Data Privacy and the ActivTrak Platform
Data privacy is a top priority for ActivTrak. We are committed to safeguarding customer and user data through enhanced measures that ensure compliance with business policies or laws and regulations from your industry or local government. ActivTrak’s privacy-first approach empowers organizations to leverage the transformative power of workforce analytics without compromising data privacy and trust with employees.
Note: With the introduction of our Professional and Essentials plans, data privacy is the default within the platform. Features such as screenshots, screen views, detailed titles and URLs, and select Alarm actions are only available with the purchase of the Screen Details Add-on.
Click on a plan name below to learn about your subscription’s specific data privacy settings and options:
Professional, Essentials and Free Plans: Privacy-First Default
With ActivTrak’s Professional, Essentials and Free plans, privacy protections are set by default to prevent capturing any sensitive data or PII (Personally Identifiable Information). These safeguards cover privacy needs across the full account, for users accessing data within our platform and for licensed users with our software installed on their devices.
Data privacy is the default standard across our platform in the following ways:
- Intrusive forms of data collection via keystroke logging, camera access, video recording, email reading or counting are NOT SUPPORTED in the platform
- Sensitive data is not collected
- Screenshots, Screenviews, detailed titles and URLs, and select Alarm actions are not included. These features are available separately for purchase within the Screen Details Add-on.
- Data history is limited to 12 months for Professional, 6 months for Essentials and 30 days for Free, with the option to purchase additional Data History Add-ons.
- User access and permissions to individual employee or team data can be configured at a granular level based on role within the organization and need.
- Custom groups can be created with distinct permissions
- User data can be anonymized and aggregated
- Do not Track list stops data collection of a user’s associated device
- Employees can have access to their own personal data and insights
You can further protect data from discovery or data breaches by enabling Data Hashing, which encrypts title bars and URL subpages, making it impossible to reverse-engineer the original data. Enabling Data Hashing increases the security of data and adds an additional layer of privacy protection to stored data. Contact ActivTrak Support to enable Data Hashing for your account.
The hashing of title bars and URL subpages within the Activity Log
Premium and Advanced Plans: Data Privacy Controls
In the Premium & Advanced plans, you can hide certain data points and images that can potentially expose sensitive data throughout the ActivTrak platform without disrupting your workforce productivity analytics and reports.
Admins can access Data Privacy Controls via the Data Privacy toggle on the Role Access page (Settings > Access > Role Access).
When Data Privacy Controls are enabled (toggle on), the following data points and features are hidden:
-
Sensitive data and non-business activity including:
- All website and application title bars
- All website subpages (like detailed URLs)
- All screen images including Alarm Screenshots and Screen Views within Team Pulse
- Intrusive Alarm actions such as Pop-Ups, App Terminations and USB alarms
Note: The selected Data Privacy Controls settings apply across the platform, including within the application, ActivConnect and throughout any integrations you have enabled. And while certain data points are hidden within reports, they do not prevent the Agent from collecting and storing data.
If the controls are disabled in the future by purchasing and enabling the Screen Details Add-on, these data points will populate retroactively in reports for the time period that the controls were enabled. We recommend enabling Data Hashing to further protect your data. Learn more here.
Below are examples of the data shown in reports when Data Privacy Controls are enabled or disabled:
With Data Privacy disabled, the User View in Team Pulse shows full URLs and title bars within the Real-Time section as well as the Extended List and Screen View tabs.
With Data Privacy enabled, the User View in Team Pulse excludes URL subpages, title bars and the Extended List and Screen View tabs.
With Data Privacy disabled, the Top Websites Report shows full URLs and title bars.
With Data Privacy enabled, the Top Websites Report excludes URL subpages and title bars.
Data Hashing
You can further protect data within Title Bars and URL subpages from discovery or data breaches by enabling Data Hashing, which encrypts title bars and URL subpages, making it impossible to reverse-engineer the original data. Enabling Data Hashing does not prevent the Agent from collecting data, but it increases the security of stored data to ensure that sensitive details won’t be exposed. Contact ActivTrak Support to enable Data Hashing for your account.
The hashing of title bars and URL subpages within the Activity Log.
Data Processed with Data Privacy Controls On vs. Off
Computer/User Information |
Data Privacy On |
Data Privacy Off |
|
Information collected by the ActivTrak Agent that is not tied to individual user activities. |
|||
Computer Name |
The name of the computer directly from the machine itself. |
Included |
Included |
Computer Timezone |
The timezone setting of the local computer. |
Included |
Included |
Logon Domain |
If the user is Active Directory domain attached, the domain name. If the user is not attached to a domain, the computer name will be shown. Blank for Chrome Agents. |
Included |
Included |
Network ID |
Hashed representation of network ID for uniqueness. |
Included |
Included |
Primary Domain |
The main AD domain name of the machine. Part of the unique computer name. Blank for MacOS Agents and ‘Google’ for Chrome Agents. |
Included |
Included |
Private IP |
The internet protocol address within the local network. |
Included |
Included |
Public IP |
The internet protocol address used to access the internet. |
Included |
Included |
Session |
The session ID is used by Windows to tell the difference between user sessions. You mainly only see it on Terminal Servers where there are multiple users on one computer, and Session ID 0 is almost always reserved for the System. 0 for Chrome Agents. |
Included |
Included |
User |
Friendly user name; typically First and Last. Pulled from the operating system. |
Included |
Included |
User (raw) |
Simple login name; often first initial, last name. From the operating system. Appears as ‘User’ in ActivTrak. |
Included |
Included |
User Activity Information |
Data Privacy On |
Data Privacy Off |
|
ActivTrak user activity is defined as the currently active window for mouse movement, mouse clicks and keyboard presses. |
|||
Date and Time |
The exact date and time the user first accessed a specific activity. |
Included |
Included |
Description |
A short description of each user activity. |
Included |
Included |
Duration |
The amount of time a user spent in an activity. |
Included |
Included |
Executable |
The executable of each user activity. |
Included |
Included |
Screenshots |
All screenshots are taken for activities when triggered by an alarm. Please Note: Screenshots are disabled by default. Excluded when the Data Privacy Controls are turned on. |
Excluded |
Included |
Title |
Content of the title bar of the window containing each user activity. Excluded when the Data Privacy Controls are turned on. |
Excluded |
Included |
URL |
The full URL the user accessed for an activity in a browser. Excluded when the Data Privacy Controls are turned on. |
Shortened to Domain, excludes subpages |
Included |
ActivTrak continues to add robust privacy capabilities to its platform that safeguard users' sensitive and private data as well as comply with local and national regulations.
Learn More:
- The ActivTrak Difference: Privacy, Trust & Transparency
- Roles and Permissions for Access to Your ActivTrak Account
- The Screen Details Add-On
- How to Configure ActivTrak for GDPR Compliance
- How to Configure ActivTrak for CCPA Compliance
- How to Configure ActivTrak for HIPAA Compliance
- Data Privacy & Security Details
Was this article helpful?
4 out of 5 found this helpful
Comments
No comments