Security & Data Protection
HiveDesk uses enterprise-grade security practices to protect your workforce data. AES-256 encryption, AWS infrastructure, GDPR compliance, and role-based access controls.
How We Protect Your Data
Security is built into every layer of HiveDesk, from data encryption to access controls.
AES-256 Encryption
All data is encrypted at rest using AES-256 and in transit using TLS 1.2+. This includes timesheets, screenshots, activity data, and personal information.
AWS Infrastructure
Hosted on Amazon Web Services with enterprise-grade physical security, redundancy, and environmental controls at AWS data centers.
GDPR Compliance
Full GDPR compliance with data transparency, export and deletion support, privacy controls, and work-related data collection only during business hours.
Role-Based Access Control
Granular permissions so managers only see their team's data. Administrators control data collection settings and access levels.
Secure Payments
Payment processing handled by Chargebee (PCI DSS compliant). Credit card details are never stored on HiveDesk servers.
Employee Transparency
Employees see their own tracking data, activity levels, and screenshots. They know when tracking is active and what data is collected.
Compliance & Certifications
Transparency about what we do and don't have.
What We Have
- GDPR compliance with data transparency and deletion support
- AES-256 encryption at rest and TLS 1.2+ in transit
- AWS infrastructure with enterprise-grade physical security
- PCI DSS compliant payment processing via Chargebee
- Role-based access controls and privacy settings
What We Don't Have
- SOC 2 certification
- ISO 27001 certification
- HIPAA certification
- PCI DSS certification (payments delegated to Chargebee)
- Specific uptime SLA guarantee
What Data We Collect
HiveDesk only collects work-related data during active tracking sessions.
Time Records
Clock-in/out times, hours worked, and break times logged by employees.
Activity Levels
Keyboard and mouse activity percentages during tracked work sessions.
Screenshots
Periodic screenshots during active tracking. Frequency is configurable by administrators.
Project Data
Task assignments, project hours, and timesheet records for reporting.
Security FAQ
Common questions about HiveDesk security and data protection.
HiveDesk is GDPR compliant and follows enterprise-grade security practices. We do not currently hold SOC 2, ISO 27001, HIPAA, or PCI DSS certifications. Payment processing is handled by Chargebee, which is PCI DSS compliant.
All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption. This applies to all workforce data including timesheets, screenshots, and activity records.
HiveDesk is hosted on Amazon Web Services (AWS) infrastructure. AWS data centers provide physical security, redundancy, and environmental controls.
HiveDesk is fully GDPR compliant. We provide data transparency to employees, support data export and deletion requests, and only collect work-related data during business hours. Administrators have privacy controls to configure screenshot frequency and monitoring settings.
Access is controlled through role-based permissions. Managers can only see data for their assigned teams. Administrators can configure what data is collected and who can access it. Employees can view their own time tracking and activity data.
Screenshots are taken periodically during active time tracking sessions. Screenshot frequency is configurable by administrators. Screenshots are stored encrypted on AWS and are accessible only to authorized managers through the web dashboard.
Yes. HiveDesk operates transparently. Employees can see their own time tracking data, activity levels, and screenshots. They know when tracking is active and can see what data is being collected.
HiveDesk does not store credit card information directly. All payment processing is handled by Chargebee, a PCI DSS compliant payment platform. Card details are never transmitted to or stored on HiveDesk servers.
Ready to Get Started?
Try HiveDesk free for 14 days. Your data is encrypted, GDPR compliant, and hosted on AWS. $5/user/month, no credit card required.