.

Track PostHog in your workspace.

Get notified when PostHog adds a subprocessor, changes retention, updates their DPA, or quietly amends their privacy posture.

Start tracking — 14-day trial
No card required.