We’re Serious About Data Privacy & Security

ActivTrak is designed with a Privacy-first approach in mind, and uncompromising security to ensure the confidentiality and integrity of all collected and analyzed data.

Data Privacy

Our Ethical Approach to Data Collection, Privacy, and Analysis

Improving productivity requires the collection and analysis of digital work activity data to establish a baseline, upon which you can measure trends and patterns that impact individual and organizational productivity. We know employee monitoring and activity analysis have a mixed history and association with heavy oversight and erosion of trust, ActivTrak intends to better understand how to improve overall productivity and business outcomes through secure, responsible, empowering and ethical use of data intelligence, ready for a modern workplace.
We designed ActivTrak with the key elements of trust, transparency, privacy, compliance and security top of mind, and deliberately developed a powerful platform that focuses on the collection of contextual data, avoiding invasive employee monitoring techniques. We do not promote the use of ActivTrak as a form of surveillance. Instead, we recommend being transparent with employees about the intent, use, benefit, expectation, and trustworthy application of ActivTrak insights for improved productivity, healthier work habits, and greater engagement.

Below are ways we help protect your privacy, while still retrieving the data necessary to manage your account and analyze productivity

Sensitive data protection

Prevent exposure of private and sensitive data

Multiple role-based access configurations

Protect confidentiality with customizable user permissions and settings

Non-business activity excluded in Insights

Removes all non-business domain names/titles/URLs

Anonymized & Aggregated data when appropriate

Preserve confidentiality and privacy

Report Subscriptions & Sharing

Promotes visibility and transparency into data intelligence

Personal insights report subscription

Encourage self awareness & improvement with access to own data insights

Protect against data security risks

With certified SOC 2 Type I compliant platform

Audit Logs

Enable detailed investigation & scrutiny of recorded activity

Privacy Compliance Support

For most common regulations e.g GDPR, HIPAA, COPPA

Security Alarms & Domain blocking

To flag and prevent compliance violation

Configurable website Classification based on team function

Ensures accurate data measurement

Data Recovery & Retention Policy

Allows organizations complete control to all active account data

Schedule Working Hours

Limits data collection to pre-set work hours

Do not Track List

Disables all data collection for users on this list

No Video Monitoring & key logging

To prevent intrusive monitoring

Screenshots turned off by default

To prevent intrusive monitoring

Security

Robust safeguards and controls ensure Security and Compliance

ActivTrak is committed to delivering innovative technology and powerful insights to help manage the modern day workforce, in a smart, ethical and secure manner that leads to successful business outcomes and a positive employee experience.

We regularly test our infrastructure and applications rigorously to isolate and remediate vulnerabilities. We also work with industry security teams and third-party specialists to keep our users and their data safe. ActivTrak is a certified SOC 2 Type I compliant solutions provider, with multiple layers of protection across a distributed, reliable infrastructure. All ActivTrak data is stored in a secure data warehouse managed and secured by Google Cloud Platform (GCP)

Learn about our responsible disclosure program

Data Collection


Data is encrypted in transit – all account information is encrypted in transit and stored in a secure data center hosted by Google Cloud Platform (GCP).

  • Encrypted connection protocols included HTTPS and SSL/TLS.
  • Communication between ActivTrak cloud and the agent uses HTTPS/TLS with AES-128 encryption.
  • Mutual authentication is provided by a combination of digital certificate and per-instance shared key, which is created during deployment.

Data Storage


Data is encrypted at rest – we use several layers of encryption to protect customer data at rest in Google Cloud Platform (GCP).

  • Data stored within the cloud is stored using AES-256 encryption.
  • Data is automatically encrypted prior to being written to disk.
  • All data, including screenshots, and activity logs, are split into discrete blocks which are encrypted.

Identity Authentication


ActivTrak complies with your organization’s authentication security standards and protocols.

  • We support single sign-on (SSO) and Multi-factor authentication (MFA).
  • When SSO and/or MFA is enabled, we delegate the user authentication process to identity providers that support the Security Assertion Markup Language (SAML) 2.0 standard.
  • We have certified SSO for the following identity providers: Okta, Azure AD, OneLogin, and Google Suite.
Create free account Get started
Watch 2-minute demo See a demo