Pavior is committed to the maintaining the privacy of your users. The goal of our time travel feature is to enable visibility into problems on your website, not to spy on users. To that end, we have a cohesive set of privacy controls to minimize the privacy impact on users.

• Time travel is disabled by default. To enable it for a specific user or session, you must initialize our client API with doTimeTravel: true. This gives you fine-grained control over when to enable session recording.
• Passwords and credit card fields are never captured and it is not possible to configure Pavior to capture them.
• You can manually censor sensitive data on your site by setting class="do-not-track" on any HTML element. If you do, only the size and position of the element will be captured. Its contents (including all of its children recursively) will not be captured.
• Session retention is limited up to at most 30 days, depending on your plan. [Saved moments] and [feedback] may be retained forever, but they require an explicit action by either your user or one of your team members.
• Session data is not shared with anybody except OVH, our cloud provider.
• You can contact our team to delete any session or all of a specific user's sessions.

GDPR

We are committed to supporting your GDPR compliance. While we do not guarantee compliance on your behalf, we offer the privacy controls above to support it. To fully comply with GDPR, you may need to:

• Update your privacy policy to disclose session replay use
• Obtain user consent where required
• Sign our data processing agreement