WORKINVIGILATORWORKINVIGILATOR

PRIVACY POLICY

Effective Date: 12-02-2025

Last Updated: 24-09-2025

1. Introduction

Work Invigilator ("we," "us," "our," or "Company") operates an employee monitoring platform that verifies remote work through microphone presence detection, screenshot capture, and AI-based productivity analysis. This Privacy Policy explains how we collect, use, store, and protect personal data in compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act), the General Data Protection Regulation (GDPR), and applicable state and federal laws.

This policy applies to:

  • Organizational administrators and HR personnel ("Clients")
  • Monitored employees and contractors ("End Users")
  • Website visitors

We are committed to transparent data practices and respect for individual privacy rights while enabling legitimate workplace productivity verification.

2. Legal Basis for Processing

We process personal data under the following legal bases :

2.1 For GDPR Jurisdictions (EU/EEA/UK)

  • Legitimate Interest: Monitoring employee productivity, protecting company assets, ensuring work quality, preventing fraud, and maintaining operational efficiency
  • Contractual Necessity: Fulfilling employment agreements and service delivery obligations
  • Legal Obligation: Compliance with labor laws, tax obligations, and regulatory requirements
  • Consent: Where explicitly obtained for specific processing activities (e.g., optional analytics features)

2.2 For India (DPDP Act)

  • Consent: Valid, free, specific, informed, and unambiguous consent from Data Principals
  • Legitimate Purposes: As specified under exemptions in Section 7 of the DPDP Act for employment-related processing

2.3 For United States

  • Legitimate Business Purpose: Workforce management, productivity assessment, security, and compliance with labor laws
  • Notice and Consent: Where required by state-specific laws (e.g., California, Connecticut, Delaware)

3. Types of Personal Data Collected

3.1 Administrator/Client Data

  • Business contact information (name, email, phone, job title)
  • Company details (organization name, industry, size)
  • Billing information (payment method, invoicing address)
  • Account credentials (username, encrypted passwords, authentication tokens)
  • Usage analytics (dashboard access logs, feature utilization)

3.2 Monitored Employee Data

We collect the following categories of personal data from End Users :

Identity and Authentication Data:

  • Full name, employee ID, work email address
  • Department, role, reporting manager

Monitoring Data - Screenshots:

  • Timestamped screen captures (random and scheduled intervals)
  • Application titles and URLs visible on screen
  • Metadata (capture time, device ID, session ID)

Monitoring Data - Audio Streams:

  • Real-time microphone audio input (ambient sounds, conversations)
  • Audio presence indicators (voice activity detection)
  • Duration and frequency of audio events

Note: We do NOT record or store continuous audio files; we detect presence and analyze patterns only

Productivity Metrics:

  • Productivity scores (calculated percentage)
  • Focus time estimates
  • Activity variance patterns
  • Idle time detection
  • Session duration and continuity

Technical Data:

  • Operating system and version
  • Browser type and version
  • Extension installation status
  • Network connectivity status

Location Data:

  • IP-based approximate location
  • Timezone information

3.3 Sensitive Personal Data

Under the DPDP Act and GDPR, certain data categories require heightened protection :

  • Audio recordings may inadvertently capture health information, biometric voice patterns, or private conversations
  • Screenshots may contain sensitive documents, financial information, or personal communications
  • We implement strict access controls and do not intentionally collect sensitive personal data

4. How We Collect Data

Direct Collection:

  • Administrator account registration and setup
  • Employee consent forms and onboarding
  • Chrome extension installation
  • Desktop software installation
  • Manual data uploads

Automated Collection:

  • Real-time monitoring through installed agents
  • Screenshot capture modules
  • Microphone presence detection systems
  • Browser and system activity tracking

Third-Party Sources:

  • Single Sign-On (SSO) providers (Google Workspace, Microsoft Azure AD)
  • Payment processors (Stripe, Razorpay)
  • Cloud infrastructure providers (Cloudflare, AWS)

5. Purpose and Use of Personal Data

We use collected data for the following purposes :

5.1 Primary Business Purposes

  • Work Verification: Confirming employee presence and active work during scheduled hours
  • Productivity Assessment: productivity scores and focus time metrics
  • Performance Management: Providing data for performance reviews and workforce optimization
  • Audit and Compliance: Maintaining records for labor law compliance and internal audits
  • Fraud Prevention: Detecting time theft, unauthorized system access, or policy violations

5.2 Service Delivery

  • Platform authentication and access control
  • Dashboard and reporting functionality
  • Customer support and troubleshooting
  • Billing and payment processing

5.3 Legal and Regulatory

  • Responding to legal requests (subpoenas, court orders)
  • Enforcing Terms of Service and Acceptable Use Policy
  • Investigating suspected violations or security incidents

5.4 Product Improvement

  • Anonymized analytics for feature development
  • Aggregate trend analysis (with identifiable data removed)
  • AI model training and optimization (using de-identified datasets)

We do NOT use monitoring data for:

  • Selling or renting to third parties
  • Targeted advertising
  • Discriminatory employment decisions based solely on automated processing

6. Data Sharing and Disclosure

6.1 Internal Access

Monitoring data is accessible only to :

  • Authorized administrators within the Client organization (role-based access)
  • Work Invigilator technical support (only with explicit Client authorization)
  • Work Invigilator security team (for incident response)

6.2 Third-Party Service Providers

We share data with vetted processors who assist in :

  • Cloud Hosting: Cloudflare Pages, AWS (data storage and delivery)
  • Payment Processing: Stripe, Razorpay (billing only)
  • Communication: Email service providers (transactional emails)
  • Analytics: Privacy-focused analytics tools (anonymized data only)

All processors are bound by Data Processing Agreements (DPAs) meeting GDPR Article 28 and DPDP Act requirements.

6.3 Legal Obligations

We may disclose data when required by :

  • Court orders, subpoenas, or legal processes
  • Government investigations (with legal basis)
  • Protection of legal rights, safety, or property
  • Enforcement of agreements

6.4 Business Transfers

In the event of merger, acquisition, or sale, personal data may be transferred to the successor entity, subject to this Privacy Policy.

7. Cross-Border Data Transfers

7.1 International Operations

Work Invigilator operates globally with infrastructure in India, United States, and European Union.

7.2 Transfer Mechanisms

From India:

The DPDP Act permits cross-border transfers to all countries except those blacklisted by the Central Government. We monitor government notifications and restrict transfers accordingly. For transfers to the EU/US, we implement Standard Contractual Clauses (SCCs) where required.

From EU/EEA:

We rely on :

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions (where applicable)
  • Binding Corporate Rules (for intra-group transfers)

Note: The EU has not granted adequacy status to India. EU-to-India transfers are protected by SCCs and supplementary security measures.

7.3 Significant Data Fiduciary Obligations

If designated as a Significant Data Fiduciary under DPDP Rules, we will implement additional restrictions on cross-border transfers of government-specified data categories.

8. Data Retention and Deletion

8.1 Retention Periods

We retain personal data only as long as necessary for legitimate business purposes :

Data CategoryRetention PeriodJustification
Screenshot data90 daysProductivity verification and dispute resolution
Audio presence logs90 daysWork verification records
Productivity scores12 monthsPerformance trend analysis
Audit logs (admin actions)3 yearsSecurity investigations and compliance
Account informationDuration of contract + 7 yearsTax and legal obligations
Billing records7 yearsFinancial compliance requirements

8.2 Secure Deletion

Upon retention period expiry or deletion request approval :

  • Data is permanently erased using secure deletion methods
  • Backups are purged within 30 days
  • Aggregated/anonymized data may be retained indefinitely

8.3 Client-Controlled Deletion

Administrators can delete specific employee monitoring data through the dashboard before automatic expiry.

9. Data Security Measures

We implement industry-standard technical and organizational measures :

9.1 Technical Safeguards

  • Encryption in Transit: TLS 1.3 for all data transmission
  • Encryption at Rest: AES-256 encryption for stored data
  • Access Controls: Role-based access with multi-factor authentication
  • Network Security: Firewalls, intrusion detection systems, DDoS protection
  • Secure Development: Code reviews, vulnerability scanning, penetration testing

9.2 Organizational Safeguards

  • Background checks for employees with data access
  • Confidentiality agreements and training programs
  • Incident response and breach notification procedures
  • Regular security audits and compliance assessments

9.3 Audio Streaming Security

  • Microphone access limited to admin-authorized listeners
  • Real-time streaming without persistent storage (except metadata)
  • Visible on-screen indicators for monitored employees
  • Encrypted audio channels with authentication

10. Employee Rights and Choices

10.1 Rights Under GDPR (EU/EEA/UK)

Monitored employees have the right to :

  • Access: Obtain copies of personal data we hold
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion ("right to be forgotten") under specific conditions
  • Restriction: Limit processing in certain circumstances
  • Portability: Receive data in machine-readable format
  • Object: Object to processing based on legitimate interests
  • Automated Decision-Making: Not be subject to solely automated decisions with legal effects

10.2 Rights Under DPDP Act (India)

Data Principals have the right to :

  • Access and Correction: Request access to and correction of personal data
  • Erasure and Data Portability: Request deletion and data portability (where technically feasible)
  • Grievance Redressal: File complaints with our Grievance Officer or the Data Protection Board
  • Nominate: Designate a representative to exercise rights in case of death or incapacity
  • Withdrawal of Consent: Withdraw consent for processing (may affect service availability)

Response Time: Within timeline specified by DPDP Rules (typically 30-45 days).

10.3 Rights Under US State Laws

Where applicable (California CPRA, Virginia CDPA, etc.) :

  • Right to know what personal information is collected
  • Right to deletion
  • Right to opt-out of sale (we do not sell data)
  • Right to non-discrimination for exercising rights

10.4 Limitations on Rights

Rights may be limited where :

  • Disclosure would reveal trade secrets
  • Processing is necessary for legal compliance
  • Exercise would infringe rights of others
  • Data is required for ongoing litigation

11. Consent and Transparency for End Users

12.1 Notice Requirements

Before monitoring begins, employees receive :

  • Written Notice: Clear explanation of monitoring scope, purpose, and duration
  • Consent Form: Explicit consent for audio monitoring (required in all-party consent jurisdictions)
  • Policy Acknowledgment: Confirmation of Privacy Policy and Monitoring Policy review
  • On-Screen Indicators: Visible alerts when monitoring is active (browser extension icon, system tray notification)

13.2 Consent Standards

For Audio Monitoring: Explicit, written consent obtained separately from general employment terms. Employees can view consent status and have the option to withdraw (may result in alternative work arrangements).

For Screenshot Monitoring: Notice-based approach with employment agreement acknowledgment.

Consent is:

  • Freely given (not coerced)
  • Specific (clearly defined scope)
  • Informed (full disclosure provided)
  • Unambiguous (affirmative action required)
  • Revocable (can be withdrawn with reasonable notice)

13.3 Reasonable Expectation of Privacy

We respect areas where employees have reasonable privacy expectations :

  • Monitoring occurs only during work hours on work devices
  • No monitoring in designated break areas (unless security-justified)
  • No monitoring of personal devices (BYOD requires explicit consent)
  • Employees are notified before monitoring sessions

14. Children's Privacy

Work Invigilator does not knowingly collect data from individuals under 18 years of age. Our services are intended for business use only. If we discover data from minors has been inadvertently collected, we will delete it immediately.

15. Cookies and Tracking Technologies

15.1 Types of Cookies Used

Our website and dashboard use :

  • Essential Cookies: Authentication, session management, security (cannot be disabled)
  • Functional Cookies: Preference storage, language selection
  • Analytics Cookies: Anonymized usage statistics (Google Analytics with IP masking)

We do NOT use:

  • Advertising/tracking cookies
  • Third-party behavioral tracking

15.2 Cookie Management

Users can control cookies through browser settings. See our Cookie Policy for detailed information.

16. Data Breach Notification

16.1 Incident Response

In the event of a data breach affecting personal data :

  • Within 72 hours (GDPR): Notify relevant supervisory authorities if breach poses risk to rights and freedoms.
  • Without Undue Delay (DPDP Act): Notify affected Data Principals and Data Protection Board as per rules.

Notification includes:

  • Nature of the breach
  • Categories and approximate number of affected individuals
  • Likely consequences
  • Measures taken to mitigate harm
  • Contact point for further information

16.2 Client Notification

Affected Clients (administrators) are notified separately within 24 hours with incident details and remediation steps.

17. Third-Party Links and Integrations

Our platform may contain links to third-party services (SSO providers, payment processors). We are not responsible for their privacy practices. Review their privacy policies before providing data.

18. Changes to This Privacy Policy

We may update this Privacy Policy to reflect :

  • Changes in legal requirements
  • New features or services
  • Feedback from regulators or users

Notification: Material changes will be announced via:

  • Email to registered administrators
  • Prominent dashboard notice
  • Updated "Last Revised" date at top of policy

Continued use after changes constitutes acceptance. For significant changes, we may require re-consent.

19. Dispute Resolution and Complaints

19.1 Internal Grievance

Contact our Grievance Officer at grievance@workinvigilator.com. We investigate and respond within 30 days.

19.2 Regulatory Complaints

India (DPDP Act):

  • Data Protection Board of India
  • [Contact details when established]

EU/EEA (GDPR):

  • Your local supervisory authority (list: https://edpb.europa.eu/about-edpb)

United States:

  • State Attorney General (for state privacy laws)
  • Federal Trade Commission www.ftc.gov

19.3 Arbitration

Where permitted by law, disputes may be resolved through binding arbitration as specified in our Terms of Service.

20. Business-Specific Provisions

20.1 Data Processing Addendum (DPA)

Enterprise clients can execute a separate DPA meeting GDPR Article 28 requirements. .

20.2 Acceptable Use

Clients must ensure compliance with our Acceptable Use Policy, prohibiting :

  • Monitoring in unlawful jurisdictions without proper consent
  • Discriminatory use of monitoring data
  • Excessive or disproportionate surveillance
  • Monitoring protected activities (union organizing, whistleblowing)

21. Jurisdiction-Specific Disclosures

21.1 California Residents (CPRA)

  • Sale of Data: We do not sell personal information
  • Sharing: We share data with service providers under contracts
  • Sensitive Data: Audio and screenshots may contain sensitive personal information; we limit use to disclosed purposes
  • Right to Opt-Out: Email

21.2 Connecticut, Virginia, Colorado Residents

Similar rights to California residents regarding access, deletion, and opt-out.

21.3 India Residents

Additional rights under DPDP Act described in Section 11.2.

22. Acknowledgment and Consent

By using Work Invigilator services:

  • Administrators acknowledge responsibility for obtaining valid employee consent
  • Monitored employees confirm receipt of this Privacy Policy and Monitoring Notice
  • All parties agree to data processing as described herein