diff --git a/docker-compose.yml b/docker-compose.yml
index 271bc94bed..c6211f2d40 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -468,7 +468,7 @@ services:
       - FLAGD_PORT
       - OTEL_EXPORTER_OTLP_ENDPOINT
       - OTEL_EXPORTER_OTLP_METRICS_TEMPORALITY_PREFERENCE
-      - OTEL_RESOURCE_ATTRIBUTES
+      - OTEL_RESOURCE_ATTRIBUTES=${OTEL_RESOURCE_ATTRIBUTES},data_sensitivity=high
       - OTEL_SERVICE_NAME=payment
     depends_on:
       otel-collector:
diff --git a/src/otel-collector/otelcol-config.yml b/src/otel-collector/otelcol-config.yml
index 1ba85564aa..2d2f17d60f 100644
--- a/src/otel-collector/otelcol-config.yml
+++ b/src/otel-collector/otelcol-config.yml
@@ -206,6 +206,20 @@ processors:
           # SANITIZE ALL SPAN NAMES TO PREVENT CARDINALITY EXPLOSION
           - set_semconv_span_name("1.37.0", "original_span_name")
 
+  transform/redact_sensitive:
+    error_mode: ignore
+    trace_statements:
+      - context: span
+        statements:
+          - set(attributes["redacted"], true) where resource.attributes["data_sensitivity"] == "high"
+          - keep_keys(attributes, ["redacted"]) where resource.attributes["data_sensitivity"] == "high"
+    log_statements:
+      - context: log
+        statements:
+          - set(body, "REDACTED") where resource.attributes["data_sensitivity"] == "high"
+          - set(attributes["redacted"], true) where resource.attributes["data_sensitivity"] == "high"
+          - keep_keys(attributes, ["redacted"]) where resource.attributes["data_sensitivity"] == "high"
+
 connectors:
   spanmetrics:
 
@@ -213,7 +227,7 @@ service:
   pipelines:
     traces:
       receivers: [otlp]
-      processors: [resourcedetection, memory_limiter, transform/sanitize_spans]
+      processors: [resourcedetection, memory_limiter, transform/sanitize_spans, transform/redact_sensitive]
       exporters: [otlp_grpc/jaeger, debug, spanmetrics]
     metrics:
       receivers: [docker_stats, httpcheck/frontend-proxy, hostmetrics, nginx, otlp, postgresql, redis, spanmetrics, kafkametrics]
@@ -221,7 +235,7 @@ service:
       exporters: [otlp_http/prometheus, debug]
     logs:
       receivers: [otlp]
-      processors: [resourcedetection, memory_limiter]
+      processors: [resourcedetection, memory_limiter, transform/redact_sensitive]
       exporters: [opensearch, debug]
   telemetry:
     metrics: