Who can use this feature?
- Available with all plans.
- Configurable in all paid plans.
- Requires an admin role to configure.
Understand the basics of Fullstory privacy capabilities and feel confident using them with our new Privacy in Fullstory course. Log in with your Fullstory credentials.
Overview
Form Privacy helps you proactively protect end users’ privacy by preventing Fullstory from logging potentially sensitive user data entered into form elements on your site.
Notes:
- Form Privacy is automatically enabled for all Fullstory accounts.
- Form Privacy cannot be disabled in Fullstory Free accounts.
How Form Privacy Works
Form Privacy enables a set of six element capture rules based on CSS selectors that mask or exclude form elements. Mask rules prevent text values from being captured while still capturing end-user interactions like clicks and change events. In contrast, exclude rules will prevent both text values and interactions from being captured.
What inputs does Form Privacy affect?
Form Privacy introduces the following six rules:
-
Mask
<input>
elements. This tag specifies an input field where users can enter data on your site. This rule will broadly mask most form elements as well as things like search bars and login fields. -
Mask
<textarea>
elements. Websites often use thetextarea
tag to provide multi-line text inputs for things like comments or reviews. The rule will mask all text within thetextarea
. -
Mask
<select>
elements. This tag is used to create drop-down lists. This rule will apply to all options presented to the user within the list. -
Mask
[contenteditable]
. This attribute, although not frequently used, specifies whether the content of an element is editable by end users. By masking elements with this attribute, we can prevent unintended capturing of these elements. -
Exclude
<input type="radio">
. Radio buttons are common form elements we exclude to prevent capturing text and interactions that could reveal unnecessary information to a viewer familiar with your site. -
Exclude
<input type="checkbox">
. Similar to radio buttons, we exclude checkbox inputs to prevent viewers familiar with your site from seeing potentially sensitive information.
You can view these rules in Fullstory under Settings > Data Capture and Privacy > Privacy.
(In general, if your account has Private by Default enabled, the Form Privacy section will not be accessible in Settings. However, Form Privacy can be accessible if it was enabled before Private by Default.)
Note that you can still analyze engagement with masked elements in Fullstory. Simply search for the CSS Selector of the element or create an Element to identify it using a name of your choosing.
Unmask Specific Form Elements by Creating Exceptions
Admins in your account can unmask specific elements that don't pose a privacy risk by creating exceptions to the default rules. The approach allows all other form elements to remain private by default—including any form elements added later.
One example of an exception would be a search bar. These types of inputs rarely present a privacy risk and can provide valuable insights into end user actions. If your search bar has a class of "search-bar," an Admin can add an exception like this:
This exception would unmask inputs with the selector .search-bar
for all future sessions. This approach greatly minimizes risk by preventing all other input elements (even ones added in the future) from being captured. By preventing unwanted data from being captured, you're able to deploy faster and with less worry. Note that you can add multiple exceptions to a privacy rule.
Note: Adding an unmask rule to your Element Exclusion rules will not unmask elements if you have Form Privacy enabled. Instead, you’ll need to add rule exceptions for elements like textarea
in order to unmask.
What else should I consider when using Form Privacy?
Input fields are the most common places for personal information to appear on a website. Form Privacy alone does not guarantee that unwanted data is not captured. It's important that unwanted information that may appear outside of form elements are manually masked or excluded. Common examples include usernames or email addresses, avatar images, payment and shipping confirmation pages, and username or password reset flows.