Privacy Policy

Xentracker is an enterprise activity tracking solution used by organizations to monitor application and web usage. It combines a secure, cloud-based SaaS platform with a desktop client application for local activity tracking and, optionally, a Chrome or Edge browser extension to provide insight into device and browser activity on organization-managed devices.

This privacy policy outlines what data is collected, how it is processed, and how access is controlled.

1. What Data We Collect

Xentracker collects usage data from devices authorized by the organization. This includes:

Desktop and UWP applications and time spent
Websites visited (URLs) and time spent

Xentracker does not collect personal content such as passwords, form inputs, or typed text. It also does not record activity inside applications or websites, such as keystrokes or screen captures.

2. How the Data Is Collected

Data is collected through a combination of:

A locally installed desktop client application, which runs as a visible system tray application on managed Windows devices
An optional Chrome or Edge extension, which captures browser-specific activity

Browser data is sent locally to the Xentracker desktop client over a loopback connection (e.g., http://127.0.0.1). This local communication does not leave the device and does not require internet access. No data is transmitted externally from the extension.

Application and browser data are encrypted and securely transmitted by the desktop client to your organization’s Xentracker cloud platform using HTTPS.

3. How the Data Is Used

Collected data is forwarded to your organization’s Xentracker platform and may be used to:

Helping IT teams understand how applications and websites are used across the organization
Identifying unused software to optimize licenses and reduce unnecessary costs
Tracking application adoption to support onboarding and training efforts
Providing usage data to support informed IT planning and decision-making

Data is never sold or shared with third parties outside the licensed organization.

4. Data Controller and Access

The data controller is the organization that has deployed Xentracker. Only authorized personnel within that organization (e.g., IT administrators) can access the data using secure login credentials through the Xentracker portal.

5. Data Storage and Security

Xentracker stores all organizational data in secure Supabase-managed data centers located in Stockholm, Sweden (within the European Economic Area). Industry best practices are followed to protect data against unauthorized access, loss, or tampering.

6. User Access

Users of devices where Xentracker is installed may request access to view the data collected about them by contacting their organization’s IT administrator. Privacy-related questions should also be directed to the organization’s designated data contact.

7. Chrome/Edge Extension Disclosure

Xentracker includes an optional Chrome or Edge extension for organizations that wish to track browser activity. The extension is strictly intended for enterprise use and only functions on devices authorized and managed by the organization. It does not collect or transmit any data without the local desktop client.

8. Contact Information

If you have questions about this policy or how data is handled, please contact your organization’s IT administrator or reach out to us at:
📧 support@xentracker.com

Note: Xentracker is designed for organizational use only. It should only be installed and used on devices managed by your employer or IT department.