---
title: "Data Collected"
description: "See what data is collected by the Sentry SDK."
url: https://docs.sentry.io/platforms/rust/guides/tracing/data-management/data-collected/
---

# Data Collected | Sentry for tokio-rs/tracing

Sentry takes data privacy very seriously and has default settings in place that prioritize data safety, especially when it comes to personally identifiable information (PII) data. When you add the Sentry SDK to your application, you allow it to collect data and send it to Sentry during the runtime of your application.

The category types and amount of data collected vary, depending on the integrations you've enabled in the Sentry SDK. Here's a list of data categories the Sentry Rust SDK collects. PII data collection is generally enabled by the `send_default_pii` option, which is disabled by default.

## [HTTP Headers](https://docs.sentry.io/platforms/rust/guides/tracing/data-management/data-collected.md#http-headers)

The `sentry-actix` and `sentry-tower` (with `http` feature enabled) can capture headers from incoming HTTP requests and send them to Sentry. By default, the SDK filters potentially sensitive headers, such as those carrying authorization data, cookies or the user's IP address. To capture all headers, set `send_default_pii` to `true` in your `sentry::init` options.

## [Cookies](https://docs.sentry.io/platforms/rust/guides/tracing/data-management/data-collected.md#cookies)

The `sentry-actix` and `sentry-tower` (with `http` feature enabled) can capture cookies from incoming HTTP requests and send them to Sentry. By default, the SDK does not capture any cookie. To capture request cookies, set `send_default_pii` to `true` in your `sentry::init` options. Server-side scrubbing rules are in place that will filter out certain cookies that are known to contain sensitive data.

## [Information About Logged-in User](https://docs.sentry.io/platforms/rust/guides/tracing/data-management/data-collected.md#information-about-logged-in-user)

By default, the Sentry SDK doesn't send any information about the logged-in user, such as email address, user ID, or username. User information can be manually captured by calling `scope.set_user` and providing the appropriate user information.

## [Users' IP Address](https://docs.sentry.io/platforms/rust/guides/tracing/data-management/data-collected.md#users-ip-address)

By default, the Sentry SDK doesn't send the user's IP address. To enable automatic IP address collection for `sentry-actix`, set `send_default_pii` to `true` in your `sentry::init` options. User IP information can be manually captured by calling `scope.set_user` and providing the user's IP address.

## [Request URL](https://docs.sentry.io/platforms/rust/guides/tracing/data-management/data-collected.md#request-url)

The full request URL of incoming HTTP requests captured by `sentry-actix` and `sentry-tower` (with `http` feature enabled) is **always sent to Sentry**. Depending on your application, this could contain PII data.

## [Request Query String](https://docs.sentry.io/platforms/rust/guides/tracing/data-management/data-collected.md#request-query-string)

The request query string captured by `sentry-actix` and `sentry-tower` (with `http` feature enabled) is **always sent to Sentry**. Depending on your application, this could contain PII data.

## [Request Body](https://docs.sentry.io/platforms/rust/guides/tracing/data-management/data-collected.md#request-body)

Whether the Rust SDK automatically captures request bodies depends on the HTTP integration and configuration.

When using `sentry-actix`, a request body is attached to events only if **all** of the following are true:

* The request is **not** chunked (`Transfer-Encoding: chunked` bodies are not captured).
* The request has a valid `Content-Length` header.
* `Content-Length` is within the configured [`max_request_body_size`](https://docs.sentry.io/platforms/rust/configuration/options.md#max_request_body_size) limit (default: `MaxRequestBodySize::Medium`, 10kB).
* `send_default_pii` is `true`, **or** `Content-Type` is one of `application/json` and `application/x-www-form-urlencoded`.

When using `sentry-tower` (with `http` feature enabled), request bodies are currently not captured automatically.

To prevent request bodies from being captured automatically, set `max_request_body_size` to `MaxRequestBodySize::None`.

## [Debug Images](https://docs.sentry.io/platforms/rust/guides/tracing/data-management/data-collected.md#debug-images)

When using the [Sentry Debug Images](https://crates.io/crates/sentry-debug-images) integration, some metadata about the shared libraries and executables currently loaded in memory by the running process is sent to Sentry. This integration is enabled by default when using the `sentry` crate via the `debug-images` feature flag. You can opt out of this feature by excluding the `debug-images` feature from your feature flags for `sentry` in your `Cargo.toml`.

## [Source Code](https://docs.sentry.io/platforms/rust/guides/tracing/data-management/data-collected.md#source-code)

When you use [Source Context](https://docs.sentry.io/platforms/rust/source-context.md), you explicitly upload your source code to Sentry. This is fully opt-in and not controlled by the Sentry SDK.