Session Replay Data Privacy - Heap Help Center

Session Replay Privacy and Security Settings

Overview Heap’s session replay privacy and security settings are highly customizable to make sure you don’t capture any sensitive information…

Session Replay InfoSec Checklist

After you’ve enabled session replay, go through the following list to make sure all your Heap settings are configured correctly.…

What privacy settings does Session replay inherit from Heap?

The general security settings you have chosen for Heap (found by going to Security Settings) will be the first settings…

How do I prevent session replay from capturing certain data, such as passwords and credit card numbers?

If you decide to capture text inputs, by default we provide additional safeguards against capturing PII. Passwords are not captured…

How do I block bot behavior from being captured in session replay?

Many of our customers run Heap on public-facing, content-rich sites, and robots can generate unwanted sessions. Heap blocks a list…

I accidentally captured PII in a session replay. What do I do?

The impacted sessions and associated PII can be manually purged by Heap. Visit our Get support page and contact us to resolve…

Why can’t I see what users are typing into forms?

This is a privacy setting that is enabled by default to prevent you from accidentally collecting PII (Personal Identifiable Information).…

Are you recording my user’s screens?

Do I need end user consent for session replay?

Your session replay tool is covered by your cookie disclosure and consent policy for analytics. If you have not done…

What does session replay capture?

What we capture Session replay captures a copy of your website, as well as the following user/behavioral events: Session replay…

How long are session replays stored?

Heap session replays are stored for a period of 90 days by default. To evaluate custom retention options, reach out…