Login
Start Free →
SECURITY & PRIVACY

Your Data is Your Data.

Sniffer processes screen recordings, console logs, and network data. We take that responsibility seriously. Here is exactly how we handle it.

🔒

AI Repro Steps

All data encrypted in transit (TLS 1.3) and at rest (AES-256). Recordings, console logs, and network data are encrypted before storage.

🏗️

Infrastructure

Hosted on AWS with region selection (US, EU). Isolated tenant environments. No shared databases between customers.

🕵️

PII Handling

Customer blur tool lets users redact sensitive areas before submitting recordings. Auto-detection for credit card numbers and SSNs in console logs.

🗑️

Data Retention

You control retention: 30, 60, or 90 days. Enterprise customers can set custom retention policies. Delete any recording at any time.

RECORDING DATA

What Sniffer Captures (and What It Doesn't)

When a customer or QA tester creates a recording, Sniffer captures the browser tab’s visual content, console output, and network requests. Here is exactly what is and isn’t included:

Screen recording of the active browser tab only (not other tabs, not the desktop)
Console logs (errors, warnings, info) from the recorded page
Network request URLs, status codes, and timing (response bodies are not captured by default)
Browser metadata: user agent, viewport size, URL, timestamp
Optional microphone narration (customer must explicitly enable)

What Sniffer does NOT capture:

Passwords, saved credentials, or autofill data
Other browser tabs or desktop content
Cookies or localStorage (unless explicitly enabled by the workspace admin)
Keystroke logging outside of form inputs on the recorded page
AI PROCESSING

How AI Analyzes Your Data

Sniffer’s AI pipeline processes recordings to generate repro steps, root cause analysis, suggested fixes, and regression tests. Here is how that works:

AI processing happens on Sniffer's infrastructure, not third-party LLM APIs
Recordings are not used to train any AI models
AI outputs (repro steps, fix suggestions, tests) inherit the same retention and access policies as the source recording
Enterprise customers can opt out of AI processing entirely and use Sniffer as a capture-only tool
ACCESS CONTROL

Who Can See What

Sniffer uses role-based access control to ensure the right people see the right data:

Workspace admins control who can view recordings, AI reports, and error groups
Support agents see recordings and AI reports for their assigned tickets only
Customer recording links are single-use and auto-expire (configurable: 24h, 7d, 30d)
SSO (SAML 2.0 / OIDC) available on Team and Enterprise plans
Audit log of all access events on Enterprise plan
COMPLIANCE ROADMAP

Where We Are and Where We're Going

LIVE

TLS 1.3 + AES-256 encryption

All data encrypted in transit and at rest

LIVE

Customer PII blur tool

Users can redact sensitive areas before submitting a recording

LIVE

Configurable data retention

30, 60, 90 day retention with instant delete

LIVE

SSO (SAML 2.0 / OIDC)

Available on Team and Enterprise plans

In Progress

SOC 2 Type I

Audit underway, expected completion Q3 2026

Planned

SOC 2 Type II

Targeted for Q1 2027

Planned

GDPR DPA / Standard Contractual Clauses

Available on request for EU customers

Planned

HIPAA BAA

For healthcare customers on Enterprise plan

🔐TLS 1.3
🛡️AES-256
☁️AWS Hosted
🇪🇺EU Region Available
🔑SSO / SAML
📋SOC 2 In Progress

Questions about security?

We are happy to walk through our security practices, discuss your compliance requirements, or provide a DPA.

Contact Us →