Privacy Overview

Every aspect of Sprig’s application, including Replays, was designed and built with user privacy as a top priority.

By default, all form content including password fields, is neither recorded nor stored. Additionally, Sprig admins can further enhance user privacy by hiding specific CSS selectors or mobile classes.

To configure Replay privacy settings, go to Settings > Heatmap & Replays > Configure.

You can disable Replays for an entire Team workspace by turning off Replays or disable them based on Product by unchecking the corresponding products under the Replays section. Disabling will mark existing Replays as paused and prevent new Replays from being launched.

Mobile Replay Offerings by Platform

Mobile Replay functionality differs on iOS and Android due to platform-specific technical constraints. Because of these different implementations, you may notice variations in clip playback resolution and overall fidelity. Sprig Mobile Replay currently can not capture web views.

iOS: Wireframe Capture

• Periodically records the structure and positioning of UI elements (layout, hierarchy, images).
• Reconstructs these elements into a wireframe representation of the user experience.

⚠️

SwiftUI Limitations

Images and text cannot be rendered. As a result we will show a placeholder in the playback clip. UIKit elements are fully supported.

Android: Screenshot Capture

• Periodically takes full screenshots of the UI, including text and images.
• Masks or redacts sensitive information on the device, ensuring such data is never sent to or stored on Sprig’s servers.

React Native

• Follows the approach of the underlying platform (wireframe on iOS, screenshot on Android), as determined by the user’s device.

Mobile Replay Privacy

While a replay clip may look and feel like a screen recording, Sprig's Replay clips are not actual recordings but instead a visual presentation of the application UI as the user sees it.

For our Android implementation, the Sprig SDK takes snapshots of the device screen and then reconstructs those into a video clip that can be played back.

For the iOS implementation, the Sprig SDK reconstructs the UI by capturing properties of the individual web elements, redrawing them and constructing them into a video clip.

These approaches allow us to selectively capture data and UI elements, such as user interactions and form contents, while redacting other data, such as images and password fields. All masking or obfuscation happens on the device to ensure that no sensitive data is stored on Sprig Servers

By default, all secure form contents (including password fields) and on-screen keyboard interactions are not recorded or stored. Additionally, users can hide specific mobile classes as they wish.

Interactions

In addition to visual user behavior, Sprig Replays also captures user interactions, such as taps, swipes, and other gestures, providing a comprehensive view of the user experience. Interaction data, like touch coordinates and event timings, are recorded to understand user behavior.

Interactions are not captured for Android.

Compliance

In adherence to guidelines set by the California Consumer Privacy Act (CCPA), Replays does not capture nor require capturing permissions from end-users. The CCPA mandates that businesses must disclose their practices related to both the collection and sale of consumers' personal information in their privacy policies. While businesses are required to give consumers the option to opt-out of having their personal information sold to third parties, the law does not oblige them to provide a similar opt-out for just the collection of personal information.

View more information on Sprig's Privacy Policy.

We welcome feedback on our privacy practices. Please contact us at [email protected] if you have any questions or concerns.

Privacy Controls

Privacy settings can be configured at Settings > Replays > User privacy.

iOS

Latest

Requires iOS SDK v4.23.10 or later. All classes that conform to UITextInputTraits with the isSecureTextEntry property set to true will be masked. Any classes added under Advanced Privacy will be masked. Unmasking is not supported.

Basic

• No masking.
• All interactions are captured.

Moderate (Default)

• Masks UITextView, UIPickerView and UITextField and subclasses of these types are masked.
• All interactions are captured.

Strict

Same masking as in Moderate plus:

• Masks UILabel, UISegmentedControl and subclasses of theses classes.
• Masks UIImageView and subclasses of this type will be masked.
• For React Native: Masks RCTTextView.
• No interactions are captured.

Legacy

Requires iOS SDK v4.23.9 or earlier.

Legacy Basic (Default)

• Masks text in UITextView, UIPickerView and UITextField or subclasses of these classes.

Legacy Full

Same masking as in Legacy Basic plus:

• Masks UILabel and UISegmentedControl or subclasses of these classes.
• For React Native: Masks RCTTextView.

Android

By default, all secure form content on Android, including password fields, are not recorded or stored by default. Input fields configured with the TYPE_NUMBER_VARIATION_PASSWORD attribute are automatically masked, ensuring that sensitive numeric input is obscured to enhance privacy and security.

Performance Overview

Sprig Mobile Replays have been designed to use as few resources as possible. With that in mind, Mobile Replay clip recording only happens when matching targeting criteria are hit for an in-progress Mobile Replay study.

Both frame capture and clip upload happen on a background thread so there will be no discernible performance issues in your app’s UI. To further minimize any sort of impact on app performance, we only capture 1 frame per second.

CPU

We use a background thread job wherever possible to limit the CPU usage. The screen capturing mechanism should have very little impact on your app’s CPU consumption.

📝

Developer Note

Our iOS and Android Replay offerings measure their main thread usage, and we have a server-controllable threshold that, if exceeded, will automatically disable the Replay for that particular session.

Network

Sprig uploads Replay data in one request as opposed to other solutions that upload small pieces frequently. This approach improves compression efficiency, reduces network overhead, and decreases energy consumption for mobile devices. Sprig can upload Replay clips over Wi-Fi or Cellular networks.

Application Size

Sprig’s SDK adheres to rigorous standards and limits third-party dependencies, prioritizing the use of native framework code wherever possible. See the following SDK pages for more details:

• iOS SDK App Size Impact
• Android SDK App Size Impact

Crash Mitigation

We have conducted thorough testing to minimize the risk of crashes. If any issues arise, we can turn off all replays remotely from our backend, ensuring rapid response and minimal disruption to your users’ experience.