Privacy Policy

We collect several types of information to provide and improve our Services.

1.1 Information You Provide Directly

When you register or interact with our Services, we may collect:

• Name
• Email address
• Account credentials
• Organization or company name
• Communications with our support team

Authentication may occur through third-party identity providers such as Google Sign-In.

1.2 Information Collected Automatically

When you use our Services, we may automatically collect certain information including:

• Device type
• Operating system
• Browser type
• IP address
• Usage data
• Interaction logs
• Application performance metrics

This information helps us operate, maintain, and improve the Services.

1.3 Screen Content Processing (Core Product Functionality)

Spector’s productivity analytics features may process limited portions of visible screen content to determine whether activity is productive or distracting.

Depending on your product configuration, this may include:

• Text Extraction
  The software may capture small segments of visible on-screen text (typically limited to approximately 750 characters) for classification by AI models.
• Screenshot Analysis (Experimental Feature)
  If enabled by the user or organization administrator, the application may capture screenshots of the user’s screen to analyze activity patterns. These screenshots are processed solely for distraction or productivity classification.

1.4 Sensitive Data Safeguards

Spector implements safeguards designed to reduce the likelihood of processing sensitive information, including:

• Pattern filtering for personal identifiers (e.g., SSNs, bank numbers)
• Blocking scanning of common banking websites
• Blocking scanning of hospital and healthcare domains
• Blocking scanning of .gov domains

However, because screen content may contain arbitrary user data, we cannot guarantee that all personal or sensitive information will be excluded.

We use collected information to:

• Provide and operate the Services
• Authenticate users
• Analyze productivity and focus patterns
• Improve AI models used for classification
• Maintain system security and integrity
• Provide customer support
• Communicate updates and service notifications
• Comply with legal obligations

We do not sell personal information.

Some processing is performed by third-party service providers.

3.1 AI Processing Providers

Certain screen text or screenshots may be processed using AI models hosted by third-party providers, including:

• OpenAI

Data shared with such providers is used solely to perform classification tasks. We have configured these providers so that:

• Customer data is not used to train their models
• Data retention is limited (typically up to 30 days depending on provider policies)

3.2 Infrastructure Providers

We may also use third-party vendors for:

• cloud infrastructure
• analytics
• authentication
• security monitoring
• email delivery

These providers process data on our behalf under contractual obligations to protect user data.

If you are located in the European Economic Area (EEA), we process personal data under the following lawful bases:

• Contractual necessity — to provide our Services
• Legitimate interests — to improve productivity analytics and system performance
• User consent — where required for certain features
• Legal obligations — where required by law

We retain personal data only as long as necessary to:

• provide the Services
• comply with legal obligations
• resolve disputes
• enforce agreements

Typical retention periods include:

• Account data: retained while the account remains active
• AI processing logs: limited retention depending on provider policies
• Support communications: retained for service improvement

Users may request deletion of their data at any time.

We do not sell personal information.

We may disclose information in the following circumstances:

• Service Providers
  To vendors who perform services on our behalf.
• Business Transfers
  In connection with a merger, acquisition, financing, or sale of company assets.
• Legal Requirements
  If required by law, subpoena, or legal process.
• Protection of Rights
  To protect the rights, safety, or security of Spector, our users, or others.

Spector may process information in the United States or other jurisdictions where our service providers operate.

Where required, we implement safeguards such as:

• Standard Contractual Clauses (SCCs)
• contractual data protection obligations
• security controls consistent with industry standards

We implement reasonable administrative, technical, and organizational measures designed to protect personal information, including:

• encryption in transit
• access controls
• authentication safeguards
• infrastructure security monitoring

However, no system can guarantee absolute security.

Depending on your jurisdiction, you may have the following rights.

9.1 GDPR Rights

If you are in the EU/UK, you may have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion
• Restrict processing
• Object to processing
• Data portability
• Withdraw consent

9.2 California Privacy Rights (CCPA / CPRA)

California residents may have the right to:

• Know what personal information is collected
• Request deletion
• Correct inaccurate data
• Opt-out of certain data sharing
• Limit use of sensitive personal information

To exercise these rights, contact us at:

privacy@spector.ai

We will not discriminate against users who exercise their privacy rights.

Our Services are not directed to children under 13 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected such data, we will delete it.

We may update this Privacy Policy periodically.

If changes are material, we will notify users via:

• email
• product notifications
• website updates

The updated policy will include a revised “Last Updated” date.

If you have questions about this Privacy Policy or our data practices, please contact: