Data Privacy & Compliance

Sensitive Information Handling

1. Data Collection Phase

• Automated Data Masking
  Predefined protection for common sensitive fields (passwords, phone numbers). Customize masking rules using CSS selectors to ensure privacy data is neither stored nor replayed.
• Dynamic Content Exclusion
  Mark sensitive elements with HTML attributes (e.g., data-sp-ignore) to exclude specific content from being recorded. See integration docs for implementation details.

2. Data Transmission & Storage

• End-to-End Encryption
  • Transport Layer: AES-256 encrypted logging during transmission.
  • Storage Layer: Dual-layer encryption with TLS 1.3 protocol compliance.
• Regulatory Alignment
  Fully compliant with GDPR, CCPA, PIPL, and other global privacy regulations.

3. Granular Access Control

Role-based permissions for replay session access, with audit logging for all data retrieval operations.