UserHero Docs
Privacy

Privacy Controls

Configure what data your widgets collect

Privacy Controls

UserHero gives you granular control over what data is collected. Configure settings at both project and widget levels.

Privacy Hierarchy

Project Settings (ceiling)
    └── Widget Settings (can only be more restrictive)

Project settings set the maximum allowed collection. Widget settings can be more restrictive but never exceed project settings.

Project-Level Settings

Configure in Project SettingsPrivacy:

Page URL Collection

SettingCollected Data
OffNothing
Path only/dashboard/settings
Full URLhttps://app.example.com/dashboard/settings?tab=profile

Recommendation: "Path only" for most cases—provides context without query parameters.

Referrer

SettingDescription
OnPrevious page URL stored
OffNot collected

Browser & OS

SettingDescription
OnBrowser name, version, OS
OffNot collected

Device & Viewport

SettingDescription
OnDevice type, screen size
OffNot collected

Timezone & Locale

SettingDescription
OnUser's timezone, language
OffNot collected

Location

SettingDescription
OffNot collected
Country onlyCountry code derived from IP

Custom Metadata

SettingDescription
OnAllow setMetadata() calls
OffMetadata ignored

Widget-Level Settings

Each widget can further restrict collection:

Screenshot Capture

SettingDescription
OffNo screenshots
OptionalUser can choose to capture
RequiredMust capture before submit

Email Collection

SettingDescription
OffEmail field hidden
OptionalField shown, not required
RequiredMust provide email

File Attachments

SettingDescription
OffNo attachments
OptionalCan attach files

Example Configuration

Privacy-First (Minimal Collection)

Project Settings:
├── Page URL: Path only
├── Referrer: Off
├── Browser & OS: Off
├── Device & Viewport: Off
├── Timezone & Locale: Off
├── Location: Off
└── Custom Metadata: Off

Widget Settings:
├── Screenshot: Off
├── Email: Off
└── Attachments: Off

Standard Collection

Project Settings:
├── Page URL: Path only
├── Referrer: On
├── Browser & OS: On
├── Device & Viewport: On
├── Timezone & Locale: On
├── Location: Country only
└── Custom Metadata: On

Widget Settings:
├── Screenshot: Optional
├── Email: Optional
└── Attachments: Optional

Full Context (Bug Reporting)

Project Settings:
├── Page URL: Full URL
├── Referrer: On
├── Browser & OS: On
├── Device & Viewport: On
├── Timezone & Locale: On
├── Location: Country only
└── Custom Metadata: On

Widget Settings:
├── Screenshot: Required
├── Email: Optional
└── Attachments: Optional

User-Facing Privacy Notice

You can add a privacy notice to your widget:

  1. Go to widget SettingsContent
  2. Enable "Show privacy notice"
  3. Customize the text or link to your privacy policy

Example notice:

Your feedback helps us improve. We collect minimal 
context data. See our Privacy Policy for details.

Masking Sensitive Elements

In screenshots, mask sensitive content:

<!-- Password fields auto-masked -->
<input type="password" />

<!-- Custom masking -->
<div data-userhero-mask>
  Sensitive content hidden in screenshots
</div>

<!-- Exclude completely -->
<div data-userhero-exclude>
  Not included in screenshots
</div>

Compliance Considerations

GDPR

  • Use minimal collection settings
  • Show privacy notice
  • Enable data export
  • Honor deletion requests

CCPA

  • Disclose data collection in your privacy policy
  • Provide opt-out mechanisms
  • Honor "Do Not Sell" requests

HIPAA

UserHero is not HIPAA-compliant. Do not collect protected health information (PHI).

Privacy by Default

New projects start with privacy-friendly defaults:

SettingDefault
Page URLPath only
ReferrerOn
Browser & OSOn
Device & ViewportOn
Timezone & LocaleOff
LocationOff
Custom MetadataOn
ScreenshotsOptional

Audit Log

Track changes to privacy settings:

  1. Go to SettingsAudit Log
  2. Filter by "Privacy" events
  3. See who changed what and when

Next Steps

Data Collection

Full data collection reference

Screenshots

Screenshot privacy features

Data Collection

Understand what data UserHero collects

Widget SDK Reference

Complete JavaScript SDK API reference

On this page

Privacy ControlsPrivacy HierarchyProject-Level SettingsPage URL CollectionReferrerBrowser & OSDevice & ViewportTimezone & LocaleLocationCustom MetadataWidget-Level SettingsScreenshot CaptureEmail CollectionFile AttachmentsExample ConfigurationPrivacy-First (Minimal Collection)Standard CollectionFull Context (Bug Reporting)User-Facing Privacy NoticeMasking Sensitive ElementsCompliance ConsiderationsGDPRCCPAHIPAAPrivacy by DefaultAudit LogNext Steps