1. What data is Fullview collecting about my customers?
When installing Fullview, you will have to send an identification object via Fullview's API. In order to correctly identify a customer you will send a minimum of ID and Name (see below screenshot). Optionally, any other custom data can be sent to Fullview, at your discretion (eg: user country, pricing plan, user role, etc). These are not mandatory but useful for your team when it comes to customer segmentation and filtering.
2. Redacting sensitive data when capturing session replays
Capturing DOM events can contain sensitive information, therefore Fullview's agent supports agent-side redaction of specific sensitive data. Data marked as sensitive can't reach Fullview's servers and thus is not available for analysis.
In terms of the actual session replays, Fullview captures:
the DOM of your webapp (HTML without assets) in text
all the mutation events, such as clicks, mouse movements, scrolls, keystrokes
device and browser metadata: browser, resolution, tab ID, OS
Even though when watching a replay it looks like a video, Fullview only captures a stream of events representing DOM mutations, in text, and then recreates them in a visual session replay.
This allows you to mark what elements of your product you want to redact agent-side (data does not leave your customer's machine).
There are 3 ways of redacting sensitive data:
by adding Fullview's universal masking class
by adding specific HTML selectors (i.e.
#id) to your Fullview settings
by setting general rules that prevent capturing data from all: input fields, images, selectors,…
If there are any DOM elements containing any of the 3 rules above, Fullview's agent simply skips to the next HTML element without reading the content of it, hence the data is not sent to Fullview's backend.