diff --git a/apps/app/sentry.edge.config.ts b/apps/app/sentry.edge.config.ts
index ef68b306dd..e996f794ca 100644
--- a/apps/app/sentry.edge.config.ts
+++ b/apps/app/sentry.edge.config.ts
@@ -13,6 +13,4 @@ Sentry.init({
   tracesSampleRate: process.env.NODE_ENV === 'development' ? 1.0 : 0.1,
 
   enableLogs: true,
-
-  sendDefaultPii: true,
 });
diff --git a/apps/app/sentry.server.config.ts b/apps/app/sentry.server.config.ts
index 092295b30a..6d9894dbca 100644
--- a/apps/app/sentry.server.config.ts
+++ b/apps/app/sentry.server.config.ts
@@ -11,9 +11,9 @@ Sentry.init({
 
   tracesSampleRate: process.env.NODE_ENV === 'development' ? 1.0 : 0.1,
 
-  includeLocalVariables: true,
+  // Off in production: local variables in stack frames can expose request-scoped
+  // data (DB rows, auth tokens, request bodies) to Sentry payloads.
+  includeLocalVariables: process.env.NODE_ENV !== 'production',
 
   enableLogs: true,
-
-  sendDefaultPii: true,
 });
diff --git a/apps/app/src/instrumentation-client.ts b/apps/app/src/instrumentation-client.ts
index 87ebf6c2e1..49774232c3 100644
--- a/apps/app/src/instrumentation-client.ts
+++ b/apps/app/src/instrumentation-client.ts
@@ -42,8 +42,6 @@ Sentry.init({
   // 10% of all sessions; 100% of sessions where an error occurs.
   replaysSessionSampleRate: 0.1,
   replaysOnErrorSampleRate: 1.0,
-
-  sendDefaultPii: true,
 });
 
 export const onRouterTransitionStart = Sentry.captureRouterTransitionStart;
diff --git a/apps/portal/sentry.edge.config.ts b/apps/portal/sentry.edge.config.ts
index ef68b306dd..e996f794ca 100644
--- a/apps/portal/sentry.edge.config.ts
+++ b/apps/portal/sentry.edge.config.ts
@@ -13,6 +13,4 @@ Sentry.init({
   tracesSampleRate: process.env.NODE_ENV === 'development' ? 1.0 : 0.1,
 
   enableLogs: true,
-
-  sendDefaultPii: true,
 });
diff --git a/apps/portal/sentry.server.config.ts b/apps/portal/sentry.server.config.ts
index 092295b30a..6d9894dbca 100644
--- a/apps/portal/sentry.server.config.ts
+++ b/apps/portal/sentry.server.config.ts
@@ -11,9 +11,9 @@ Sentry.init({
 
   tracesSampleRate: process.env.NODE_ENV === 'development' ? 1.0 : 0.1,
 
-  includeLocalVariables: true,
+  // Off in production: local variables in stack frames can expose request-scoped
+  // data (DB rows, auth tokens, request bodies) to Sentry payloads.
+  includeLocalVariables: process.env.NODE_ENV !== 'production',
 
   enableLogs: true,
-
-  sendDefaultPii: true,
 });
diff --git a/apps/portal/src/instrumentation-client.ts b/apps/portal/src/instrumentation-client.ts
index 7ec9adbca8..c265121a9b 100644
--- a/apps/portal/src/instrumentation-client.ts
+++ b/apps/portal/src/instrumentation-client.ts
@@ -27,8 +27,6 @@ Sentry.init({
   // 10% of all sessions; 100% of sessions where an error occurs.
   replaysSessionSampleRate: 0.1,
   replaysOnErrorSampleRate: 1.0,
-
-  sendDefaultPii: true,
 });
 
 export const onRouterTransitionStart = Sentry.captureRouterTransitionStart;