Filter sensitive values
Help filter common contact, token, payment-like, and identifier patterns before they become product data.
Privacy controls
Hymetry helps teams capture the product signals they need while filtering common sensitive patterns, ignoring configured fields, and keeping capture rules visible for review.
Capture scope, redaction, and review state in one place.
Use hosted Hymetry, run the open-source version, or ask about installation on your own server.
Privacy rules
/app/* included, /billing/* and /admin/secrets/* excludedScoped[data-hymetry-ignore], private notes, token fields, payment inputsIgnoredCapture with guardrails
Privacy Controls give teams a clear operating model: filter common sensitive patterns, define what should never be captured, and limit collection to approved product areas.
Help filter common contact, token, payment-like, and identifier patterns before they become product data.
Configure selectors, attributes, routes, and event properties that should be masked or excluded.
Keep capture focused on approved product areas, useful event types, and reviewable rule changes.
Sensitive value filtering
Hymetry can help filter common sensitive patterns before values are written into analytics or replay context. Use built-in filters for common cases, then add product-specific rules for fields and flows that need stricter handling.
Detected values are redacted before storage
Email, phone, token, payment-like values, password-like fields
Common patterns and configured selectors are redacted or ignored
Page, event, timing, and safe context remain available for analysis
Built-in filters help cover common patterns. Teams should still add custom sensitive selectors, ignored fields, and route rules for their own product.
Every product has sensitive areas that generic filters cannot fully understand. Configure blocked selectors, blocked URL patterns, ignored event properties, and route rules that are owned and reviewed by your team.
[data-hymetry-ignore]Product OpsJun 28Activeinput[type="email"]PrivacyJun 28Active/billing/*FinanceJun 21Scopedevent.form_valueProductJun 18Ignored.customer-secretSuccessJun 14ActivePrivacy controls should not stop at masking. Teams can reduce exposure by deciding which pages, routes, events, and product areas should be captured at all.
Replay is useful when teams need to understand a workflow, but it should not become a place where sensitive customer data is stored. Privacy Controls help keep replay focused on behavior, paths, and interaction - not private values.
Teams can start with managed privacy defaults, add custom capture rules, or choose a self-managed path when infrastructure custody matters. Deployment options may differ by plan and support package.
| Control | Hosted | Open-source | Own-server package |
|---|---|---|---|
| Managed privacy defaults | Hymetry managed | Self-managed | Configured with install |
| Common sensitive filters | Included | Included | Included |
| Custom capture rules | Included | Included | Included |
| Advanced redaction rules | Configurable | Configurable | Configurable with review |
| Route and page exclusions | Included | Included | Included |
| Infrastructure operation | Managed by Hymetry | Customer managed | Customer infrastructure |
| Data custody model | Hosted workspace | Customer controlled | Customer controlled |
| Installation support | Managed by Hymetry | Community / self-managed | Available with package |
Privacy Controls keep the product workflow useful while reducing unnecessary capture and making the rule set visible.
Keep product signals useful while excluding fields, pages, and values that do not need to become analytics data.
Keep capture scope, masked selectors, ignored routes, and review state in one place for operational review.
Preserve page path, event timing, and safe session context so teams can investigate behavior without exposing private values.
Filtering, scope, and never-capture rules apply before captured behavior is used across analytics, replay, and AI-assisted investigation.
Explore a demo project, then decide which capture rules and deployment model fit your team.
Review your own legal and compliance requirements before enabling capture in sensitive areas.