Most recent version: June 1, 2018.
By using RescueTime, you are agreeing to the collection and use of your personal information for the purposes of providing you our product services as described below. We will notify all active accounts of any significant changes to this policy.
Your data is never shared
Your privacy is very important to us. At RescueTime, your data, analyzed, is the product we offer back to you. We are not an ad-supported company. Our free service is intended to encourage you to subscribe to our premium service. If you have any concerns that aren't covered here, please contact us. Below are the details of this policy:
- We will never sell, rent, or otherwise share your personal information, with or without personally identifying information. Furthermore, we will never share anonymized selections of your individual data. That includes any government (foreign or domestic) unless we are compelled by law. If we are required by law to disclose any of the information collected about you, we will attempt to provide you with notice (unless we are prohibited) that a request for your information has been made in order to give you an opportunity to object to the disclosure. We will attempt to provide this notice by email. We will independently object to overly broad requests for access to information about users of our site.
- We may share information about user behavior in the aggregate only. For example, we could share information like, "which day of the week do people spend the most time on their computers?" This type of analysis is used to enrich the product, and to represent our domain expertise to our audience.
- You can delete your data at any time—all of it, or just a part of it. You can also delete your account at any time. Deleting your account deletes all your data from our database. We do not store data from deleted accounts.
- We won't spam you—ever—either directly or indirectly by sharing email information. Whether you receive emails from us, and which emails you receive are entirely under your control. We might occasionally send one-time messages about important RescueTime news. And we will introduce ways that you can optionally have RescueTime contact you with data that you care about, but you will always be able to turn this on or off.
- For individual accounts, no other user can see any of your data or personal information. We may provide features to allow you to share selections of your data, but this will be voluntary and opt-in only, and handled per-situation, and not buried in terms of service.
- For team accounts, sharing of data is controlled by the administrator of the account and by default does not allow anyone in the team account access to your data. No one outside of your organization will have access to any of your data. Default team implementations do not permit the sharing of individual data in any form that is not aggregated (eg, your team's average communication per week). When consulting with team implementations, we promote transparency and user-driven control.
How do we protect your data?
- Your data is always encrypted in transit. All requests with the RescueTime web app and client apps are encrypted with current best practice SSL configurations.
- Your data is always encrypted at rest. All of our storage uses volume encryption.
- We maintain ongoing vulnerability scanning, respond immediately to security advisories and stay PCI compliant.
What information does RescueTime collect? How is it used?
Account information includes email address (verification optional), city, state, and country. Optional demographic information including gender, date of birth, industry, job title, company size, and income may be requested, to enrich the accuracy of our reporting for your work patterns.
RescueTime records information about the currently active application or website on your computer. We record the following information for processing:
1) for time analysis: application name, website URL, window title, start time of use, end time of use and
2) for distinguishing you and your device: device login name (your system username), device name, device operating system version, and sometimes the manufacturer. For some inputs, the public internet address you are operating from is saved, for your security (and ours), and for troubleshooting. Like all activity information, it is discarded with account deletion.
We do not (and never will) collect keystrokes, form input, screenshots, window or page body content, or anything nefarious. Before storage for your reports, URLs are trimmed to the site name and sometimes top level directory when a site has distinct web apps. Query strings are discarded. Our site controls allow you to selectively delete and ignore forever any item you prefer not be stored.
Cookies and Log Files
RescueTime.com sends a "cookie" to your computer that contains an identifier that is unique to your browser session. We use this cookie to validate your authentication, provide you with a continuous experience, and to record how our site/service is being used. It is not used for marketing purposes.
As is done with most websites, we log every visit to each web page. A log entry can contain information typically found in the "header" of your web browser's request such as the browser type you used, your Internet Protocol address, and the date and time of day. We may also log your session identifier and the URL of a site that referred you. This log information is important for security, audit and quality improvement, as well as for monitoring the health of our service.