Revision 02/25/25
1. Scope of This Privacy Policy
This Privacy Policy applies to all WorkdayTracker users and all WorkdayTracker platforms and services, including our apps, websites, features, and any related offerings (collectively, the “WorkdayTracker Platform”).
By accessing or using the WorkdayTracker Platform, you acknowledge that you have been informed about our data collection, usage, and processing practices as described in this Privacy Policy.
When we mention “WorkdayTracker,” “we,” “our,” or “us”, we are referring to [Insert Legal Business Name], the owner and operator of the WorkdayTracker Platform.
1.1 Data Roles: Controller vs. Processor
WorkdayTracker acts as both a Controller and a Processor of personal data, depending on the circumstances:
• As a Data Controller: We decide the purposes for which and the means by which personal data is processed.
• Examples: Managing user accounts, security, billing, marketing, and research.
• As a Data Processor: We process personal data on behalf of our customers.
• Examples: When WorkdayTracker records activity data for a company’s employees or generates reports for a client.
Our responsibilities under privacy laws such as GDPR, CCPA, and other applicable regulations depend on whether we act as a Controller or a Processor.
2. The Information We Collect
When you use the WorkdayTracker Platform, we collect information from three primary sources:
• Information you provide directly
• Usage and device data generated through the WorkdayTracker Platform
• Information from third-party services
We may combine this information to improve our services, enhance security, and personalize your experience. Below are the types of information we collect:
A. Information You Provide to Us
Account Registration
When you create an account with WorkdayTracker, we collect the information you provide, including:
• Name
• Email address
• Profile photo (if uploaded)
• Payment information (collected only when charges are due)
For Pay-as-You-Go (PAYG) Customers:
• Payment details are not stored directly by WorkdayTracker but are securely processed by third-party payment providers to facilitate transactions.
• Payment is collected only for actual usage at the end of each billing cycle.
For Enterprise Users:
• If your employer provides access to WorkdayTracker, we may receive your account details from your company’s administrator.
Communications & Customer Support
When you contact us or we contact you, we collect:
• Messages and attachments you send (e.g., support inquiries, feedback).
• Responses to surveys, promotional campaigns, or research studies.
B. Information We Collect When You Use the Platform
Website Visitor Information
Like most websites, WorkdayTracker collects basic non-personally identifying information from website visitors, including:
• Browser type
• Language preferences
• Referring website
• Date and time of visit
This information is used to improve website performance, analyze visitor trends, and monitor security.
Device Information
We collect data about the devices you use to access WorkdayTracker, including:
• Device model and operating system version
• IP address
• Identity of carrier and manufacturer
• Application installations and settings
• Push notification tokens (if enabled)
Usage Data
WorkdayTracker collects detailed data about how and when you use the platform. Because recording is manually initiated by the user, the following data is collected only when recording is active:
• Time Tracking Data – When you start/stop recording, time worked, breaks.
• Tasks & Projects – If you associate time with specific projects or clients.
• Application & Website Usage – Names of applications used and websites visited while recording.
• Screen Recordings & Screenshots – Periodic captures of your active screen.
• Keystroke & Mouse Activity – WorkdayTracker does not track specific keystrokes or mouse clicks. Instead, we record the time between input activity (mouse or keyboard) to assess periods of engagement and inactivity. This helps provide insight into active versus idle time during a recording session.
Important: WorkdayTracker does not record any activity unless the user manually enables recording. The recording feature is not bound to work hours and operates based on the user’s discretion.
Cookies, Analytics & Third-Party Technologies
We use cookies, tracking pixels, and analytics tools to understand user behavior and optimize WorkdayTracker. These include:
• Google Analytics & Similar Tools – Helps us understand usage patterns.
• Cookies & Local Storage – Tracks user sessions and saves preferences.
C. Information We Collect from Third Parties
Third-Party Services
We may receive information from third-party services that support WorkdayTracker, including:
• Payment Processors – Transaction records, fraud detection data.
• Marketing & Advertising Platforms – Demographic insights, advertising engagement data.
• Enterprise Accounts – If your employer provides access to WorkdayTracker, we may collect basic user details (e.g., name, email) from your company.
Enterprise Programs
If you use WorkdayTracker through an employer or business account, we may receive:
• Your name and contact details
• Your role within the company
• Details about your assigned projects or contracts (if configured by your employer)
Enterprise Account Control:
• Employers determine tracking configurations (e.g., required time tracking, project assignments).
• WorkdayTracker does not control how employers use data collected through the platform.
• Disputes regarding data collection or tracking policies should be addressed between the employer and the user.
3. How We Use Your Information
We use your personal information to provide an efficient, secure, and valuable experience on the WorkdayTracker Platform. The ways we use your information depend on whether we act as a Controller (deciding how and why we process your data) or a Processor (processing data on behalf of a company or employer).
3.1 Providing the WorkdayTracker Platform
As a Controller, we use your personal information to:
• Verify your identity and maintain your account, settings, and preferences.
• Process Pay-as-You-Go (PAYG) payments based on actual usage at the end of each billing cycle.
• Communicate with you about your account, billing activity, and notifications.
• Collect feedback to improve WorkdayTracker’s features and services.
• Facilitate integrations with third-party platforms upon request.
As a Processor (on behalf of employers), we:
• Process recorded work activity data for employer-managed accounts.
• Generate reports based on recorded activity, including time logs, screen captures, and application usage data.
Important: WorkdayTracker does not control how employers use employee activity data. If you are using WorkdayTracker through an employer, your employer determines how this data is collected, processed, and shared.
3.2 Ensuring Security & Preventing Fraud
Providing a secure and safe experience is a priority. As a Controller, we use personal information to:
• Authenticate users and prevent unauthorized access.
• Detect and prevent fraud, security threats, or policy violations.
• Block and remove users who engage in unsafe or fraudulent activity.
3.3 Providing Customer Support
As a Processor (on behalf of customers), we use personal data to:
• Investigate and assist with technical issues, inquiries, or account-related concerns.
• Provide customer support via email, chat, or ticketing systems.
3.4 Improving the WorkdayTracker Platform
As a Controller, we use personal data to:
• Conduct research, testing, and analytics to enhance performance.
• Develop new products, features, partnerships, and services.
• Fix bugs, optimize software, and resolve hardware issues.
• Monitor and improve security practices, AI models, and data protection.
3.5 Marketing & Communications
If you have given explicit consent, we may:
• Send promotional emails about WorkdayTracker’s products, services, and offers.
• Share insights on productivity trends, software updates, and relevant industry news.
Opt-Out: You may unsubscribe from marketing communications at any time by using the “unsubscribe” option in our emails or updating your account preferences.
3.6 Legal Compliance & Regulatory Requirements
As a Controller, we may use your personal data to:
• Respond to legal requests from government authorities, law enforcement, or regulatory agencies.
• Comply with applicable laws, court orders, or legal processes.
• Defend against legal claims or exercise our legal rights.
Important: We only share personal information with authorities when legally required to do so. Where permitted, we will notify you before disclosing such information.
4. Lawful Basis
When WorkdayTracker processes personal information as a Controller under the EU General Data Protection Regulation (GDPR) and UK data protection legislation (UK GDPR), we are required to establish a lawful basis for processing. Below are the legal bases we rely on for different processing activities:
Purpose of Processing |
Lawful Basis |
To set up and operate accounts on the WorkdayTracker platform |
Legitimate Interests – It is in our legitimate interests to create and manage user accounts efficiently to enable platform access. Contractual Necessity – If a user is paying for services, we must process account details to provide access. |
For security and fraud prevention purposes |
Legitimate Interests & Legal Obligation – It is in our legitimate interests to maintain a safe platform and detect/prevent fraud. Additionally, we have a legal obligation to protect personal information from unauthorized access or misuse. |
To process Pay-as-You-Go payments |
Legitimate Interests & Contractual Necessity – It is in our legitimate interests to track usage and bill customers based on their actual recorded activity. Payment processing is necessary to fulfill our contractual obligation to provide services. |
To improve the WorkdayTracker platform |
Legitimate Interests – It is in our legitimate interests to conduct research, testing, and analysis to improve our platform and develop new features. |
For marketing purposes |
Consent – Where legally required, we rely on explicit user consent to send marketing communications. Legitimate Interests – Where consent is not legally required, it is in our legitimate interests to promote our products and services to grow our business. |
For legal purposes |
Legitimate Interests – It is in our legitimate interests to defend against legal claims, enforce our rights, and comply with contractual obligations. |
To respond to regulatory and government agency requests |
Legal Obligation – Where legally required, we will provide personal information in response to valid regulatory or government requests. In other cases, it may be in our legitimate interests to cooperate with authorities to protect WorkdayTracker’s interests. |
5. How We Share Your Information
WorkdayTracker does not sell your personal information. However, in order to operate our platform effectively, we may need to share certain information with:
• Your employer or manager(s)
• Third-party service providers
• Legal authorities (if required)
• Entities involved in a business transaction (e.g., mergers, acquisitions)
• Other third parties based on your explicit consent
This section explains when and why we share your data.
A. Sharing Between WorkdayTracker Users
Your Company & Managers
• Recorded data, including website and application usage, is shared with:
• Your company administrator
• Your manager(s) (if assigned by your company admin)
• Yourself (to review your own recorded activity)
• For Pay-as-You-Go billing: Employers and managers can only view activity data for agents who have recorded activity within the billing period.
• Screen Recording & Screenshot Monitoring:
• By default, WorkdayTracker tracks screen activity, application usage, and website visits when time tracking is enabled.
• Screenshot monitoring can be enabled or disabled by the company administrator for all or selected employees.
B. Sharing With Third-Party Service Providers for Business Purposes
We may share certain personal information with third-party service providers to enable WorkdayTracker to provide its services.
Categories of Information Shared
• Personal Identifiers – Name, email, address, phone number.
• Financial Information – Billing details, tax information, transaction history.
• Commercial Information – Purchase history, feedback, and account activity.
• Device & Network Data – IP address, browser type, operating system version, device identifiers.
• Usage-Based Billing Information – Active agent tracking data (i.e., whether an agent recorded activity during a given billing cycle).
Why We Share This Information
WorkdayTracker shares data with third-party service providers for:
• Maintaining and managing user accounts
• Processing Pay-as-You-Go payments based on actual agent activity
• Providing customer support services
• Verifying user identities and ensuring security
• Detecting and preventing fraudulent activity
• Marketing and advertising (for WorkdayTracker, not third parties)
• Analytics and performance tracking
• Research and product development
*Important: We only share the minimum necessary information required for each specific business purpose.
C. For Legal Reasons & To Protect WorkdayTracker
We may disclose personal information if legally required or when necessary to:
• Comply with applicable laws, regulations, or legal obligations.
• Respond to official legal processes (e.g., subpoenas, court orders, government requests).
• Enforce our Terms of Service and prevent fraud or abuse.
• Cooperate with law enforcement agencies when there is reasonable cause to believe a violation of the law has occurred.
• Protect WorkdayTracker’s rights, property, and interests or ensure the safety of users, third parties, or the public.
* Where permitted by law, we will notify you before disclosing your information to authorities.
D. In Connection with a Sale or Merger
If WorkdayTracker is involved in a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal information may be transferred to the acquiring entity. In such cases:
• We will continue to protect your personal information in accordance with this Privacy Policy.
• If a material change occurs in how your data is handled, we will notify you before your data is transferred and provide an opportunity to opt out (where applicable).
E. Upon Your Further Direction
We may share your personal information with third parties:
• At your request or with your explicit consent.
• When you enable integrations with external platforms (e.g., payroll or HR tools).
• When you use third-party authentication services (such as signing in via Google or Microsoft).
* You will always have control over whether to share your information with third-party services.
6. Overseas Transfers
6.1 Data Processing Location
All personal information collected through the WorkdayTracker platform is stored and processed within the United States.
6.2 Compliance with International Data Protection Laws
For users located outside the U.S., WorkdayTracker ensures that data transfers comply with applicable privacy regulations, including:
• GDPR (for EU/UK users) – Users acknowledge that their data is stored in a jurisdiction that may have different privacy laws than their country of residence.
• Other global data protection frameworks – Where applicable, we take appropriate security measures to protect personal data, including encryption, access controls, and contractual safeguards (e.g., Standard Contractual Clauses (SCCs) under GDPR).
Billing & Usage Data Transfers
• For Pay-as-You-Go billing, WorkdayTracker may transfer usage-based billing data (e.g., agent activity logs used for invoicing) to third-party payment processors.
• Such transfers are only for billing purposes and comply with applicable data protection laws.
6.3 User Rights & Data Requests
If you are located outside the U.S. and have concerns about international data transfers, you may contact us to:
• Request information about how your data is processed.
• Inquire about additional safeguards applied to your data.
7. How We Store and Protect Your Information
WorkdayTracker retains and protects your personal information for as long as necessary to provide services, process Pay-As-You-Go billing, and comply with legal obligations.
7.1 Data Retention
We retain personal information based on the following criteria:
Type of Data |
Retention Period |
Reason |
Account Information |
As long as the account remains active |
Necessary to provide access to the WorkdayTracker platform. |
Transactional Data (e.g., invoices, payments) |
At least seven (7) years |
Required for financial record-keeping and tax compliance |
Activity & Usage Data |
Retained while account is active |
Necessary for accurate billing and dispute resolution. |
Deleted Accounts |
Data is removed per the “Deleting Your Account” section |
Users may request deletion of their personal data |
Legal or Security-Related Data |
Retained as required by law |
Necessary to comply with legal, fraud prevention, and security requirements |
Inactive Accounts & Automatic Data Deletion
• If an account is inactive for an extended period, WorkdayTracker may delete or anonymize data in accordance with our Data Retention Policy.
• However, billing-related records (e.g., past invoices, recorded agent activity for billing) may be retained for compliance and financial reporting purposes.
Section: 7.2 Data Security Measures
WorkdayTracker implements industry-standard security measures to protect personal information, including billing-related data, from unauthorized access, alteration, or loss. These measures include:
• Encrypted Data Transfer (HTTPS) – All data transmitted between your device and our servers is encrypted using TLS/SSL encryption.
• Strong Password Management – Users must create strong, unique passwords and are encouraged to use password managers.
• Email Verification – Account creation requires email verification to ensure authenticity.
• Two-Factor Authentication (2FA) – WorkdayTracker supports 2FA for additional account security.
• Internal System Logging – WorkdayTracker monitors system activity, including billing-related activity tracking, to detect and prevent unauthorized access.
• Network & Infrastructure Security – We utilize firewalls, intrusion detection systems (IDS), and regular security audits to protect data.
• Physical Security – WorkdayTracker’s data centers and systems are hosted in secure facilities with controlled access.
7.3 Data Breach Response
While WorkdayTracker takes strong security precautions, no system is immune to potential security risks. In the event of a data breach, we will:
1. Investigate and contain the breach to prevent further impact.
2. Notify affected users as required by applicable laws.
3. Cooperate with authorities to address the breach.
5. Notify customers of potential impacts on billing-related data, if applicable, due to the breach.
8. Your Rights and Choices Regarding Your Data
WorkdayTracker provides users with the ability to access, modify, and delete their personal data, as well as exercise other rights that grant control over their information.
8.1 Rights for All Users
• Email Subscriptions – Users can unsubscribe from marketing and promotional emails by clicking “unsubscribe” in the email footer. However, WorkdayTracker will continue to send important service-related communications, such as account notifications and security alerts.
• Push Notifications – Users may disable push notifications through their device settings. Disabling notifications may affect certain platform functionalities.
• Profile Information – Users can review and edit their account details by logging into their WorkdayTracker profile.
• Cookie Tracking – Users may modify their cookie preferences through browser settings or WorkdayTracker’s Cookie Declaration. Restricting cookies may impact certain features of the platform.
• Do Not Track – Users can enable the “Do Not Track” setting in their web browser to opt out of certain third-party tracking. However, WorkdayTracker does not guarantee compliance with all Do Not Track requests, as industry standards continue to evolve.
• Deleting Your Account – Users who wish to delete their WorkdayTracker account must request deletion through their company administrator.
• Important: If there are any outstanding balances or unresolved billing-related issues, users may be required to resolve these matters before account data can be fully deleted.
• In some cases, WorkdayTracker may not be able to delete an account immediately, such as when the account is linked to an ongoing legal dispute, fraud investigation, or regulatory requirement. If WorkdayTracker retains any user data after an account deletion request, it will do so only for legitimate business purposes or as required by law.
8.2 Additional Rights for California Residents
California residents have specific rights under the California Consumer Privacy Act (CCPA), including the right to request access to or deletion of their personal information.
• Right to Know – California residents may request the following information about data collected within the past 12 months:
• Categories of personal information collected
• Sources of personal information
• Purpose of data collection
• Categories of third parties with whom data is shared
• Specific personal data collected
• Right to Delete – Users may request deletion of their personal data. However, WorkdayTracker may deny the request if the data is required to:
• Complete a transaction or fulfill a service
• Perform a contract
• Detect security incidents or fraud
• Comply with legal obligations
• Conduct public interest research
• Exercise legal claims or rights
• Note: If a user has outstanding balances or unresolved payment-related issues, WorkdayTracker may require that these matters be addressed before proceeding with the deletion request.
• Right to Non-Discrimination – WorkdayTracker will not discriminate against users who exercise their privacy rights under the CCPA.
• Response Timing and Format – WorkdayTracker aims to respond to access or deletion requests within 30 days. If an extension is needed, WorkdayTracker will provide notice.
California residents may submit requests by emailing WorkdayTracker at dataprivacy@workdaytracker.com. Requests must include the user’s full name and the reason for the request.
8.3 Additional Rights for Users in the European Union and United Kingdom
Under the General Data Protection Regulation (GDPR) and UK GDPR, users in the European Union and the United Kingdom have additional rights regarding their personal data:
• Right of Access – Users may request details about:
• The categories and specific data collected
• The purposes of data processing
• Third parties with whom data is shared
• Data retention periods
• The existence of automated decision-making, including profiling
• Right to Correct – Users may request correction of inaccurate or incomplete personal data.
• Right to Restrict Processing – Users may request restricted processing of their personal data under certain conditions, such as when data accuracy is contested or processing is unlawful.
• Right to Object – Users may object to the processing of their personal data for direct marketing purposes or in cases where processing is based on legitimate interests.
• Right to Data Portability – Users may request their personal data in a structured, commonly used, and machine-readable format. Note: Users with outstanding balances or unresolved payment-related matters may need to address these before proceeding with a data portability request.
• Right to Erasure (Right to be Forgotten) – Users may request deletion of their personal data under specific conditions, including when data is no longer necessary for its original purpose or when consent is withdrawn. Note: If a user has outstanding balances, WorkdayTracker may require that these matters be resolved before processing the deletion request.
• Right to Lodge a Complaint – Users may file a complaint with their local data protection authority if they believe their privacy rights have been violated.
• Response Timing and Format – WorkdayTracker aims to respond to GDPR-related requests within 30 days. If additional time is required, WorkdayTracker will provide an explanation for the delay.
EU and UK users may submit requests by contacting WorkdayTracker at dataprivacy@workdaytracker.com. Requests must include the user’s full name and the reason for the request.
9. Links to Third-Party Websites
The WorkdayTracker platform may contain links to third-party websites. These websites operate independently from WorkdayTracker and may have their own privacy policies and practices. WorkdayTracker is not responsible for the privacy policies, security measures, or data handling practices of any third-party websites.
Users are encouraged to review the privacy policies of any third-party websites they visit. Any interactions with third-party websites, including the provision of personal data, are at the user’s discretion. WorkdayTracker does not endorse or assume responsibility for the content, terms, or data processing activities of such websites.
10. Changes to This Privacy Policy
WorkdayTracker may update this Privacy Policy periodically to reflect changes in legal requirements, business practices, or platform functionality. Updates will be posted on WorkdayTracker’s website, and material changes will be communicated through the WorkdayTracker platform or via email.
The date of the last update will be displayed at the beginning of this Privacy Policy. Users are encouraged to review this Privacy Policy periodically to stay informed about how their information is collected, used, and protected.
Continued use of the WorkdayTracker platform after any modifications to this Privacy Policy constitutes acceptance of the updated terms.
11. Contact Us
For any questions, concerns, or requests regarding this Privacy Policy, including data access or alternative formats, users may contact WorkdayTracker through the following:
Email: dataprivacy@workdaytracker.com