PProdView
Sign in Start free trial
Legal

Privacy Policy

Last updated · May 16, 2026 v3.1 Diff vs. v3.0
↳ The short version

ProdView only collects what we need to give managers a useful view of their team — and the person being measured can always see the same view. We don't sell data. We don't keep it longer than you tell us to. You can export or delete it any time.

1 · Who this applies to

This Privacy Policy applies to the marketing pages on prodview.app and the ProdView product (the "Service") operated by ProdView, Inc. ("ProdView," "we," "our"). When you visit our site, sign up for a trial, or work for an organisation that deploys our agent, this is how we handle your information.

If you are an employee at a customer organisation, your employer is the controller of your workplace data and ProdView is a processor — see the Data Processing Addendum for the legal mechanics. This policy still tells you what we do with that data on their behalf.

2 · What we collect

From visitors to our website

  • IP address, user agent, referrer — for security and basic traffic analytics.
  • Email address — only if you give it to us (newsletter, trial sign-up, sales contact).
  • Cookies — strictly first-party. We don't run third-party trackers. See § 8.

From customers (admins)

  • Account info — name, work email, role, billing details.
  • Configuration — policy choices, taxonomy overrides, integration credentials (encrypted).
  • Audit log — every admin action, signed and append-only.

From the ProdView agent (workplace data)

The agent emits only what the data manifest says it emits — see the manifest for the explicit list. In summary:

  • Yes: active minutes, foreground app + category, top-level domain, device health.
  • Never: keystrokes, screen contents, message bodies, file contents, camera, microphone.

3 · How we use it

  • To provide the Service — render the dashboard, deliver alerts, fulfil API requests.
  • To bill you (or your employer) and prevent fraud.
  • To answer your support requests.
  • To improve the Service in aggregate (anonymised). We use product analytics on the marketing site only — never on the product itself.
  • To send transactional emails (receipts, security alerts) and, with opt-in only, our weekly newsletter.

4 · Who we share data with

We share data with subprocessors — third parties that process customer data on our behalf. The complete list is published at /security and includes Amazon Web Services (infrastructure), Cloudflare (edge), Stripe (billing), and a small number of others.

We do not sell personal information. We do not share data with advertisers. We do not run ad-tech pixels on prodview.app.

We will disclose data in response to a valid legal process. If we receive a government request, we notify the affected customer unless legally prohibited.

5 · Retention

Default retention is 14 months. Customers can configure shorter retention via policy. Enterprise customers can configure longer retention for audit log only (up to 7 years).

If you cancel your account, we keep your data for 30 days then permanently delete it. Billing records are kept for 7 years (tax law).

6 · Security

We hold SOC 2 Type II and ISO 27001 certifications. Encryption at rest is AES-256-GCM with per-tenant keys; in transit is TLS 1.3 only. See the Security Center for the full posture.

We don't keep what we don't need. The data manifest is the canonical list — published, signed, auditable.

7 · Your rights

Depending on where you live, you have some or all of these rights:

  • Access — see what we have about you. Every employee has a built-in "My ProdView" view that exposes everything we collect from their device.
  • Portability — export your data in CSV or Parquet.
  • Correction — fix anything inaccurate.
  • Deletion — ask us to delete your data (subject to your employer's retention policy if applicable).
  • Restriction / objection — limit how we process your data.

To exercise any of these, email privacy@prodview.app. We respond within 30 days.

8 · Cookies

We use strictly necessary first-party cookies — for session, CSRF, and theme preference. We don't run third-party analytics, ad networks, or session replay. If we ever change this, it will be the lead change in a new version of this policy with 30 days notice.

9 · Children

The Service is not directed to anyone under 16. We don't knowingly collect data from children. If you believe we have, email privacy@prodview.app and we'll delete it.

10 · International transfers

Your data lives in the region you choose at provisioning — US, EU, or APAC. We do not move data across regions without your explicit configuration. For EU customers, we rely on Standard Contractual Clauses as the legal basis for any transfers required to deliver the Service.

11 · Changes to this policy

We post material changes here at least 30 days before they take effect, and email all customer admins. The current version and a full diff history live at github.com/prodview/legal.

12 · Contact

Questions about this policy or how we handle your data: