Skip to main content

Task Mining data privacy and security

Important

Task Mining has been designed and built based on Privacy by Design principles and includes multiple configurable safeguards to protect the privacy of Task Mining Client software users. For specific information about Task Mining, see the Celonis Trust Center . Task Mining and Privacy by Design White Paper. Data privacy legislation and employment laws vary significantly between countries and use cases. We therefore strongly advise you to consult your organization’s legal and compliance experts and communicate internally, including with worker’s council and/or trade unions as appropriate, before activating Task Mining for your users.

Permissions and access rights

  • Access to Task Mining data is restricted using permissions.

  • Role-based access control means data and information access can be limited to authorized users.

For more information, see Task Mining permissions.

User information and transparency

Note

This information can be customized for your organization according to local laws and privacy requirements and in conjunction with your legal experts.

  • A user information screen pops up when the Task Mining Client software is installed on a user’s machine or the first time the Task Mining Client starts, informing users about the data that will be captured and requesting their consent.

  • Users consent to data collection using a checkbox and can exit at this point. Data collection only begins after approval and if the user chooses to proceed.

  • Users can see when the Task Mining Client software is running, pause the client and view the captured interactions.

Data minimization

  • Restrict the applications data is captured from and the types and granularity of the data captured for your Task Mining project based on your use case.

  • Create allowlists/denylists to control which URLs the Task Mining Client software collects data from

  • Ensure metadata capture won’t make users identifiable (even if user data is pseudonymized) and restrict access by setting custom data model permissions in the Task Mining Data Pool if groupings consist of fewer than five users.

Data redaction and pseudonymization

Data redaction in the Task Mining Client software is performed when the Task Mining data is captured and before any data is saved to the user’s machine or the Celonis Platform. By default, the Task Mining Client software uses hashing to redact:

  • The Windows username.

  • The Windows machine name where the Task Mining Client software is running.

  • Email addresses.

  • US Social Security Numbers (SSN).

  • Credit/debit card numbers.

You can also specify custom rules to redact other data, including hashing selected attributes. 

Note

NOTE: When Secure Hash Algorithms (SHA) are applied, hashing is irreversible. For more information, see Data redaction and Event processing rules.