Join us September 16th at 10am CT for a Live Webcast: Tips and Tricks to Get the Most Out of Your Productivity Data in ActivTrak – Register Now!

We’re Serious About Data Security & Privacy

Keeping our users’ data secure and private is the most important aspect of our business. ActivTrak uses a multi-layered approach to secure the private information our customers entrust to us. Our workforce analytics platform was designed and built from the ground up with security in mind to ensure confidentiality and integrity of all collected data.

A lock in front of a computer monitor, a sheet of paper, gears, a couple file folders, the wifi symbol, a cloud and a shield.


A laptop under a sheet of paper with lines, a green lock and yellow and blue gears above it all.

Data Collection

Data is encrypted in transit – all account information is encrypted in transit and stored in a secure data center hosted by Google Cloud Platform (GCP).

  • Encrypted connection protocols included HTTPS and SSL/TLS.
  • Communication between ActivTrak cloud and the agent uses HTTPS/TLS with AES-128 encryption.
  • Mutual authentication is provided by a combination of digital certificate and per-instance shared key, which is created during deployment.
How ActivTrak Secures the storage of your data

Data Storage

Data is encrypted at rest – we use several layers of encryption to protect customer data at rest in Google Cloud Platform (GCP).

  • Data stored within the cloud is stored using AES-256 encryption.
  • Data is automatically encrypted prior to being written to disk.
  • All data, including screenshots, videos, and activity logs, are split into discrete blocks which are encrypted.
A blue cloud with a gray lock on it with arrows pointing to and from a computer monitor with a green key on it.

Identity Authentication

ActivTrak complies with your organization’s authentication security standards and protocols.

  • We support single sign-on (SSO) and Multi-factor authentication (MFA).
  • When SSO and/or MFA is enabled, we delegate the user authentication process to identity providers that support the Security Assertion Markup Language (SAML) 2.0 standard.
  • We have certified SSO for the following identity providers: Okta, Azure AD, OneLogin, and Google Suite.

Rigorous security testing

We regularly test our infrastructure and applications to isolate and remediate vulnerabilities. We also work with industry security teams and third-party specialists to keep our users and their data safe. ActivTrak is designed with multiple layers of protection across a distributed, reliable infrastructure. All ActivTrak data is stored in a secure data warehouse managed and secured by Google Cloud Platform (GCP).

Learn about our responsible disclosure program


A man in a suit with a blue cloud on the right and gray arrows going through the cloud and pointing to him.

Who has access to your data?

You own the data in your account. ActivTrak does not view the private information collected by your account. Our policy is to take a ‘least-privilege’ approach, meaning we only access customer data upon request for support from an authorized administrator for your account.

  • Customer information stored in the cloud is encrypted at rest with our organizational keys.
  • ActivTrak employees do not have access to this information unless temporarily granted by the customer for troubleshooting.
  • User access is highly restricted and must be approved by an organizational admin you designate.
A computer monitor showing blue white and green vertical bars with yellow, blue and green gears above it.

How do we protect your data?

ActivTrak is designed with multiple layers of protection across a distributed, reliable infrastructure. All ActivTrak data is stored in a secure data warehouse managed and secured by Google Cloud Platform (GCP).

  • Servers are hosted in a SOC2 type 2 compliant datacenter, across multiple availability zones/regions.
  • Google’s physical infrastructure has been accredited under ISO 27001, SOC 1/SOC 2/SSAE 16/ISAE 3402, PCI Level 1, FISMA Moderate and Sarbanes-Oxley.

Employee/Corporate Privacy

Our technology empowers organizations to identify behavioral trends and gain insight into human work behavior on digital devices in the workplace. We take employee privacy seriously and do not promote the use of ActivTrak as a form of big brother, but instead recommend being transparent with employees about the use of ActivTrak. The intent of ActivTrak is to better understand how to increase organizational productivity, strengthen cyber defenses and lift employee engagement.

Over 130,000 organizations trust us with their most important work

The words A and D Mortgage in red text.
The word Allstate and their logo which is 2 hands cupped together in a blue circle.
The words Axos Bank.
The works Magnolia Bank over a white and green magnolia blossom.
The Remax logo which is a hot air balloon with Remax in the middle.

Below are ways we help protect your privacy, while still retrieving the data necessary to manage your account and analyze productivity

Scheduling Working Hours

Accounts are provided with a scheduling feature that allows an administrator to set up a schedule where the ActivTrak only collects activity during the user's set work times.

Do Not Track List

Once a user is placed on the Do Not Track list ActivTrak will completely stop collecting any of the user's data and will only begin collecting data once they are removed from the list.

Screenshot Capturing

When an account is set up, screenshots are disabled by default. We recommend enabling screenshots only in response to specific activities, or that you leave them off completely.

Viewer Roles

After an account is created, admins are the only people who can sign in and view user data by default. This can be changed to allow users access based on different viewer roles.

No Keylogging

To protect employee passwords and keystrokes, ActivTrak does not provide any type of keylogging feature.

No Video Monitoring

We do not provide a video monitoring feature and the ActivTrak agent does not have access to the users' camera. Employees can work privately wherever they are as well as keeping sensitive information that may be shown on their screen from being recorded.

Data Recovery and Retention

As long as your account is active, you have full control over specific user information retained, including: screenshots, videos and length of time. Activity Log Data, videos and screenshots can be exported via a variety of methods in compliance with Right to Data Portability (GDPR, Article 20).

Credit Cards

ActivTrak never stores credit card details associated with your account. All credit card information is collected and processed by a third-party, PCI compliant payment processor. Your card information is passed directly to them, meaning your credit card information never touches our servers.


We do not have access to any password details. All passwords are encrypted in transit, and stored in a secure data center.


ActivTrak supports compliance initiatives such as HIPAA, COPPA and GDPR. Ultimately customers are responsible for evaluating their own compliance with the law.

A grey Brandon Hall Group badge that says excellence in technology awards silver 2020.
A G2Crowd badge that says Users Love Us.
Inc 5000 Dark
A grey and white PC Mag badge for Editor's Choice.
A Software World badge that says Software World Top Rated 2020.
A large 500 over the words Technology Fast 500 2020 North America Deloitte.
Create free account Get started
Watch 2-minute demo See a demo