Privacy Policy

This Privacy Policy explains how Assure collects, uses, and shares information when you use the Assure web app, browser extension, pixel, APIs, and related services.

It covers both general product usage and browser-extension-assisted QA recording sessions that you explicitly start from the Assure dashboard at assure.so.

The Assure browser extension is designed for QA testing sessions that you explicitly start from the Assure dashboard. A session starts when you open a target site using an Assure session link or URL parameters issued for that session.

Those session parameters are used to identify the test run and associate captured events with your Assure workspace. On pages without valid Assure session parameters, the extension is intended to remain inert: it does not collect session data, render the recording toolbar, patch browser APIs for recording, or send session events to Assure.

Account information may include your name, email address, profile photo, and team or workspace membership details.

Workspace and product data may include projects, scenarios, prompts, environment details, notes, screenshots, outcomes, and configuration you add to Assure.

Technical and diagnostic data may include browser type, device information, approximate network information, reliability logs, and service diagnostics needed to operate and secure Assure.

Web app usage data may include pageviews, clicks, and other interaction events collected through product analytics tools to help us understand how Assure is used and improve the product. This data is not used for advertising or cross-site tracking.

During an active QA session, Assure may capture network requests and responses, including URLs, HTTP methods, status codes, timing, and request or response bodies. Large bodies may be truncated, for example to around 16 KB, before storage or display.

Assure may capture console output, including log, warn, error, info, and debug messages, along with associated arguments needed to understand the event.

Assure may capture user interaction and page context data, including click targets, visible clicked text, input field metadata such as field name, type, and placeholder, focus and blur events, visibility state changes, page URLs, referrers, and SPA navigation events.

Assure may capture performance metrics such as Largest Contentful Paint, Cumulative Layout Shift, and page load timing, as well as screenshots and notes that you manually create during the session.

Depending on the site or environment being tested, captured URLs, network payloads, screenshots, or notes may contain personal or other sensitive information present in that environment.

Assure is not intended to collect browsing history outside active QA sessions started from the dashboard, and it is not intended to collect data merely because the extension is installed.

Assure does not intentionally capture keystrokes, passwords, or the literal values typed into form fields as part of routine session recording. For inputs, Assure is designed to capture metadata about the field rather than the value entered.

Assure is not used for advertising, cross-site behavioral profiling, or selling personal information.

We use collected information to provide the service, authenticate users, run QA sessions, display session timelines, generate summaries, troubleshoot issues, improve the product, and protect Assure against abuse or misuse.

Captured session context may also be exported or formatted for AI-assisted debugging workflows, including exports to tools such as Claude or Cursor, when initiated by the user.

We may also use aggregated or de-identified information for analytics, reliability, and product improvement.

Captured session data is sent to your Assure workspace using authenticated API calls over HTTPS. Session data is accessible to users with access to that workspace.

We do not share captured session data with advertisers, data brokers, or other customers. We may use service providers and infrastructure partners that process data on our behalf to host, secure, store, and operate Assure.

Screenshots and related assets may be stored using Google Cloud or Firebase-managed storage infrastructure associated with your Assure project or workspace.

We may disclose information if required by law, to enforce our Terms of Service, or to protect the rights, safety, and security of Assure, our users, or others. We do not sell personal information.

We keep information for as long as needed to provide the service, comply with legal obligations, resolve disputes, and enforce agreements.

Session data is generally retained until it is deleted from the relevant Assure workspace. Retention periods may vary based on workspace configuration and whether data is needed for security or operational purposes.

If your workspace permissions allow it, you can delete sessions and associated data from the product.

Recording sessions may use unique, time-limited secrets or tokens that are included in session launch URLs from the Assure dashboard. These tokens help associate captured data with the correct workspace and session and are intended for one session flow rather than general browsing.

The browser extension is designed to work on many websites because QA teams may test staging environments, internal tools, and production sites across different domains. When an active session is running, the extension may observe page activity needed for recording, including network activity, console output, and navigation behavior.

The extension does not request special Chrome permissions beyond what is needed to load its packaged code and run its content script behavior. Assure does not serve remote executable code through the extension package.

We use reasonable administrative, technical, and organizational measures to protect information, but no system is perfectly secure.

You are responsible for maintaining the confidentiality of your account credentials and any secrets or tokens stored in your environment.

You are responsible for ensuring that you have the rights, permissions, and notices needed to collect or submit session data through Assure.

If you use Assure to test third-party sites, internal tools, customer environments, or employee-facing systems, you are responsible for complying with applicable privacy, employment, monitoring, and security laws or policies.

For questions about this policy, contact hello@assure.so.

We may update this Privacy Policy from time to time. If we make material changes, we may update the date on this page or provide additional notice inside the product.