Yes, it is entirely possible that activities are monitored, if not
recorded, but it has nothing to do with the fact that she is running Ubuntu
or the gateway running SUSE. It is also likely something she agreed to under
the terms of employment under the Acceptable Use Policy.
There are things that can be done, such as using encrypted connections.
Pidgin supports encrypted connections, but it may not be the default, nor
possible with every service. There are all sorts of cat and mouse games that
she can play to try to avoid detection, but a savvy employer is simply going
to have a policy forbidding activity they don't want rather than having to
write language to cover every possible variation. Detecting most such
activities, even if encrypted, is fairly trivial.
I'd suggest she get some clarification as to what exactly the policies and
penalties are before getting too creative. Some employers don't mind a
little downtime, so it may not be a big deal.