Show your client the way,
don't explain it in words
PeekDesk is a secure co-browsing tool for support teams. The agent sees the client's screen in real time — no installation, no recording, no cookies.
How It Works?
The entire process takes under 30 seconds. The client doesn't install anything — just a single button click on your website.
Embed the snippet
Paste one line of code on your website. The widget loads asynchronously — it won't slow down your site.
Client clicks the button
A "Live Help" button appears on your site. The client clicks it when they need assistance.
Receives a PIN
The system generates a one-time 6-digit PIN code. The client shares it with the agent via phone or chat.
Gives consent
The client sees a consent dialog and consciously confirms screen sharing. Full transparency.
Agent sees the screen
The agent observes the client's screen in real time and points out elements with a cursor or laser.
Designed with Security in Mind
Every element of PeekDesk was built following data minimization and full control principles. No client data is stored after the session ends.
Full Access Control
Each client receives an individual API key. The widget works only on domains authorized in the dashboard — unauthorized pages are rejected at the server level.
Encrypted Transmission
All communication happens over encrypted WebSocket connections (WSS/TLS). Data transmitted between client and agent is never readable by third parties.
Session Isolation
Each session operates in full isolation. Data from one session can never be read by another. After disconnection, session memory is immediately released.
Zero Trace After Session
PeekDesk doesn't save recordings, doesn't create cookies, doesn't leave data in the browser. After the session ends, there is no trace — privacy by design.
Explicit User Consent
Before the session starts, the client sees a clear consent dialog. They must consciously confirm screen sharing. Without consent — the agent sees nothing.
Read-Only Mode
The agent observes the client's screen but cannot control it remotely. They can only point out elements with a cursor and draw with a laser — full control stays with the client.
Sensitive Data Protection
Password fields and sensitive data are automatically masked during transmission. The agent sees the interface but never has access to confidential data entered by the client.
Rate Limiting & Abuse Protection
Built-in rate limiting and DDoS protection mechanisms ensure service stability. Each API key has usage limits, eliminating the risk of abuse.
Automatic PIN Rotation
The session code changes automatically every 60 seconds if not used. Even if someone sees the PIN, it becomes invalid shortly after — eliminating session hijacking risk.
One Line of Code
Paste the snippet below in the
section of your page. The widget will load asynchronously and won't affect site performance. No API key needed — your domain is verified automatically from dashboard settings.Domain is verified automatically from dashboard settings. Add your domains in Dashboard → Domains..
<script async src="https://peekdesk.com/w.js"></script>
PeekDesk vs. Traditional Tools
Compare PeekDesk with popular remote support and session recording solutions.
| Feature | PeekDesk | TeamViewer | AnyDesk | Hotjar |
|---|---|---|---|---|
| Zero client-side installation | ✓ | ✕ | ✕ | ✓ |
| Live preview (real-time) | ✓ | ✓ | ✓ | ✕ |
| Explicit client consent (consent modal) | ✓ | ✕ | ✕ | ✕ |
| Zero cookies / zero recording | ✓ | ✕ | ✕ | ✕ |
| Read-only mode | ✓ | ✕ | ✕ | ✓ |
| Password & sensitive data masking | ✓ | ✕ | ✕ | Partial |
| API key + domain whitelist | ✓ | ✕ | ✕ | ✕ |
| Ephemeral sessions (zero traces) | ✓ | ✕ | ✕ | ✕ |
| GDPR compliant out of the box | ✓ | Requires configuration | Requires configuration | Requires configuration |
Frequently Asked Questions
Co-browsing is a real-time view of the client's browser. Unlike screen sharing, the client doesn't need to install any software or share their entire desktop — the agent only sees the web page, not other windows or applications.
No. PeekDesk works as a lightweight JavaScript widget embedded on your site. The client clicks a button, gives consent, and it's done. No downloads, browser extensions, or registration required.
Each company receives a unique API key that they place in the snippet on their site. The server verifies the key with every connection and checks if the domain is authorized. Unauthorized connections are immediately rejected.
Domain whitelisting means the PeekDesk widget will only work on pages you've previously authorized in the admin panel. Even if someone copies your snippet to another site, the server will reject the connection because the domain isn't on the allowed list.
No. PeekDesk works in read-only mode. The agent can see the client's screen and point at elements with a cursor or draw with a laser, but cannot click, type, or control the client's browser. Full control always remains with the user.
Nothing — literally. PeekDesk doesn't save recordings, screenshots, or session logs. Transmission data is streamed in real time via WebSocket and never hits the disk. After disconnection, session memory is immediately freed on the server.
Yes. PeekDesk meets GDPR requirements by design: it requires explicit user consent, doesn't collect personal data, doesn't create cookies, doesn't store recordings, and sessions are ephemeral. Data minimization is built into the architecture — no additional configuration needed.
Fields of type and elements marked as sensitive are automatically masked during transmission. The agent sees the interface, buttons, and page content, but never has access to passwords and confidential data entered by the client.
The widget loads asynchronously and weighs just a few kilobytes. Recording (rrweb) and transport (Socket.io) libraries are loaded from CDN only after the button is clicked — before that, only a small button is present on the page. The performance impact is imperceptible.
The PeekDesk server has built-in mechanisms to limit the number of connections per API key and IP address. This protects against both brute-force attempts and DDoS attacks. Each API key has configured limits, and suspicious traffic patterns are automatically blocked.
PIN rotation is an additional security layer. If the agent doesn't join the session within 60 seconds, the system automatically generates a new code. This way, even if someone sees the PIN on the client's screen, it becomes useless after a moment. It's the same mechanism banks use for one-time tokens.
Simple Pricing, No Hidden Costs
Start for free and upgrade to Pro when your team is ready for more.
- 2 minutes per session
- 10 sessions per day
- 1 authorized domain
- Button customization
- Unlimited session duration
- Unlimited number of sessions
- Unlimited domains
- Priority support
- White label — custom branding
Ready to help your clients more effectively?
Start using PeekDesk in minutes. Start for free — no credit card required. Upgrade to Pro for $29/mo when you're ready.