Privacy #

Page load #

End users load the SDK from servers located in the EU. We do not keep logs of technical information inadvertantly transmitted as part of the request like the end user IP or user agent. Theoretically you can host the SDK files yourself, but then you will have to keep them up to date on your own, and we cannot guarantee that the self-hosted SDK will never break due to being outdated.

On page interaction #

In the default settings, no data is recorded until the user explicitly triggers recording with SDK. When the optional instant replay feature is enabled, recording is started at SDK initialization.

When a recording is running, the SDK collects technical information, but stores it locally on the end user's device. Only when the end user submits the recording, the recorded technical data is uploaded to Bird Eats Bug's servers.

Exclude recording of select data types #

Data-rich bug reports are more efficient to debug and resolve. However, there are valid reasons not to include some types of events, e.g. to protect the privacy of end-users. That's why every recorded event type can be excempt from being recorded by setting the specific recordedEventTypes property to false. This code example shows how to do it.

Sanitize recorded data before upload #

The authorization header in network requests is scrubbed automatically. So are keyboard inputs into fields of type="password", or marked with autocomplete of type "current-password", "new-password", "one-time-code", "cc-number", "cc-csc", "cc-exp". It is possible to exclude additional private information before the data is sent to Bird Eats Bug, as documented here.