Skip to main content

Security and Privacy Design

tip

Executive Summary

  • Netdata is built with security-first principles to protect user data across all systems.
  • Observability data remains local, while minimal metadata travels securely to Netdata Cloud.
  • We follow best practices to support GDPR, CCPA, PCI DSS, SOC 2, and HIPAA compliance.

Introduction

This page explains how Netdata designs and operates secure, privacy-respecting services across the Netdata Agent and Netdata Cloud.

Netdata builds security into every layer. You retain control over your observability data while benefiting from powerful real-time monitoring and insights.


Netdata's Security Principles

Security by Design

Netdata separates your system information into two categories:

TypeDescriptionWhere It Lives
Observability DataMetrics and logsStored locally, fully under your control
Observability MetadataHostnames, metric names, alertsRouted securely to Netdata Cloud for dashboards and notifications

This ensures that your critical system insights remain private, and only minimal metadata flows to the cloud.

Observability Data and Metadata Flow

Here is how your data flows through Netdata:

tip

Observability data (metrics and logs) never leaves your system. Only essential metadata flows securely to Netdata Cloud.

Compliance with Open Source Security Foundation (OSSF) Best Practices

Netdata follows OSSF best practices, including:

  • Automated testing across the UI, backend, and Agent
  • Static and security code analysis with GitHub CodeQL, Dependabot, linters, and Coverity
  • Two senior engineer reviews per pull request
  • Continuous stress testing in production-like environments

Third-Party Testing and Isolation

Netdata Agents undergo regular external security audits.
All reports are prioritized for quick investigation and resolution.

Netdata Cloud operates in isolated environments with Infrastructure as Code (IaC). No manual production access exists, and monitoring is fully automated.

Security Vulnerability Response

Netdata handles vulnerabilities with a clear process:

  • Full investigation of reported issues
  • Mitigation typically within one week
  • Immediate patch releases when necessary
tip

Stay updated by subscribing to Netdata’s GitHub releases.


Compliance with Regulations

Netdata complies with major data privacy laws, including GDPR and CCPA.

GDPR and CCPA Compliance

Netdata conducts internal audits to ensure compliance and offers Data Processing Agreements (DPAs) upon request.

tip

Contact Netdata Support to request a DPA.

Data Transfers

TypeHandling
Observability DataRemains on your infrastructure
Observability MetadataSecurely transferred and stored in US-based data centers (Google Cloud, AWS)

Data is tunneled securely in real-time without being stored on Netdata Cloud servers.

Data processing complies with GDPR and CCPA requirements.

Privacy Rights

You can manage your privacy rights easily:

RightHow to Access
Access, correct, or delete your dataUse the Netdata Cloud UI
Fully delete your account and all dataLog in to app.netdata.cloud, go to Profile, and delete your account
tip

Deleting your account removes all associated personal data, including email and activity records.

Regular Reviews and Updates

Netdata continuously updates its policies and technical controls to stay aligned with evolving regulations.


Anonymous Statistics

Netdata collects anonymous installation and telemetry statistics to improve its services.

CollectedUsed For
Installation info (plugins, operating systems, feature usage)Guide product development and prioritize improvements
Telemetry events (errors, performance metrics)Identify issues and enhance stability
  • Observability data (metrics and logs) is never collected.
  • Metadata is anonymized before storage.

Opting Out

You can disable anonymous telemetry:

  • During installation
  • Anytime after, by removing the telemetry opt-in file
tip

See installation documentation for detailed opt-out steps.

Netdata does not sell or share anonymous statistics with any third parties.


Internal Security Measures

Netdata enforces layered security controls:

AreaControl
Infrastructure ManagementInfrastructure as Code (Terraform)
AuthenticationGitHub SSO, Google SSO, email validation
Data HandlingTLS encryption, session tracking
Access ControlRole-based access, multi-factor authentication
Threat DefenseDDoS protection, vulnerability scanning
Developer ProcessStatic analyzers, mandatory senior code reviews
Production IsolationNo direct access to production environments
tip

Need additional security configurations? Contact Netdata Support.


Standards Alignment

PCI DSS Alignment

Netdata applies practices that align with PCI DSS security principles:

  • Secure infrastructure
  • Access control
  • Encryption practices

However, Netdata is not officially PCI DSS certified.
Entities needing full PCI DSS compliance must perform additional assessments.

tip

Consult a PCI DSS compliance expert if you use Netdata as part of your PCI environment.


HIPAA Alignment

Netdata aligns with HIPAA security practices:

  • Minimized data handling
  • Secure authentication and encryption

Netdata provides Business Associate Agreements (BAAs) for healthcare organizations but is not HIPAA-certified.

tip

Request a BAA through Netdata Support if required.


SOC 2 Alignment

Netdata’s operations align with SOC 2 Trust Service Criteria:

PrinciplePractices
SecurityTLS encryption, strict access controls
AvailabilityResilient systems, continuous monitoring
Processing IntegrityReliable metric collection
ConfidentialityMetadata isolation, role-based access
PrivacyGDPR and CCPA-compliant data handling

Netdata is not currently SOC 2 certified but applies equivalent controls.


Conclusion

Netdata gives you a secure and transparent way to monitor your systems.

With clear separation of observability data and metadata, strong encryption, secure authentication, and compliance with international standards, you retain full ownership and control of your system insights.

tip

You are always in control of your data with Netdata.

Netdata’s commitment to security, privacy, and transparency ensures that your monitoring environment stays protected and trusted at every step.


Do you have any feedback for this page? If so, you can open a new issue on our netdata/learn repository.