Built for Trust from Day One
WorkGraph is designed to understand workflows, not judge people. Privacy is not a feature we added — it is the foundation we built on.
Download Security WhitepaperWhat We Capture vs. What We Never Capture
Transparency is core to our approach. Here is exactly what the WorkGraph agent observes and what it is explicitly designed to never collect.
What We Capture
- Active application names
- Window titles (redacted)
- Document names (filtered)
- Time-stamped transitions
- Project/task context from integrations
What We Never Capture
- Screen recordings
- Keystroke logging
- Email/chat content
- Personal browsing
- Productivity scores
Six-Stage Redaction Pipeline
Every piece of data passes through six distinct privacy filters before it is stored or analyzed.
App Filter
Exclude non-work applications
URL Filter
Strip sensitive URL parameters
Field Detector
Identify PII/PHI fields
Content Filter
Remove sensitive content
Screenshot Redactor
Redact visual captures
Privacy Override
User-level privacy rules
Encryption & Isolation
Enterprise-grade encryption at every layer, with strict tenant isolation to protect your data.
AES-256 on Device
All data encrypted at the endpoint before it ever leaves the machine.
TLS 1.3 in Transit
Industry-leading transport encryption for all data movement.
AES-256 at Rest
Server-side encryption with customer-managed key options.
Multi-Tenant Isolation
Strict data partitioning ensures no cross-tenant data access.
User Controls
Every employee has full transparency and control over the data collected about their work.
Pause & Resume
One-click pause/resume collection at any time.
App Exclusions
Exclude specific applications from all data collection.
Mark as Private
Flag any time block as private to redact it permanently.
Review & Correct
Review captured data and correct misattributions.
Export & Delete
Export your data or request full deletion at any time.
Compliance & Certifications
We hold ourselves to the highest standards of compliance and third-party verification.
SOC 2 Type II
In ProgressGDPR
CompliantHIPAA-Capable
SupportedAI Governance
DocumentedData Subject Rights
WorkGraph fully supports GDPR data subject rights. Every individual whose data is processed has the following rights:
Ready to Review Our Security Posture?
Download our comprehensive security whitepaper or schedule a security review with our team.