WorkTracker › Privacy
Privacy at WorkTracker
WorkTracker exists to collect your workday — which means it is, by design, in contact with sensitive data: your email, your chat messages, your calendar. This page explains exactly how that data is handled, what is stored, who can see what, and the controls you have. We would rather be transparent than vague.
Contents are analyzed, not stored
- Email bodies, chat messages and DMs are fetched transiently — held in memory for the moment the AI writes a one-line summary, then discarded. WorkTracker stores the summary, the subject/participants, and a reference — never the content.
- Connector credentials are encrypted at rest with AES-256-GCM and are never shown again or returned by any API.
- "Never track" rules and per-item hiding exclude an item from every total, report and AI analysis.
The AI privacy filter
Every AI analysis runs behind a server-wide privacy filter that instructs the model to dismiss and remove private meetings and messages with sexual, criminal, clearly personal or drug-related topics, as well as anything about an employee’s future (hiring, dismissal, promotion, performance) or the economic situation of a company or an individual. Dismissed content must never be mentioned, quoted, summarized or hinted at. Every user can append their own filter rules under Profile — they are added on top of the global filter for all analyses of that user’s content.
Bring your own AI — and verify us
Every user chooses the AI that reads their content: OpenAI, Anthropic, Google Gemini, or any OpenAI-compatible endpoint you host yourself (such as Ollama). With a self-hosted model, content analysis never leaves hardware you control — and you can log and inspect exactly what gets sent, prompts and filters included. We consider this the strongest transparency guarantee we can offer: you do not have to trust our description of the analysis, you can watch it.
Who sees what
- You see all of your own work items and summaries.
- Company administrators can never see your private, untracked work items. Only time you explicitly tracked (timed entries you added or pushed) appears in company reports and is visible to and analyzable by the administrators of that company.
- Maintainers and support personnel cannot see your private work items either — access requires an explicit grant from you (for example during a support case you open).
- Your personal data (connections, events, summaries) belongs to your user account and follows you across companies; it is never merged into another company’s view.
Where your data lives
All data is stored on secure, encrypted storage in a datacenter in Sweden, operated with minimal access by a small team of server operators. Backups are encrypted. Credentials are additionally encrypted at the application layer, so storage access alone does not expose them.
Questions
Privacy questions or an access/deletion request? Contact us at itcm.se — we answer as the humans operating the service, not a form letter.
Try WorkTracker free for 7 days
Connect your tools and see your whole workday collected and summarized. No card required.
Create your company