diff --git a/apps/web-next/src/__tests__/sentry-pii-scrubber.test.ts b/apps/web-next/src/__tests__/sentry-pii-scrubber.test.ts
deleted file mode 100644
index 40b562b..0000000
--- a/apps/web-next/src/__tests__/sentry-pii-scrubber.test.ts
+++ /dev/null
@@ -1,56 +0,0 @@
-import { describe, it, expect } from "vitest";
-import {
-  beforeSend,
-  beforeSendTransaction,
-} from "@repo/core-shared/instrumentation/sentry/scrub";
-
-describe("R38 — apps/web-next PII scrubber", () => {
-  it("strips email/password/cookie/auth/IP from event payload", () => {
-    const event = {
-      extra: {
-        userEmail: "alice@example.com",
-        password: "p4$$w0rd",
-        ipAddress: "192.168.1.10",
-        note: "request from 10.0.0.1",
-      },
-      request: {
-        headers: {
-          Authorization: "Bearer secret",
-          "Set-Cookie": "session=abc",
-          "User-Agent": "Mozilla",
-        },
-      },
-    } as Parameters<typeof beforeSend>[0];
-    const result = beforeSend(event, {}) as {
-      extra: Record<string, string>;
-      request: { headers: Record<string, string> };
-    };
-    expect(result.extra["userEmail"]).toBe("[redacted]");
-    expect(result.extra["password"]).toBe("[redacted]");
-    expect(result.extra["ipAddress"]).toBe("[redacted]");
-    expect(result.extra["note"]).toContain("[redacted-ip]");
-    expect(result.request.headers["Authorization"]).toBe("[redacted]");
-    expect(result.request.headers["Set-Cookie"]).toBe("[redacted]");
-    expect(result.request.headers["User-Agent"]).toBe("Mozilla");
-  });
-
-  it("strips ?token / ?email / ?password / ?secret / ?signature from URLs", () => {
-    const event = {
-      request: {
-        url: "https://app/api/x?token=abc&email=a@b.c&password=p&secret=z&signature=s&safe=1",
-      },
-      transaction: "/foo?accessToken=t",
-    } as Parameters<typeof beforeSendTransaction>[0];
-    const result = beforeSendTransaction(event, {}) as {
-      request: { url: string };
-      transaction: string;
-    };
-    const url = decodeURIComponent(result.request.url);
-    const txn = decodeURIComponent(result.transaction);
-    for (const key of ["token", "email", "password", "secret", "signature"]) {
-      expect(url).toContain(`${key}=[redacted]`);
-    }
-    expect(url).toContain("safe=1");
-    expect(txn).toContain("accessToken=[redacted]");
-  });
-});