Security & Privacy

This page covers the practical security and privacy basics for the managed ElementSnap launch path.

Managed hosting model

ElementSnap v1 is a managed SaaS for internal and admin applications. Workspace data, comment history, and control-plane configuration are hosted centrally so teams can install quickly and collaborate without standing up their own infrastructure.

Embedded auth

Widget writes are authenticated with short-lived signed tokens issued by your backend. The long-lived workspace signing secret stays server-side and should never be embedded in browser code.

Screenshot policy

Screenshots are not always on. The launch path keeps screenshot capture out of the base runtime and treats it as a future on-demand extension only when a workflow explicitly calls for it.

Retention basics

Feedback records are stored at the workspace level so comments survive refreshes, user sessions, and collaborator handoff. Public demo comments are temporary and expire from query results after 24 hours.

Enterprise roadmap boundary

Self-hosting, SSO, and advanced enterprise controls are planned beyond the managed v1 launch. The public widget contract is being kept stable so those later deployment modes do not require a different integration model.