Privacy Policy

1. Who We Are

WorkPulse ("we," "us," "our") operates the WorkPulse platform — a cloud-hosted activity monitoring service for remote teams. This policy explains how we collect, use, store, and protect personal data when you use our website, dashboard, or desktop agent.

For employee and workforce monitoring data, the customer organization is the data controller and WorkPulse acts as a data processor on its behalf — see our Data Processing Agreement. For account, billing, and website data, WorkPulse is the controller.

2. Data We Collect

Account Data

When you sign up, we collect:

• Full name, email address, and password (hashed with bcrypt)
• Organization name and billing information
• Role within your organization (owner, admin, supervisor, agent)

Activity Data (via Desktop Agent)

When the agent is installed on an employee's device, it collects:

• Input metrics: keystroke count, mouse click count, scroll count, mouse distance (not the content typed or clicked)
• Screenshots: periodic screen captures at intervals configured by the organization
• Window sessions: active app name, window title, URL (from supported browsers), and duration
• Shift data: check-in/check-out timestamps, break start/end times
• Webcam snapshots and screen recordings: only when enabled by the organization
• Device fingerprint: a SHA-256 hash of MAC address, OS serial number, and hostname — used to identify the device for registration and billing. The raw values are not transmitted or stored.

What we avoid collecting: we do not intentionally collect file contents, personal messages, or passwords, and we do not track browsing history outside active work sessions or any data from personal devices unless the agent is installed. When screenshot blurring is enabled, the agent automatically blurs a screenshot while a sensitive application or website (such as a password manager or banking site) is in focus. This is a best-effort, pattern-based safeguard and may not detect every sensitive context. Because screenshots otherwise capture whatever is visible on the screen, sensitive content — such as open documents, messages, or credentials — may still be captured incidentally. Organizations control how often screenshots are taken, can enable blurring, and can disable screenshots entirely.

Biometric Data

Where an organization enables webcam snapshots, WorkPulse stores them as ordinary images. WorkPulse does not perform facial recognition and does not derive, generate, or store facial geometry or other biometric identifiers or biometric information from them. We will not introduce biometric processing without updating this policy and providing the separate notice and consent that laws such as the Illinois Biometric Information Privacy Act (BIPA) require.

Technical Data

• IP address, user agent, operating system, device type
• Session tokens and authentication logs
• Error logs and crash reports
• Device registration codes and device status (online/offline)

3. How We Use Your Data

• Provide the service: display activity dashboards, generate productivity reports, manage shifts and teams
• Authenticate and authorize: verify identity, enforce role-based access
• Billing: process payments, generate invoices, manage subscriptions (via LemonSqueezy)
• Security: detect anomalies, enforce tamper protection, maintain audit logs
• Communications: send transactional emails (password resets, payment confirmations, invitations)

We do not sell, rent, or share personal data with third parties for advertising purposes.

4. Data Storage and Security

• Encryption in transit: all data is transmitted over TLS 1.2+
• Encryption at rest: local agent data is encrypted with AES-256-GCM, keys stored in the OS keychain (macOS Keychain)
• Screenshots and media: stored in Cloudflare R2 object storage with server-side encryption (AES-256), accessed through authenticated API requests using short-lived signed URLs
• Passwords: hashed with bcrypt, never stored in plain text
• Audit trail: all administrative actions are logged in an immutable audit log

5. Data Retention

Activity data (screenshots, heartbeats, sessions, shift records) is retained for 90 days by default. Organizations can configure retention in their settings:

• 90 days — included in all plans
• 6 months — available as a paid add-on
• 1 year — available as a paid add-on
• Unlimited — available as a paid add-on

When the retention period expires, data is permanently deleted by an automated daily cleanup process. S3 objects (screenshots, recordings) are deleted alongside their database records.

Exempt from retention: audit logs and agent security events are never deleted, as they are required for compliance and security forensics.

Account data is retained for the duration of the subscription plus 30 days after cancellation.

6. Data Sharing

We share data only with:

• Your organization's administrators and supervisors: they can view activity data for employees in their organization as permitted by their role
• Service providers: LemonSqueezy (billing), Resend (transactional email), Hostinger (hosting), Cloudflare R2 (media storage) — all under data processing agreements
• Law enforcement: only when required by valid legal process (subpoena, court order)

7. Employee Transparency

By default, WorkPulse includes an onboarding wizard that informs employees about what is being monitored, a consent screen with versioned acceptance tracking, and a real-time status window. Organizations may enable silent (invisible) mode — in that case, employees may not be aware of monitoring. It is the organization's responsibility to comply with local employment laws regarding disclosure.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your data ("right to be forgotten") — note: deletion is subject to the organization's configured retention policy. Audit logs cannot be deleted for compliance reasons.
• Export your data in a portable format
• Object to processing or restrict how we use your data

To exercise any of these rights, contact us at privacy@getworkpulse.io.

9. Cookies

Our website uses only essential cookies for authentication (session cookies via BetterAuth). We do not use advertising, tracking, or third-party analytics cookies. If we add analytics in the future, we will use a privacy-friendly, cookie-free solution (such as Plausible or Umami). See our Cookie Policy for details.

10. Children's Privacy

WorkPulse is not intended for use by individuals under 18 years of age. We do not knowingly collect data from minors.

11. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email to account owners. The "Last updated" date at the top reflects the most recent revision.

12. Contact

For privacy questions or data requests, contact us at:
privacy@getworkpulse.io