Email error reports sent from Django (when DEBUG=False) include information about parent domain cookies, which may contain personal data. This may create issues related to the GDPR (the European General Data Protection Regulation), as one can't control the cookies from services hosted on parent domain(s), while it is necessary to provide full information about personal data handling to the user with the possibility to delete the data on request.
In short words, to be GDPR-compliant, we should be able to exclude potentially risky data from the error reports.
I created a
ticket in the Django bugtracker about introducing an option to hide cookies in error reports. It was pointed out to me, that it's possible to implement a custom "SafeExceptionReporterFilter", but i still think that the situation with the cookies should be clarified somehow explicitly in the "HowTo" section dedicated to error reporting.