CONTACT US
Product Updates · 2 min read

Managing GDPR and FullStory Session Replay

The Fullstory Team
Posted May 09, 2018
Managing GDPR and FullStory Session Replay

Updated May 2021

FullStory serves up all your General Data Protection Regulation needs

Here’s what we implemented to help you manage GDPR requirements and protect user privacy using FullStory.


The right to be forgotten

Ever wanted to delete your data in FullStory but found it overly cumbersome?

GDPR gave us an opportunity to streamline our data deletion process, placing the focus on an individual’s data. Now FullStory users with admin permissions can entirely erase users from their account at the click of a button (with confirmation, of course).

After a user is completely deleted, you’ll receive a discreet email, a receipt of sorts, to confirm that the appropriate action has been taken. We also offer an API endpoint for deleting users.

fs-delete-user-123

Better exclusions and consent tools

While we’ve always offered the ability to exclude any element from recording, we concluded the general feeling of our UI for element exclusions was slapdash. It was just a textarea to dump CSS selectors that left some users intimidated and uncertain.

We also massively enhanced our excluded elements by allowing users to selectively record them based on user consent. Using the FS.consent API, you can now let FullStory know, with a little bit of code, whether or not to record any consent-sensitive parts of your webpages. 

Keep user IP addresses out of FullStory (if you want to)

For our users who consider IP addresses to be personally identifiable information, we now offer the ability to discard IP addresses from FullStory. We will hold the IP address while the session is cooking, but once it’s been served, ready to consume, the IP address will be in the virtual garbage can.

The rigorous demands of GDPR may feel complicated, but FullStory’s foray of feature functionality should leave you feeling just fine. And while the future under GDPR may still be murky, we’re confident we have good options in place to keep our users satisfied and, as always, we’ll be open to trying new things when they’re right for us and our users.

You can fine the option to discard IP addresses in Settings > Privacy

Learn more about GDPR and FullStory.

Author
The Fullstory TeamContributor

About the author

Our team of data and user experience experts share tips and best practices.

Return to top