Privacy Policy

1. Introduction

TrackUA ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services. By using TrackUA, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect information you provide directly to us when you create an account, subscribe to a plan, or contact us. This includes your name, email address, company name, login credentials, and any communication preferences you set. We may also collect information automatically through your use of the service, such as browser type, IP address, and usage patterns, to improve performance and security.

Payment information: TrackUA does not store payment card numbers, CVV codes, expiry dates, or any raw payment credentials on its servers. All payment processing is handled exclusively by Stripe, a PCI DSS Level 1 certified provider. We receive only a secure token reference from Stripe to manage your subscription. You can review Stripe's privacy practices at stripe.com/privacy.

3. Employee Activity Data

When a company uses TrackUA to monitor employee activity, the agent installed on employee computers collects the following — and only the following:

What TrackUA tracks:

• Active time — total time during the work day where keyboard or mouse activity was detected.
• Idle (AFK) time — total time during the work day where no input was detected.
• Application usage — which application process was in the foreground and for how long. For example: chrome.exe 4 h 12 m, code.exe 3 h 05 m, slack.exe 1 h 20 m.

What TrackUA does NOT collect — under any circumstances:

• Keystrokes or typed content of any kind.
• Screenshots or screen recordings.
• Email content, chat messages, or any communication content.
• File names, document contents, or clipboard data.
• Browsing history, URLs, or web page content.
• Webcam or microphone input.

All activity data is transmitted encrypted (HTTPS/TLS) and stored securely on our servers. Only the company's authorised administrator accounts can access employee activity data — TrackUA staff do not access individual employee records except where required to investigate technical issues at the company's explicit request.

Data is retained based on a rolling window from today. For Free plan companies, activity data older than 7 days is permanently and automatically deleted from our servers every night — this is enforced at the infrastructure level, not just hidden from view. For Basic (31 days) and Premium (180 days) plans, data beyond the window is not shown in the dashboard but is retained on server for operational and support purposes. Administrators may also manually delete any employee's data at any time from the dashboard.

4. How We Use Your Information

We use the information we collect to provide, maintain, and improve the TrackUA service; to process transactions and send billing confirmations; to respond to support requests and technical inquiries; to detect and prevent fraudulent or abusive activity; and to comply with applicable legal obligations. We will only send promotional communications with your explicit consent, and you may opt out at any time.

5. Data Security

We implement industry-standard technical and organisational measures to protect your personal information. All data in transit is protected by SSL/TLS encryption. Activity files stored on our servers use AES-256 encryption at rest. We conduct regular security reviews and restrict access to personal data to authorised personnel only. While we take every reasonable precaution, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.

6. Data Sharing

We do not sell, trade, or rent your personal information to third parties. We may share information with service providers who assist us in operating our infrastructure and delivering the service — these providers are contractually bound to handle data only as directed by us and in accordance with applicable privacy laws. We may also disclose information when required to do so by law, court order, or governmental authority, or to protect the rights, property, or safety of TrackUA, our users, or the public.

7. Your Rights

Depending on your location, you may have rights under applicable data protection laws, including the right to access, correct, or delete your personal information; the right to restrict or object to certain processing; and the right to receive a portable copy of your data. To exercise any of these rights, or if you have concerns about how we handle your data, please contact us at the address below. We will respond to all requests within 30 days.

8. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please reach out to us at support@trackua.com. We are happy to clarify anything in this document or address any privacy concerns you may have.