Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.helpalive.com/llms.txt

Use this file to discover all available pages before exploring further.

Privacy in HelpAlive is enforced by design, not by policy. This page summarizes the guarantees we ship; the Redaction and Data deletion pages have the operational details.

What we guarantee

Two-layer PII redaction

Personal information is stripped twice — first in your users’ browsers, then again on our servers — before any of it is stored long-term.

Per-customer isolation

Your data is isolated from every other customer’s data. We never blend, share, or train on customer data.

DSAR-ready deletion

Honor a user’s right-to-be-forgotten request from the dashboard. Async jobs with full audit trail.

Consent modes built in

Default-on or consent-required modes, plus a runtime toggle — integrate with whatever cookie banner you already run.

What we capture

The HelpAlive SDK auto-captures user behavior. The events look like:
FieldExampleNotes
Event typeclick, pageviewAuto-captured.
Page URL/billingCleaned of any IDs, emails, or tokens that look like personal data.
Element identifierAn anonymous referenceWe never send the element’s class names, IDs, or text content.
Surrounding text[redacted email]…SettingsPersonal data is stripped before transmission.
Timestamp1715000000When the event happened.
User identityuserId, tenantIdFrom your identify() call — your stable IDs, not personal data we collect.
Optional traitsplan, roleOnly what you choose to send.

What we never capture

  • Keystroke contents. We don’t watch what users type into inputs.
  • Form values. Submit events fire; the values inside the form do not flow to us.
  • Password fields. Always excluded.
  • Common personal data — emails, phone numbers, payment card numbers, national IDs. Removed before anything is sent.
  • Chatbot messages, in event analytics. Conversations live in their own secure store and never mix with adoption events.

How personal data is removed

There are two layers of cleanup:
  1. In your user’s browser. Before anything is sent, the SDK strips common patterns from URLs and captured text — emails, phone numbers, tokens, anything that looks personal. If anything goes wrong in this step, the data is dropped instead of sent.
  2. On our servers. Before anything is stored, a second cleanup catches names, addresses, regional identifiers, and edge cases the first pass might miss.
Only the cleaned data ever reaches the part of our system your dashboard reads from. Your team cannot see raw, uncleaned events. See Redaction for the full list of what’s removed.

Where data is stored

WhereWhat’s in it
Adoption analyticsCleaned activity — clicks, pageviews, form submits, friction signals.
Chat conversationsQuestion and answer text, with personal data removed. Kept separate from analytics.
User profilesThe identity you sent through identify() — userId, displayName, email, plan.
Your data is isolated from every other HelpAlive customer’s data. For organizations that need extra reassurance, we offer additional access controls on request. Two modes:
ModeBehavior
AutoDefault. The SDK starts capturing on load. Use this where prior consent isn’t required.
RequiredThe SDK loads but stays silent until your code calls setConsent({ analytics: true }).
Set the project default in Settings → Privacy, and toggle at runtime as the user updates their preferences. See Configure consent.

Data subject controls

When a user invokes their right to be forgotten:
  • User-level deletion — remove a single user’s events, profile, and chat history.
  • Workspace-level deletion — remove a whole workspace and every user under it.
  • Async jobs with status (queued, running, complete, failed) and an audit trail.
For a lighter alternative (“stop processing my data” without deleting history), use user or workspace suppression.

Retention

Default retention for events is 12 months. Per-customer retention can be tightened on request; a self-serve UI for retention controls is on the roadmap.

Compliance posture

HelpAlive ships with compliance defaults appropriate for B2B SaaS:
  • GDPR-ready data subject controls (consent, suppression, deletion).
  • A documented data model — see /data-we-collect in your dashboard.
  • SOC 2 in progress; talk to us for the latest status under NDA.

Trust through visibility

You can verify our privacy posture in three ways:
  • From your dashboard — see the consent state, suppression flags, and deletion jobs for any user.
  • From your browser’s network tab — open developer tools and see exactly what HelpAlive sends, and what it doesn’t.
  • From our security policy — request the security overview from your account contact at any time.

Next steps

Redaction details

What’s stripped, where, and how.

Data deletion

Honor a user’s right-to-be-forgotten request.

Configure consent

Auto vs required modes; runtime toggle.