Data Retention Policy

WorkMate — Last updated: April 2026

Overview

WorkMate retains personal data only for as long as necessary for the purposes for which it was collected, or as required by Irish and EU law. This policy sets out the specific retention periods for each category of data we hold. It should be read alongside our Privacy Policy.

1. Account & Profile Data

Active accounts: retained for the duration of your account.
Closed accounts: profile data (name, email, phone, address) is anonymised within 30 days of account closure, unless a legal retention obligation applies.
Legal basis: Contract performance (GDPR Art. 6(1)(b)) and legitimate interests (Art. 6(1)(f)).

2. Financial & Transaction Records

Retention period: 7 years from the date of the transaction or account closure (whichever is later).
This includes payment records, invoices, Stripe transaction references, job fees, platform commission records, and payout history.
Legal basis: Legal obligation (GDPR Art. 6(1)(c)) — required under the Taxes Consolidation Act 1997, the Companies Act 2014, and Revenue Commissioners guidance.
DAC7 reporting data (TIN, date of birth, transaction totals for qualifying providers) is retained for the duration required by the DAC7 Directive (EU Directive 2021/514), a minimum of 10 years from the end of the reporting year.

3. Identity & Verification Documents

Approved documents: removed from active storage within 30 days of verification approval.
Rejected documents: deleted as soon as reasonably practicable after rejection notification is issued.
Abandoned submissions: if you begin the identity verification process but do not complete it — and no admin review has taken place — your uploaded documents are automatically deleted 90 days after upload. This enforces the GDPR Art. 5(1)(e) storage-limitation principle.
This includes government-issued photo ID, Public Liability Insurance certificates, Tax Clearance Certificates, and SafePass cards.
Legal basis: Legal obligation (GDPR Art. 6(1)(c)) and contract performance (Art. 6(1)(b)).

4. Job, Quote & Communication Data

Job posts, quotes, reviews, and in-platform messages are retained for the duration of your account.
After account closure, job and quote records linked to financial transactions are subject to the 7-year financial retention period.
Reviews and ratings are anonymised within 30 days of the reviewer's account closure, unless required for an open dispute or legal proceeding.
Legal basis: Legitimate interests (GDPR Art. 6(1)(f)) — dispute resolution and platform integrity.

5. Support Messages & Security Logs

Support correspondence: retained for up to 3 years to facilitate follow-up and fraud investigation.
Security and audit logs: retained for up to 12 months for platform security and incident response purposes.
Legal basis: Legitimate interests (GDPR Art. 6(1)(f)).

6. Your Rights & How to Contact Us

You have the right to request erasure of your personal data, subject to applicable legal retention obligations. Requests to exercise your data rights can be submitted to:

privacy@workmate.ie. We will respond within 30 days. If you are unsatisfied with our response, you may lodge a complaint with the Data Protection Commission Ireland.

1. Account & Profile Data

Active accounts: retained for the duration of your account.

Closed accounts: profile data (name, email, phone, address) is anonymised within 30 days of account closure, unless a legal retention obligation applies.

Legal basis: Contract performance (GDPR Art. 6(1)(b)) and legitimate interests (Art. 6(1)(f)).

2. Financial & Transaction Records

Retention period: 7 years from the date of the transaction or account closure (whichever is later).

This includes payment records, invoices, Stripe transaction references, job fees, platform commission records, and payout history.

Legal basis: Legal obligation (GDPR Art. 6(1)(c)) — required under the Taxes Consolidation Act 1997, the Companies Act 2014, and Revenue Commissioners guidance.

DAC7 reporting data (TIN, date of birth, transaction totals for qualifying providers) is retained for the duration required by the DAC7 Directive (EU Directive 2021/514), a minimum of 10 years from the end of the reporting year.

3. Identity & Verification Documents

Approved documents: removed from active storage within 30 days of verification approval.

Rejected documents: deleted as soon as reasonably practicable after rejection notification is issued.

Abandoned submissions: if you begin the identity verification process but do not complete it — and no admin review has taken place — your uploaded documents are automatically deleted 90 days after upload. This enforces the GDPR Art. 5(1)(e) storage-limitation principle.

This includes government-issued photo ID, Public Liability Insurance certificates, Tax Clearance Certificates, and SafePass cards.

Legal basis: Legal obligation (GDPR Art. 6(1)(c)) and contract performance (Art. 6(1)(b)).

4. Job, Quote & Communication Data

Job posts, quotes, reviews, and in-platform messages are retained for the duration of your account.

After account closure, job and quote records linked to financial transactions are subject to the 7-year financial retention period.

Reviews and ratings are anonymised within 30 days of the reviewer's account closure, unless required for an open dispute or legal proceeding.

Legal basis: Legitimate interests (GDPR Art. 6(1)(f)) — dispute resolution and platform integrity.

6. Your Rights & How to Contact Us

You have the right to request erasure of your personal data, subject to applicable legal retention obligations. Requests to exercise your data rights can be submitted to:

privacy@workmate.ie. We will respond within 30 days. If you are unsatisfied with our response, you may lodge a complaint with the Data Protection Commission Ireland.