Sessions privacy controls
Privacy controls should be configured before broad production rollout.
Core Controls
- Masking: Hide sensitive UI fields and text regions.
- Sampling: Limit capture volume where full capture is unnecessary.
- Metadata controls: Keep only fields needed for troubleshooting and analytics.
- Retention policy: Define how long replay data stays accessible.
Recommended Rollout
- Start with strict masking defaults.
- Validate replay usefulness with support leads.
- Relax only where necessary for debugging quality.
- Re-test after major frontend changes.
Identity And Trust
For web widget authenticated users, use server-generated identifier_hash where available to reduce impersonation risk in user identification workflows.
Security Review Checklist
- Sensitive fields are masked in replay.
- Session access is role-scoped.
- Live assist usage is policy-governed.
- Retention aligns with organizational policy.
Warning: Avoid storing direct secrets, payment data, or regulated identifiers in replay metadata or event payloads.
