Privacy Policy
Welcome to PerformanceX We respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you visit our website.
Last Updated: November 17, 2025
Quick Navigation
Questions About Privacy?
Lorem ipsum dolor sit amet consectetur adipiscingelitsed do eiusmod tempor incididunt
Phone:
Address:
420 West Huron, 1st Floor Chicago, IL 60654
1. INTRODUCTION AND SCOPE
- Visit our website at performancex.ai (the “Website”)
- Use our Service as an authorized employer organization (“Client”)
- Are an employee whose workplace communications are analyzed through our Service (“Monitored Employee”)
2. INFORMATION WE COLLECT
2.1 Website Visitors
When you visit our Website, we collect:
Information You Provide:
- Contact information (name, email, phone, company name, job title)
- Inquiry details submitted through forms
- Demo request information
- Newsletter subscription preferences
- Communications you send to us
Automatically Collected Information:
- IP address and approximate location
- Browser type and version
Device information (type, operating system) - Pages visited and time spent
- Referral source
- Click-through and navigation patterns
2.2 Client Organizations
When organizations sign up for our Service, we collect:
Account Information:
- Company name, size, industry
- Billing and payment information
- Authorized administrator contact details
- Service configuration preferences
- Technical integration credentials
Usage Data:
- Service access logs
- Feature utilization metrics
- System performance data
- Support ticket history
2.3 Monitored Employees
Through our Service, we process the following employee data on behalf of Client organizations:
Communication Data:
- Email content and metadata (Outlook, Gmail, and other email platforms)
- Instant messaging content (Slack, Microsoft Teams, including direct messages)
- Video conference recordings and transcripts (Zoom, Teams, Google Meet)
- Phone call recordings and transcripts (Aircall, RingCentral, JustCall, and other systems)
- Calendar entries and meeting data
- Document collaboration activities
Behavioral Analytics:
- Response time patterns
- Communication frequency and patterns
- Collaboration networks
- Meeting participation metrics
- Project engagement levels
- Time allocation data
- Work pattern analysis
Performance Metrics:
- Weighted performance scores
- Productivity indicators
- Quality metrics
- Engagement scores
- Risk indicators (turnover, compliance, toxic behavior)
- 360-degree feedback data
Goal achievement tracking
Metadata:
- Timestamps for all communications
- Sender/recipient information
- Communication channels used
- Device and location data (if available)
- Application usage patterns
3. HOW WE USE INFORMATION
3.1 Website Operations
- Process inquiries and demo requests
- Send requested information about our Service
- Communicate about our products and services
- Improve Website functionality and user experience
- Analyze Website traffic and usage patterns
3.2 Service Provision
- Configure and maintain Client accounts
- Process payments and manage billing
- Provide customer support and technical assistance
- Send service-related notifications
- Ensure Service security and prevent fraud
3.3 Employee Performance Analysis (for Monitored Employees)
We process employee data exclusively on behalf of and under the direction of Client organizations to:
- Generate weekly performance reports for employees and managers
- Identify performance patterns and trends
- Detect potential workplace issues (harassment, discrimination, toxic behavior)
- Predict flight risks and turnover likelihood
- Provide evidence-based performance documentation
- Create automated retrospectives and 360-degree reviews
- Generate recommendations for performance improvement
- Support workforce planning and optimization
- Enable data-driven HR decision-making
- Maintain legally defensible employment records
3.4 Legal Basis for Processing (Where Applicable)
For Website Visitors:
- Consent: For marketing communications and cookies
- Legitimate interests: For Website operations and improvements
- Contract: For processing service inquiries
For Client Organizations:
- Contract: For service provision and account management
- Legal obligations: For tax and regulatory compliance
- Legitimate interests: For service improvements and security
For Monitored Employees:
- Legitimate interests of the employer: For workforce management and business operations
- Legal obligations: Compliance with employment laws
- Consent: Where required by applicable law (obtained by employer)
- Vital interests: For health and safety matters
4. COOKIES AND TRACKING TECHNOLOGIES
4.1 Types of Cookies We Use
Essential Cookies: Required for Website functionality and security
Analytics Cookies: Help us understand Website usage (Google Analytics, Hotjar)
Marketing Cookies: Enable targeted advertising and measure campaign effectiveness
Preference Cookies: Remember your settings and choices
4.2 Managing Cookies
You can control cookies through your browser settings. Disabling certain cookies may limit Website functionality. For more information, visit aboutcookies.org.
4.3 Do Not Track
Our Website does not currently respond to “Do Not Track” browser signals. However, you can manage tracking through cookie controls.
5. HOW WE SHARE INFORMATION
We do not sell personal information. We share information only as follows:
5.1 With Client Organizations
Monitored Employee data is shared with the employing organization’s authorized personnel, including:
- Direct managers and supervisors
- HR personnel
- Executive leadership
- Compliance officers
- Other authorized administrators
5.2 Service Providers
We share information with vendors who assist in our operations:
- Cloud hosting providers (Amazon Web Services)
- Payment processors (Stripe)
- Email service providers (SendGrid, HubSpot)
- Analytics providers (Google Analytics, Mixpanel)
- Customer support tools (Intercom, Zendesk)
- Security and monitoring services
All service providers are contractually required to protect information and use it only for specified purposes.
5.3 Legal Requirements
We may disclose information when required to:
- Comply with applicable laws or regulations
- Respond to legal process (subpoenas, court orders)
- Protect rights, property, or safety
- Investigate potential violations of our terms
- Cooperate with law enforcement
5.4 Business Transfers
Information may be transferred in connection with:
- Merger or acquisition
Sale of assets - Bankruptcy or reorganization
- Other business transactions
5.5 Aggregated Data
We may share aggregated, anonymized data that cannot identify individuals for research, marketing, or other purposes.
6. DATA RETENTION
6.1 Retention Periods
Website Data:
- Contact information: Until you request deletion or opt-out
- Analytics data: 26 months
- Marketing preferences: Until withdrawn
Client Account Data:
- Active accounts: Duration of service agreement
- Terminated accounts: 7 years for tax and legal purposes
Monitored Employee Data:
- Active monitoring: Continuous during employment
- Performance reports: 3 years from generation
- Communication archives: 90 days to 1 year (configurable by Client)
- Compliance-related data: As required by applicable regulations
- Post-termination: 30 days unless litigation hold applies
6.2 Deletion Procedures
Upon service termination or as configured by Clients, we securely delete or anonymize personal information, except where retention is required by law or legitimate business purposes.
7. DATA SECURITY
We implement appropriate technical and organizational measures to protect information:
7.1 Technical Controls
- AES-256 encryption for data at rest
- TLS 1.3 encryption for data in transit
- Multi-factor authentication for system access
- Regular security audits and penetration testing
- Intrusion detection and prevention systems
- Regular security patches and updates
7.2 Organizational Controls
- Limited access on need-to-know basis
- Employee confidentiality agreements
- Regular security training
- Vendor security assessments
- Incident response procedures
- Business continuity planning
7.3 Data Breach Notification
In the event of a data breach, we will notify affected Clients within 72 hours and assist with any required employee notifications. We maintain cyber liability insurance and follow industry-standard incident response procedures.
8. INTERNATIONAL DATA TRANSFERS
8.1 Data Location
Our primary servers are located in the United States. Information may be transferred to and processed in countries other than your residence.
8.2 Transfer Safeguards
For transfers outside the European Economic Area or UK, we implement appropriate safeguards:
- Standard Contractual Clauses (SCCs)
- Adequate security measures
- Compliance with local data protection requirements
8.3 Privacy Shield
While Privacy Shield has been invalidated, we maintain compliance with its principles for historical participants and implement alternative transfer mechanisms.
9. YOUR PRIVACY RIGHTS
9.1 Rights for All Individuals
Depending on your location and applicable law, you may have the right to:
- Access your personal information
- Correct inaccurate information
- Delete your information
- Restrict or object to processing
- Data portability
- Withdraw consent
- Lodge a complaint with supervisory authorities
9.2 California Residents (CCPA/CPRA)
California residents have additional rights:
- Right to know categories and specific pieces of personal information collected
- Right to know purposes of collection and third parties with whom information is shared
- Right to delete personal information
- Right to opt-out of sale/sharing (we do not sell personal information)
- Right to non-discrimination for exercising privacy rights
- Right to correct inaccurate information
- Right to limit use of sensitive personal information
Categories of Personal Information Collected in Past 12 Months:
- Identifiers (name, email, IP address)
- Professional information
- Communications data
- Internet activity
- Inferences about preferences and behaviors
9.3 European and UK Residents (GDPR/UK-GDPR)
Residents of the EEA and UK have rights including:
- Access to personal data and processing information
- Rectification of inaccurate data
- Erasure (“right to be forgotten”)
- Restriction of processing
- Data portability
- Object to processing based on legitimate interests
- Withdraw consent at any time
- Complain to your supervisory authority
9.4 For Monitored Employees
Employee rights regarding workplace monitoring data must be exercised through your employer as the data controller. We process employee data solely as a processor under employer direction. Contact your HR department or privacy officer for:
- Access to your performance data
- Correction requests
- Understanding retention periods
- Exercising applicable rights
9.5 How to Exercise Rights
For Website Visitors and Clients: Email: hello@performancex.ai
For Monitored Employees: Contact your employer’s HR department or designated privacy contact.
We will respond to requests within 30 days (or as required by law). We may request information to verify identity before processing requests.
10. CHILDREN'S PRIVACY
Our Service is not directed to individuals under 18. We do not knowingly collect information from children under 13 (or applicable age in your jurisdiction). If we learn we have collected such information, we will promptly delete it.
11. SPECIAL CATEGORIES OF DATA
11.1 Sensitive Information
Our Service may incidentally process sensitive information within workplace communications, including:
- Health information mentioned in communications
- Religious or philosophical beliefs
- Political opinions
- Union membership
Information revealing racial or ethnic origin
This processing occurs only as part of general communication analysis and is subject to heightened protection measures.
11.2 Biometric Data
We do not intentionally collect biometric data. Voice recordings are transcribed to text for analysis; original recordings are retained only as configured by Clients.
12. AUTOMATED DECISION-MAKING
12.1 How It Works
Our Service uses AI and machine learning to:
- Calculate performance scores
- Identify behavioral patterns
- Generate predictions about flight risk
- Detect potential compliance issues
- Create performance recommendations
12.2 Human Review
All significant employment decisions remain with human decision-makers. Our Service provides data and insights; employers make final decisions. Employees can request human review of automated assessments through their employer.
12.3 Transparency
We provide Clients with:
- Explanation of scoring methodologies
- Factors influencing assessments
- Ability to adjust weighting and parameters
- Regular bias audits and fairness assessments
13. THIRD-PARTY LINKS AND SERVICES
Our website may contain links to third-party sites. We are not responsible for their privacy practices. Review their privacy policies before providing information.
14. CHANGES TO THIS PRIVACY POLICY
We may update this Policy to reflect changes in:
- Our practices
- Legal requirements
- Service features
We will notify you of material changes via:
- Email to registered users
- Website notice
- Service dashboard notification
Continued use after changes constitutes acceptance of the updated Policy.
15. CONTACT INFORMATION
15.1 Privacy Officer
For privacy-related questions or concerns:
PerformanceX Privacy Officer
Email: hello@performancex.ai
15.2 Data Protection Officer
For GDPR-related inquiries: Email: hello@performancex.ai
15.3 Supervisory Authorities
EU residents may contact their local Data Protection Authority. UK residents may contact the Information Commissioner’s Office (ICO).
16. LEGAL DISCLOSURES
16.1 Workplace Monitoring Notice
PerformanceX provides tools for lawful workplace monitoring. Employers are responsible for:
- Complying with applicable employment and privacy laws
- Providing appropriate notice to employees
- Obtaining necessary consents
- Implementing appropriate policies
- Respecting employee rights
16.2 No Legal Advice
This Policy does not constitute legal advice. Consult qualified counsel regarding your specific obligations.
16.3 Accessibility
For accessible versions of this Policy, contact hello@performancex.ai
APPENDIX A: STATE-SPECIFIC RIGHTS
Nevada Residents
Nevada residents may opt-out of the sale of covered information. We do not sell personal information as defined under Nevada law.
Virginia Residents (VCDPA)
Virginia residents have rights similar to California residents, including access, deletion, correction, and portability rights.
Colorado Residents (CPA)
Colorado residents have comprehensive privacy rights including opt-out of targeted advertising and profiling.
Connecticut Residents (CTDPA)
Connecticut residents have rights to access, correct, delete, and port their personal data, plus opt-out rights.
Utah Residents (UCPA)
Utah residents can access, delete, and port personal data, and opt-out of targeted advertising and sale.
Questions About Privacy?
Lorem ipsum dolor sit amet consectetur adipiscingelitsed do eiusmod tempor incididunt
Phone:
Address:
420 West Huron, 1st Floor Chicago, IL 60654
Your Customer List Is Walking Out the Door
Right now, former employees are calling your best customers. Undercutting your prices. Sharing your weaknesses.Next month, you’ll wonder why commercial accounts are switching. Why certain neighborhoods stopped calling. Or you can run retrospectives every week and know everything before it hurts.
Contact Form - General
By submitting this form, you consent to receive service-related text messages from PerformanceX.ai. Message frequency varies. Msg & data rates may apply. Reply STOP to unsubscribe or HELP for assistance. See our Privacy Policy and Terms at performancex.ai.
- ✓ Qualify in 15-minute call
- ✓ We analyze 2 employees free
- ✓ See results in 48 hours