in my understanding the following should be applied:
Q1:
i would suggest (if not already) reading scoping rules and environments (env) in R. In a nutshell:
server.R:
#at this point env is created as a child to global env, let's call it server env
this <<- 3
this = 3.1
shinyServer(function(input, output) {
# at this point env is created as a grand child to global env, let's call it serverFunction env
this = 3.14
output$example = renderText({
#env for renderText function created as a child to serverFunction env
this = 3.141
return(this) # will return 3.141
return(get(x='this', envir = environment()) # returns 3.141 same as previous
return(get(x='this', envir = parent.env(environment())) # returns 3.14 as parent is serverFunction env
return(get(x='this', envir = parent.env(parent.env(environment()))) # returns 3.1 as grandparent is server env
return(get(x='this', envir = parent.env(parent.env(environment()))) # returns 3 as <<- operator assigned to global
}) # at this point renderText env is deleted
}) # at this point serverFunction env is deleted (i think 5 seconds after user disconnects)
# in here i am no longer sure, when the server env gets deleted, but i would assume same as serverFunction
# global again not sure, most likely when rsession.exe terminates
# this suggests that if multiple users are connected and assigned the same rsession.exe then global will exist until 5 secs after last user disconnects
Q2
i wouldn't think that shinyapps are using their own shiny-server where they changed the way shiny and R creates and terminates environments therefore it's fair to assume Q1 applies here.
Q3
3) no unless you create objects in global_env that can be potentially accessed cross session
3.1) object gets deleted from memory when calling function terminates so not necessary, use rm();gc() to control memory usage in memory heavy functions (e.g. when large objects (subjective) gets deleted during the function but function continues to run and process further data). "user completes the work flow" is usually when function ends and variables are deleted
3.2 and 3.2.1) not recommended and maybe not even needed based on above answers, i am not sure how could you prevent session from being terminated when user initiated termination by clicking X button, if javascript can prevent browser from closing after alert window is closed? also to ensure user actually does something even if they are alerted. i would recommend reading about session$onSessionEnded for any post session processing
3.2.2) Doable, you can create observers on which part of website is user at, e.g. which tab is active, if current tab value changes to FALSE then you delete given objects from memory in case they have been created in env which hasnt terminated yet.
to handle sensitive data?
use HTTPS and ensure strict HTTPS header to ensure encrypted communication and X-Frame-Options header to prevent clickjacking. Ideally use (if company) server accessible from within company VPN only. I have no experience with shinyapps io, i have used amazon aws before to create instance and launched shiny there, i would always recommend this option although you have to configure server yourself.
Kind regards,
Peter