LIVE SESSION

See what’s new in ActivTrak (and a sneak peek at what’s coming!) –  Register now →

A SECURE PLATFORM & PRIVACY-FIRST MINDSET

We’re serious about data privacy and security.

Activtrak provides privacy-first, data-driven insights with uncompromising security to measure and assess productivity and wellness with the employee in mind.

Contact salesRequest demo

Why Customers Trust ActivTrak

ActivTrak upholds the highest standards of data security, privacy and regulatory compliance. Our platform is designed to meet the needs of modern enterprises — balancing workforce visibility with employee rights and ethical use. We maintain rigorous safeguards, follow global compliance frameworks and provide full transparency to help customers meet their own governance requirements with confidence.

To learn more about security and privacy practices, visit the ActivTrak Trust Center.

Security awards

DATA PRIVACY

Forge higher levels of trust with employees

ActivTrak keeps your privacy and confidentiality safe without loss of any productivity insights. Determine the right configuration for your organization using our data privacy controls.

  • Data privacy by default protects employee privacy and personal data.
  • Privacy-first analytics excludes non-business activity details and sensitive data from reporting.
  • Privacy compliance support helps to ensure businesses are compliant with regulations like GDPR, CCPA and HIPAA.
  • Role access configuration protects confidentiality with customizable user permissions and settings.
  • Private personal insights enables employees to access their own personal work insights.
  • Email subscriptions provide visibility into reports and dashboards with a select audience while limiting data access.

SECURITY

Keep data safe and protected

We regularly — and rigorously — test our infrastructure and applications to isolate and remediate vulnerabilities and work with industry security teams and third-party specialists.

  • Reinforced data protection backed by SOC 2 Type 1 & 2 certifications and end-to-end data encryption.
  • Multiple layers of protection across a distributed infrastructure.
  • Audit logs enable detailed investigation & scrutiny of recorded activity.
  • Security alarms & domain blocking flag and prevent compliance violations.
  • Data recovery & retention policies provide complete control to all active account data.

Key Security Differentiators

Screenshot Management

  • Limited Collection: Only captures screenshots based on specifically-configured alarm conditions, giving you complete control over the data collected.
  • Optional Add-On Service: By default, ActivTrak does not take or retain screenshots. Our Screen Details feature is only available as an optional add-on purchase.

Enterprise-Grade Data Protection

  • Comprehensive Encryption: All customer data, including screenshots from the optional Screen Details feature, is protected with encryption both in transit (TLS) and at rest (AES) within our secure Google Cloud environment.
  • Private Storage Infrastructure: ActivTrak does not use public storage buckets for any customer data, protecting us from the vulnerabilities that lead to leaks and breaches.

Proactive Security Measures

  • Continuous Monitoring: ActivTrak actively monitors all storage environments for potential exposure of sensitive data and has established remediation processes to promptly address identified risks.
  • Responsible Disclosure Program: The ActivTrak security team maintains an open channel for security researchers to report potential vulnerabilities directly, enabling a rapid response to emerging threats.

Incident Readiness

  • Comprehensive Response Plan: ActivTrak maintains a defined and tested Incident Response Plan with clear guidelines for breach notification in the unlikely event of a security incident.
  • Regular Simulation Exercises: ActivTrak conducts scheduled incident response simulations to validate our team’s readiness and refine our security protocols.

Secured by Google Cloud Platform (GCP)

Data Collection

All account data encrypted on device, in transit and stored in a secure data center hosted by Google Cloud Platform (GCP)

  • Encrypted connection protocols include HTTPS and SSL/TLS.
  • Communication between ActivTrak and the agent uses HTTPS/TLS with AES-128 encryption.
  • Mutual authentication is provided by a digital certificate and per-instance shared key – created during deployment.

Data Storage

Data is encrypted at rest, using several layers of encryption to protect customer data in GCP.

  • Data stored in the cloud is stored using AES-256 encryption.
  • Data is automatically encrypted prior to being written to disk.
  • All data is split into discrete blocks which are encrypted.

Identity Authentication

ActivTrak complies with your authentication security standards and protocols.

  • Single sign-on (SSO) and multi-factor authentication (MFA) support.
  • When SSO or MFA is enabled, the user authentication process is delegated to identity providers that support the Security Assertion Markup Language (SAML) 2.0 standard.
  • Certified SSO for Okta, Entra ID, and OneLogin.

Recommended reading

Senior manager angry with younger employee, listening excuses in the office. Arms crossed
Blog

Monitoring Employees Is Not the Goal
BLOG

How ActivTrak Helps With Compliance
ARTICLE

What Data Does ActivTrak Collect?

Getting started is easy. Be up and running in minutes.

Get started free Request demo
Get started free Get started
Watch demo Watch demo