Easy to use time-tracking software designed for businesses with remote teams of employees that includes automatic timesheets and screenshots of employees’ workstations as proof of work done. Screenshot monitoring is completely transparent to the employees and they control when the monitoring starts and when it stops.

Monitask is designed for companies of all sizes that have remote team members, such as freelancers, contractors, remote employees, and employees that work from home occasionally. Monitask is also useful for freelancers who would like to show their clients proof of work being done and the amount of time it took to complete.

How much does Monitask cost?

We have 3 plans. Pro plan is $5.99 a month per user, Business plan is $8.99 a month per user, and Enterprise is $19.99 a month per user. We also offer annual billing which saves companies 20% from the plans’ monthly price.

Where is my data stored and is it secure?

We respect your companies’ privacy and security. All of the time-tracking and screenshot data is securely stored and encrypted using 256-bit AES encryption.

Do remote team members see when screenshots are taken?

We believe in transparency and value our customer’s trust. After your remote team members install our desktop application, they will have full control of when the time tracking begins (along with screenshot taking) and when it stops. They can see the last screenshot taken, so they will be fully aware of what’s being uploaded for managerial review.

Can I see which applications my team members use?

Yes, you will be able to see which windows applications your remote team members are using and the percentage of time they are using them. For an employee: Navigate to: <a href="https://app.monitask.com/Report">https://app.monitask.com/Report</a> In the “Applications” section of the page, you will see all of the applications you’ve been using and the percentage of time using them. For a manager/employer: In the main menu, select the employee in the Timeline tab. In the “Applications” section of the page, you will see all of the applications they’ve been using and the percentage of time using them. You can also watch the list of programs used for your entire team. To do this, open the main menu and navigate to Reports – Applications Used <a href="https://app.monitask.com/Reports/Applications">https://app.monitask.com/Reports/Applications</a> . This report allows you to review which applications are used most frequently by the members of your team.

Can Monitask help me find freelancers?

We do not offer help with finding contractors and freelancers at this time.

Can I pay my freelancers through Monitask?

Currently we do not offer a direct payment option for paying your remote team members. However, we do synchronize with various payment apps such as Paypal and create payrolls for the team members based on their payment rate settings.

Does Monitask provide timesheets and other reports?

Monitask allows you to effortlesly generate detailed timesheets for each of the remote team members as well as many other reports including basic accounting reports.

What is an activity level and how is it calculated?

Activity level tracking is a feature designed to keep track of user activity based on the keyboard usage and mouse movements. Monitask is not a spying tool, so it does not record the actual keys that were pressed. Instead, Monitask collects activity of a user and how active they were working within each 10 minute period. If there was no mouse our keyboard usage – the time will not be counted as working. A good activity level to is anything over 50%.

Can you auto-start screenshot monitoring?

In order to protect our users and their privacy Monitask starts monitoring only when employees manually clock in and stops as soon as they clock out.

What if I work with confidential information?

Monitask does not keep track of sensitive information – no passwords or documents are stored on Monitask’s servers. At the same time, passwords or private information themselves do not fall under the radar of Monitask either – the service is careful about private data.

Can the app be hidden on employees’ computers?

Monitask is an employee productivity tool, not a spying tool. You cannot run Monitask or auto-start screenshot monitoring without the users permission. The user needs to press the start button in order to start time tracking.

Understanding Data Protection

Scope and Definitions

Scope:
The policy must define the types of personal data collected, processed, and stored. It’s vital to specify the purpose of data usage. Include the parties covered by the policy, such as employees, customers, and third-party service providers.

Definitions:
Clear definitions for terms like “personal data,” “processing,” “data controller,” “data processor,” and “data subject” are essential. This ensures all stakeholders understand their roles and responsibilities within the policy framework.

Data Collection and Handling

Data Collection:
Personal data should be collected fairly and for lawful purposes only. Using standardized forms and secure channels for data collection ensures compliance and security.

Data Handling:
Once collected, handle data securely. Limit access to authorized personnel only and use encryption to protect data during storage and transmission. Implement regular audits to detect and resolve potential vulnerabilities.

Data Storage and Retention

Data Storage:
Store personal data securely with access controls and encryption. Use cloud storage solutions complying with recognized standards like ISO/IEC 27001 to ensure data availability and integrity.

Data Retention:
Establish clear retention periods for different types of data. Retain data only as long as necessary for the purposes defined in the policy. Afterward, ensure the secure disposal or anonymization of data to protect against unauthorized access.

Data Access and Disclosure

Data Access:
Grant data access based on role-specific needs. Implement multi-factor authentication (MFA) to enhance security. Maintain access logs to monitor and review access patterns.

Data Disclosure:
Disclose personal data to third parties only with explicit consent or under legal obligations. Ensure third-party service providers adhere to equivalent data protection standards through contracts and regular compliance checks.

Employee Training and Awareness

Training Programs:
Conduct regular training sessions for employees on data protection practices. Include topics like recognizing phishing attempts, secure password practices, and data handling procedures.

Awareness Campaigns:
Run ongoing awareness campaigns to keep data protection at the forefront. Use newsletters, posters, and workshops to reinforce the importance of protecting personal data.

Incident Response and Management

Incident Response Plan:
Develop a robust incident response plan specifying the steps to take in case of a data breach. Include roles, responsibilities, and communication channels to ensure swift action.

Management Protocols:
Implement protocols to identify, contain, and mitigate data breaches. Post-incident reviews help improve the response plan and prevent future occurrences.

Legal and Regulatory Compliance

Feel free to copy/paste and modify the template provided below.

Data Protection Company Policy

1. Introduction

At [Company Name], we are committed to protecting the privacy and security of personal data belonging to our employees, clients, partners, and other stakeholders. This comprehensive Data Protection Policy outlines our approach to data protection and provides guidelines for the collection, processing, storage, and disposal of personal data in compliance with applicable data protection laws and regulations.

1.1 Purpose

The purpose of this policy is to ensure that [Company Name]:

Complies with data protection laws and follows good practices
Protects the rights of employees, customers, and partners
Is transparent about how it stores and processes individuals’ data
Protects itself from the risks of data breaches

1.2 Scope

This policy applies to all employees, contractors, consultants, temporary workers, and other workers at [Company Name], including all personnel affiliated with third parties. It applies to all data that the company holds relating to identifiable individuals.

2. Data Protection Principles

[Company Name] adheres to the following data protection principles:

2.1 Lawfulness, Fairness, and Transparency

Personal data shall be processed lawfully, fairly, and in a transparent manner in relation to individuals.

2.2 Purpose Limitation

Personal data shall be collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.

2.3 Data Minimization

Personal data shall be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.

2.4 Accuracy

Personal data shall be accurate and, where necessary, kept up to date. Every reasonable step must be taken to ensure that inaccurate personal data are erased or rectified without delay.

2.5 Storage Limitation

Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.

2.6 Integrity and Confidentiality

Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.

2.7 Accountability

The controller shall be responsible for, and be able to demonstrate compliance with, the above principles.

3. Rights of Data Subjects

[Company Name] recognizes and respects the rights of data subjects, which include:

The right to be informed
The right of access
The right to rectification
The right to erasure (also known as the ‘right to be forgotten’)
The right to restrict processing
The right to data portability
The right to object
Rights in relation to automated decision making and profiling

We have implemented processes to handle data subject requests promptly and efficiently, ensuring compliance with legal requirements.

4. Data Collection and Processing

4.1 Lawful Basis for Processing

[Company Name] will only process personal data where we have a lawful basis to do so. The lawful bases we may rely on include:

Consent: The individual has given clear consent for us to process their personal data for a specific purpose.
Contract: The processing is necessary for a contract we have with the individual, or because they have asked us to take specific steps before entering into a contract.
Legal obligation: The processing is necessary for us to comply with the law.
Vital interests: The processing is necessary to protect someone’s life.
Public task: The processing is necessary for us to perform a task in the public interest or for our official functions, and the task or function has a clear basis in law.
Legitimate interests: The processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.

4.2 Consent

Where consent is relied upon as a lawful basis for processing data, evidence of opt-in consent shall be kept with the personal data. Where communications are sent to individuals based on their consent, the option for the individual to revoke their consent should be clearly available, and systems should be in place to ensure such revocation is reflected accurately in our systems.

4.3 Data Minimization

[Company Name] will ensure that personal data are adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed. We will regularly review our data collection practices to ensure we are not collecting excessive or unnecessary data.

5. Data Storage and Security

5.1 Data Storage

Personal data will be stored securely and in accordance with our Information Security Policy. We will regularly review the personal data we hold and delete anything we no longer need. Information that does not need to be accessed regularly, but which still needs to be retained, will be safely archived or put offline.

5.2 Data Security Measures

[Company Name] implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

Encryption of personal data where appropriate
Regular testing and evaluation of the effectiveness of security measures
Access controls and authentication mechanisms
Regular backups and disaster recovery plans
Physical security measures for our premises and data centers
Network and system security measures, including firewalls and intrusion detection systems

5.3 Data Breach Response

In the event of a data breach, [Company Name] will follow our Data Breach Response Plan, which includes:

Immediate assessment of the breach and its potential impact
Containment and recovery measures
Risk assessment
Notification to relevant authorities and affected individuals as required by law
Evaluation and improvement of security measures to prevent future breaches

6. Data Sharing and Third-Party Processing

6.1 Data Sharing

[Company Name] may share personal data with third parties in certain circumstances, such as:

With service providers who process data on our behalf
With law enforcement or other authorities if required by applicable law
In the context of a business transaction, such as a merger or acquisition

In all cases, we will ensure that appropriate safeguards are in place to protect the data.

6.2 Third-Party Processing

When [Company Name] engages third-party processors, we will:

Conduct due diligence to ensure the processor can provide sufficient guarantees of compliance with data protection laws
Enter into a written contract that sets out the subject matter and duration of the processing, the nature and purpose of the processing, the type of personal data and categories of data subjects, and the obligations and rights of [Company Name]
Regularly audit and review the processor’s compliance with the contract and data protection laws

7. International Data Transfers

[Company Name] may transfer personal data to countries outside the European Economic Area (EEA) or the country where the data was originally collected. In such cases, we will ensure that:

The transfer is to a country that has been deemed to provide an adequate level of protection for personal data by the relevant authorities
Appropriate safeguards are in place, such as binding corporate rules, standard contractual clauses, or other legally recognized mechanisms
The data subject has enforceable rights and effective legal remedies
The transfer complies with all applicable legal requirements

8. Data Protection Impact Assessments

[Company Name] will carry out Data Protection Impact Assessments (DPIAs) for any new projects or initiatives that involve the processing of personal data, particularly those using new technologies, where the processing is likely to result in a high risk to the rights and freedoms of individuals.

9. Employee Training and Awareness

[Company Name] will provide regular training to employees on data protection principles and practices. This training will include:

Overview of data protection laws and regulations
Company policies and procedures related to data protection
Practical guidance on handling personal data in day-to-day operations
Recognizing and reporting data breaches
Understanding the consequences of non-compliance

10. Data Protection Officer

[Company Name] has appointed a Data Protection Officer (DPO) responsible for overseeing our data protection strategy and implementation. The DPO’s responsibilities include:

Informing and advising the company and its employees about their obligations to comply with data protection laws
Monitoring compliance with data protection laws and company policies
Providing advice on Data Protection Impact Assessments
Acting as a point of contact for data subjects and supervisory authorities

11. Compliance Monitoring and Auditing

[Company Name] will regularly monitor and audit our compliance with this policy and data protection laws. This will include:

Regular internal audits of data processing activities
Periodic review and update of this policy and related procedures
Assessment of third-party processors’ compliance
Evaluation of employee awareness and adherence to data protection practices

12. Policy Review and Updates

This Data Protection Policy will be reviewed annually and updated as necessary to reflect changes in our practices, technology, legal requirements, and other factors. All employees will be notified of any changes to this policy.

13. Consequences of Non-Compliance

Failure to comply with this policy may result in disciplinary action, up to and including termination of employment. In addition, violations of data protection laws can lead to significant fines and reputational damage for the company.

14. Contact Information

For any questions or concerns regarding this policy or our data protection practices, please contact:

Data Protection Officer [Company Name] [Address] [Email] [Phone Number]

15. Conclusion

[Company Name] is committed to maintaining the highest standards of data protection and privacy. This policy demonstrates our dedication to safeguarding personal data and complying with all applicable laws and regulations. We expect all employees, contractors, and third-party processors to adhere to this policy and to contribute to our culture of data protection and privacy.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.