Thanks   David Kimura , you are awesome! I have a question: If we just keep our logs in our vm where the app itself is. And we use log rotation to keep the log file small. So my question is, how can we comply with GDPR and also set a time limit? I read somewhere this: Docker's JSON file log rotation is currenly only volume-based (via the max-size and max-file options for --log-opt). However, for GDPR compliance we need time-based rotation, so that container logs are guaranteed to be deleted after e.g. 30 days.