Privacy Policy

This Privacy Policy explains how Spectosoft collects, uses, discloses, and protects information when you use our website, desktop agent, and cloud dashboard operated by Klizo Solutions Pvt. Ltd..

EffectiveMay 20, 2026
UpdatedMay 20, 2026
01

Scope of this Policy

Spectosoft is an employee monitoring and workforce analytics platform operated by Klizo Solutions Pvt. Ltd.. It is provided to organizations (employers/customers) for productivity measurement, security, and compliance. Depending on how the Service is deployed:

  • Customer administrators (e.g., HR, IT, managers) use the dashboard
  • End users (e.g., employees/contractors) may have activity recorded on company-managed devices
  • Visitors may access our website or documentation
02

Roles: Controller vs Processor

  • In most cases, the Customer acts as the Data Controller for end-user monitoring data.
  • We act as a Data Processor or Service Provider, processing data on the Customer's instructions.
  • For data we collect directly (e.g., account registration, billing, support), we may act as the Data Controller.
03

Information We Collect

The type of data collected depends on Customer configuration and enabled features.

A) Account & Organization Information

  • Name, email, phone number (if provided)
  • Organization name and identifiers
  • Login credentials (hashed passwords), authentication tokens, 2FA status
  • Roles and permission assignments

B) Device & Usage Information (Workplace Monitoring)

Depending on configuration:

  • Device identifiers, OS details, and desktop agent version
  • Application usage, active window titles, website/domain usage, session durations, and timestamps
  • Screenshots and/or session recordings (if enabled by the Customer)
  • Productivity profiles, activity rules, and categorized productive/neutral/unproductive time
  • Behavior policy matches and Threat Replay investigation metadata (if enabled)
  • Role-based access, organization settings, and audit logs of administrator actions

C) Job-Search / Resignation-Risk Monitoring (Special Notice)

If enabled by the Customer:

  • Only URL metadata (domain + path, optionally query/referrer) is collected
  • No page content is captured or stored
  • Customers are responsible for obtaining required employee notices/consents under applicable laws

D) AI Assistant & Analytics Queries (if enabled)

On plans that include AI features:

  • Natural-language questions submitted by authorized administrators
  • Tool responses derived from org-scoped activity and productivity data
  • We do not use Customer monitoring data to train public foundation models

E) Support & Communication Data

  • Support tickets, demo requests, and contact form submissions
  • Diagnostic logs shared voluntarily

F) Billing Information

We use Stripe for payment processing. We may collect:

  • Subscription plan, seat count, billing cycle
  • Stripe customer and subscription IDs

NoteWe do not store full payment card details. Stripe processes all payment data securely.

04

How We Use Information

We use data to:

  • Provide, operate, and maintain the Service
  • Authenticate users and manage access control
  • Generate dashboards, analytics, and reports
  • Process billing and subscriptions
  • Provide support and troubleshoot issues
  • Detect fraud, abuse, and security incidents
  • Comply with legal obligations
06

Sharing & Disclosure

We may share data with:

  • Service providers (hosting, email delivery, analytics, support tools)
  • Stripe (for payment processing)
  • Law enforcement or regulators when legally required
  • Customer administrators (for end-user monitoring data)

Important NoticeWe do not sell personal data.

07

Data Retention

Retention depends on Customer configuration and legal obligations:

  • Account and billing data retained as required for tax, audit, and legal obligations
  • Activity logs, screenshots, recordings, and analytics retained per Customer configuration
  • Organization administrators with appropriate permissions may purge monitoring data older than a configured period (for example, two months) when retention controls are enabled
  • Customers may request data export or deletion as per contractual terms; end-user requests for monitored data should be directed to the Customer as Data Controller
08

Security

We implement industry-standard safeguards, including:

  • Encryption in transit
  • Access controls and least-privilege policies
  • Logging and monitoring

However, no system is completely secure. Customers are responsible for securing their admin accounts and devices.

09

International Data Transfers

Customer Data may be stored and processed in data centers operated by our infrastructure providers. Where data crosses borders, we use appropriate safeguards such as standard contractual clauses or equivalent mechanisms required by applicable law.

Customers may contact us for information about primary processing regions relevant to their subscription.

10

User Rights & Customer Responsibilities

  • For monitored employee data, requests (access, correction, deletion) are handled by the Customer (Data Controller)
  • We assist Customers in fulfilling these requests as required
11

Children's Privacy

The Service is not intended for children and should not be used for individuals below the legally permitted age.

12

Policy Updates

We may update this Privacy Policy from time to time. Updates will be reflected in the "Last Updated" date and communicated where required.

13

Contact Information

Company
Klizo Solutions Pvt. Ltd.
Product
Spectosoft
Address
PS Abacus, Action Area IIE, New Town, Kolkata, West Bengal 700160, India