🔒

Built to pass Datatilsynet review

jatid is not "privacy-friendly". It is privacy-engineered: invariants are enforced at the database layer, modules ship with consent + retention defaults, and every monitoring change writes an audit record.

Privacy invariants — what jatid will never do

These are not toggles. They are encoded in the product and in our refusal to build them. They apply on every plan, from Free to Enterprise.

🚫

No auto-screenshots

jatid will never silently capture your screen. Even M11 (proof captures) is worker-initiated, scoped to a window/tab/file the worker chooses, and previewed before storage.

🚫

No keystroke logging

We never record what you type. The desktop agent (Tauri) tracks active-window names and idle gaps only.

🚫

No covert install

No "monitoring mode" that hides from workers. Workers always see what is collected at /my-data.

🚫

No algorithmic firing

AI features (M21 work summary) are worker-reviewed before any sharing. We never auto-send AI output to managers.

🚫

No selling worker data

We monetise on subscriptions. Worker data stays in your organisation. We do not enrich, sell, or train on it.

🚫

No retention without purpose

Each module has a retention default (30/60/90 days). Admins can lower but not raise above the catalogue maximum. Old records are purged automatically.

How configurable monitoring works

Every monitoring capability is a "module" with documented scope, legal basis, retention, and worker rights. Admins choose which to enable. Workers see exactly which apply to them — live.

🟢

Presence

M1 manual timer · M2 schedule · M16 worker-tools

Always on. The base product. No extra surveillance.

🟡

Context

M3 location check-in · M5 GPS · M6 calendar overlay · M10 client-pin

Work context — where, what client, which event. Opt-in per bundle.

🟠

Activity

M4 focus blocks · M7 activity pulse · M8 idle reconstruction · M18 timer prompts

Workstation activity. Worker-reviewed (M4), worker-classified (M8).

🔴

Content-adjacent

M11 worker proof · M11b before/after photos · M17 voice memo · M22 call webhook

Captures the worker initiates or sends. Each one is preview-before-save.

⛔

Content-behavioural

M12 screenshot scheduler · M13 AI scoring

BPO-tier modules. Require DPIA + AI Act attestation + works-council. Default off. We may never build M14 (keystroke).

🟢

Worker tools

M19 burnout coach · M20 personal calendar · M21 AI summary

Worker-only. Manager never sees. M19 governs the focus coach; M21 is worker-reviewed before any sharing.

Full catalogue with retention defaults + legal basis is shipped with every account at /settings/monitoring.

Your GDPR rights — built into the product

Article references are to the EU General Data Protection Regulation. We ship the affordances, not just the policy.

Transparency at collection

GDPR Art 13/14

/settings/monitoring/disclosure — auto-generated, live, downloadable

Right of access

GDPR Art 15

/me/data/export.json — one click, machine-readable

Right to rectification

GDPR Art 16

/my-data + /time — workers edit their own entries

Right to erasure

GDPR Art 17

/me/data/delete — self-serve anonymisation

Right to restrict processing

GDPR Art 18

/api/v1/monitoring/pause — worker can pause 5/15/60 min

Data portability

GDPR Art 20

JSON + CSV export, no proprietary format

Right to object

GDPR Art 21

Worker can disable any worker-tool module (M19, M20, M21)

Automated decisions

GDPR Art 22

jatid never auto-fires, auto-promotes, or auto-scores employment decisions

Datatilsynet — Danish DPA alignment

Datatilsynet has published guidance on workplace monitoring. jatid is built to match — proactively. Every monitoring module catalogue entry maps to a guidance principle.

🟢 Proportionality (Datatilsynet 2024 focus area)

Modules are scoped — we collect the minimum that achieves the stated purpose. Retention defaults are tight (30 days). Admins lower; they cannot raise above the catalogue maximum.

🟢 Transparency

Auto-generated worker disclosure, live, in plain language, downloadable. Workers see what is collected at /my-data — always.

🟢 Legal basis documented

Each module declares its GDPR Art 6 basis. Modules requiring legitimate-interest assessment surface the DPIA wizard before they can be enabled.

🟢 Worker rights surfaced, not buried

Worker pause, worker-first review, worker self-DSAR — all built into the UI, not buried in support tickets.

Questions? Compliance review?

For DPAs, security questionnaires, or Datatilsynet inspection prep — write directly to dpo@jatid.dk.

We respond within 1 working day. Procurement materials (DPA template, sub-processor list, ISO statement) shipped on request.

Start free → See pricing