Data Collection Transparency Last updated June 2, 2026 · Desktop Connect

At Prodoscore, transparency is a core principle. We are explicit about what data Desktop Connect collects and what it does not. This article outlines the full data collection scope.

Always Collected (Default)

These data points are collected automatically on every device where Desktop Connect is installed:

  • Computer Name: The device's host name
  • Computer Timezone: Local time zone of the device
  • Logon Domain: Windows domain the device is joined to (if applicable)
  • Network ID (hashed): A hashed network identifier for tracking device sessions
  • Private IP Address: Local network IP
  • Public IP Address: Outbound IP address (for location and ISP information)
  • Session ID: Unique identifier for each work session
  • User Login Names: Windows username or macOS user account

Activity Data (Always Collected):

  • Date & Time: Timestamp of activity events
  • Application/Process Name: Which program was active (e.g., "chrome.exe", "Slack")
  • Application Usage Duration: How long each app was open or in focus
  • Keyboard Activity: Frequency and count of key presses (NOT the content of what was typed)
  • Mouse Activity: Frequency and count of mouse clicks
  • Window Title (Basic): The window title bar text (e.g., "Spreadsheet Title - Excel" — not the cell contents)

Optional Add-Ons (Requires Explicit Enablement)

The following data is collected only when an admin explicitly enables the feature. These are not enabled by default.

Screenshots (Requires Screen Details Add-On):

  • Periodic screenshots of the active window
  • Screenshot timestamp and activity level at time of capture
  • Full URL of active website (only when screenshots enabled)
  • Window title bar content (more detailed when screenshots enabled)
  • Screenshots are NOT captured when the device is locked or employee has punched out

Full URL (Requires Screen Details Add-On):

  • Complete URL of websites visited (domain + path + query parameters)
  • Without this add-on, only the domain is visible (e.g., google.com, not google.com/search?q=...)

Never Collected

The following data is explicitly excluded from collection:

  • Keystroke Content: The actual characters you typed, passwords, or message content
  • Video/Camera Feed: No access to webcam or camera
  • Audio/Microphone: No audio recording
  • Message Content: Private message text in Slack, Teams, email, Discord, or any other platform is never read or stored
  • Document Content: File contents, spreadsheet data, or document text is not scanned
  • Authentication Credentials: Passwords, API keys, tokens, or secret credentials are never captured

Data Storage & Security

Encryption in Transit: All data sent from the Desktop Connect agent to Prodoscore servers is encrypted via HTTPS (TLS 1.2+).

Encryption at Rest: All data stored in Prodoscore databases is encrypted at rest using industry-standard encryption (AES-256).

Infrastructure: Prodoscore operates on Google Cloud Platform (GCP) infrastructure, which maintains SOC 2 Type 2 certification and meets stringent security standards.

Data Retention: Your organization's data retention period is defined by your subscription tier. You can request deletion of data per GDPR and other applicable regulations.

Employee Access to Their Own Data

Every employee has a personal dashboard showing their own:

  • Attendance (punch times, shift compliance, breaks)
  • Productivity metrics (% time on productive vs. unproductive activities)
  • Activity summary (total active time, idle time)
  • Apps & URLs used
  • Wellness status (healthy/overburdened/underutilized)

Employees do NOT have access to other employees' data — only their own. This transparency reinforces trust and allows individuals to understand how they are measured.

No Surveillance Language: Prodoscore is not surveillance software. We measure work signals (app usage, activity levels) to provide Productivity Intelligence. We do not log what you type or read your private messages.