Privacy Overview

Sprig's entire application was built with Privacy as a top priority - including Replays.

By default, all secure form contents (including password fields) are not recorded or stored.

Additionally, users are able to hide specific mobile classes as they wish. Configure privacy settings at Settings > Replays > User privacy. Additionally, an Admin can turn off replays for the whole workspace, or by Product at Settings > Replay > Configure.

Mobile Replay Offerings by Platform

Mobile Replay functionality differs on iOS and Android due to platform-specific technical constraints. Because of these different implementations, you may notice variations in clip playback resolution and overall fidelity.

iOS: Wireframe Capture
- Periodically records the structure and positioning of UI elements (layout, hierarchy, images).
- Reconstructs these elements into a wireframe representation of the user experience.
  - Note: SwiftUI images and text may be unable to be rendered (will show placeholder in playback clip). UIKit elements are fully supported
Android: Screenshot Capture
- Periodically takes full screenshots of the UI, including text and images.
- Masks or redacts sensitive information on the device, ensuring such data is never sent to or stored on Sprig’s servers.
React Native
- Follows the approach of the underlying platform (wireframe on iOS, screenshot on Android), as determined by the user’s device.

Mobile Replay Privacy

While a replay clip may look and feel like a screen recording, Sprig's Replay clips are not actual recordings but instead a visual presentation of the application UI as the user sees it.

For our Android implementation, the Sprig SDK takes snapshots of the device screen and then reconstructs those into a video clip that can be played back.

For the iOS implementation, the Sprig SDK reconstructs the UI by capturing properties of the individual web elements, redrawing them and constructing them into a video clip.

These approaches allow us to selectively capture data and UI elements, such as user interactions and form contents, while redacting other data, such as images and password fields. All masking or obfuscation happens on the device to ensure that no sensitive data is stored on Sprig Servers

By default, all secure form contents (including password fields) and on-screen keyboard interactions are not recorded or stored. Additionally, users can hide specific mobile classes as they wish. Configure privacy settings at Settings > Replays > User privacy. Additionally, an Admin can turn off replays for the whole workspace, or by Product at Settings > Replay > Configure.

Interactions

In addition to visual user behavior, Sprig Replays also captures user interactions, such as taps, swipes, and other gestures, providing a comprehensive view of the user experience. Interaction data, like touch coordinates and event timings, are recorded to understand user behavior.

Compliance

In adherence to guidelines set by the California Consumer Privacy Act (CCPA), Replays does not capture nor require capturing permissions from end-users. The CCPA mandates that businesses must disclose their practices related to both the collection and sale of consumers' personal information in their privacy policies. While businesses are required to give consumers the option to opt-out of having their personal information sold to third parties, the law does not oblige them to provide a similar opt-out for just the collection of personal information.

View more information on Sprig's Privacy Policy: here

We welcome feedback on our privacy practices. Please contact us at [email protected] if you have any questions or concerns.

iOS Replay Privacy Controls

Privacy settings can be configured at Settings > Replays > User privacy.

By default, all secure form content on iOS, including password fields, is neither recorded nor stored. Input fields with isSecureTextEntry enabled are automatically masked, ensuring that sensitive numeric input is obscured to enhance privacy and security.

Android Replay Privacy Controls

Privacy settings can be configured at Settings > Replays > User privacy.

All secure form contents, including password fields, are not recorded or stored by default. Specifically, input fields configured with the TYPE_NUMBER_VARIATION_PASSWORD attribute are always masked, ensuring that numeric input is obscured for enhanced privacy and security.

Performance Overview

Sprig Mobile Replays have been designed to use as few resources as possible. With that in mind, Mobile Replay clip recording only happens when matching targeting criteria are hit for an in-progress Mobile Replay study.

Both frame capture and clip upload happen on a background thread so there will be no discernible performance issues in your app’s UI. To further minimize any sort of impact on app performance, we only capture 1 frame per second.

CPU

We use a background thread job wherever possible to limit the CPU usage. The screen capturing mechanism should have very little impact on your app’s CPU consumption.

Developer Note:
Our iOS and Android Session Replay offerings measure their main thread usage, and we have a server-controllable threshold that, if exceeded, will automatically disable the Session Replay for that particular session.

Network

Sprig uploads Replay data in one request as opposed to other solutions that upload small pieces frequently. This approach improves compression efficiency, reduces network overhead, and decreases energy consumption for mobile devices. Sprig can upload Replay clips over Wi-Fi or Cellular networks.

Application Size

Sprig’s SDK adheres to rigorous standards and limits third-party dependencies, prioritizing the use of native framework code wherever possible. See the following SDK pages for more details:

Crash Mitigation

We have conducted thorough testing to minimize the risk of crashes. If any issues arise, we can turn off all replays remotely from our backend, ensuring rapid response and minimal disruption to your users’ experience.