Worqa logo
Legal documentation

Privacy Policy

Worqa is a multi-tenant workforce operations platform used to run hiring, onboarding, attendance, payroll, scheduling, document workflows, internal approvals, reporting, and connected workplace operations. This Privacy Policy explains what information we process, why we process it, who can access it, and the choices available to customers, users, applicants, and site visitors.

Effective May 10, 2026
Updated May 10, 2026

Policy details

Review the current terms, responsibilities, and platform commitments that apply to this document.

10 sections

Who this policy covers

This policy applies to people and organizations that visit Worqa marketing pages, create a workspace, administer a company account, use the product as an employee or manager, apply for a role through a Worqa-powered careers page, receive communications from the platform, or connect third-party services to a workspace.

When a company uses Worqa to manage its workforce operations, that company controls the business decisions behind the data it submits to the platform. Worqa acts as the service provider that hosts, secures, and processes that information on the company’s behalf.

Information we collect

We collect information directly from customers and users, including account details, workspace setup records, names, email addresses, role assignments, authentication and session records, profile details, attendance submissions, payroll information, scheduling activity, uploaded documents, recruiting workflows, approvals, and support communications.

We also collect technical and operational information such as device and browser data, IP address, log events, audit history, notification delivery status, API activity, usage telemetry, and integration metadata needed to operate, secure, and improve the service.

Workforce, applicant, and payroll data

Because Worqa supports HR and payroll operations, customers may store employment records, compensation data, tax and statutory deduction settings, attendance histories, check-in responses, leave records, bank export preparation data, document acknowledgements, and recruiting submissions. Customers are responsible for ensuring they have a lawful basis to submit that information to Worqa.

We process these records to provide product features requested by the customer, such as calculating payroll inputs, routing approvals, generating reports, managing onboarding, storing policy documents, supporting scheduling flows, and maintaining auditability across workspace actions.

How we use information

We use information to provide and maintain the platform, authenticate users, personalize workspace access based on roles and permissions, deliver notifications, process transactions, secure accounts, prevent abuse, investigate incidents, support integrations, respond to customer requests, and improve product reliability and performance.

We may also use aggregate and de-identified operational insights to understand service health, adoption trends, and feature quality, provided those insights do not identify a specific customer, employee, or applicant.

How information is shared

Worqa shares information only as needed to operate the service, comply with the law, protect rights and safety, or follow a customer’s instructions. This can include infrastructure providers, payment processors, email and messaging vendors, storage providers, security services, analytics tools, and integration partners enabled by the customer.

We do not sell customer data or personal information submitted to Worqa for advertising purposes. Access to workspace information is limited to authorized customer users and authorized Worqa personnel who need that access to support, secure, or maintain the service.

Cookies, logs, and product diagnostics

We use cookies and similar technologies to keep users signed in, remember preferences, maintain security controls, understand navigation through public pages, and measure the performance of the product. We also maintain logs and audit trails to support fraud prevention, troubleshooting, change history, and platform accountability.

Additional details about cookie categories and browser controls are described in the Cookie Policy.

Retention and deletion

Worqa is built on a continuity-first model: access may change when billing changes, but customer data is not removed without notice. When a paid subscription ends, the workspace may move through a short grace period, a read-only reactivation period, an archived state, and eventually permanent deletion if the account is not restored.

During the first seven days after expiry, the workspace may remain fully available while renewal reminders are sent. After that period, the workspace may become read only so administrators can still review historical records, reports, audit trails, and payroll exports while new operational activity is paused. Around day 61 after expiry, the workspace may be archived. Archived data is retained for a further period before permanent deletion. We issue a final warning before permanent deletion and do not hard delete archived customer data without advance notice.

Some records may be retained longer where required for security, fraud prevention, financial reporting, dispute handling, backup integrity, legal compliance, or other legitimate business continuity needs. Customers are responsible for exporting any records they need to preserve outside the platform before their retention window closes.

Security and access controls

Worqa uses administrative, technical, and organizational safeguards designed to protect information against unauthorized access, disclosure, alteration, and loss. These controls can include encryption in transit, role-based access, session and authentication controls, audit logging, backup procedures, and environment-level operational monitoring.

No system can guarantee absolute security. Customers are responsible for securing their own credentials, assigning appropriate roles, managing connected integrations responsibly, and notifying Worqa promptly about suspected unauthorized access.

International processing and customer instructions

Worqa may process and store information in locations where our infrastructure, support personnel, or service providers operate. Where cross-border transfers occur, we use appropriate contractual, technical, and organizational measures suitable for the nature of the processing.

Customers remain responsible for providing required notices to their users and workforce, obtaining necessary permissions, and configuring the platform in a manner that aligns with their legal and compliance obligations.

Your choices and contact

Customers can update workspace records, adjust user access, configure notifications, manage integrations, renew subscriptions, and request assistance with account data through the platform and support channels. Individuals should generally direct privacy requests to the company that controls their workspace data, since that organization determines how the information is used.

Questions about this Privacy Policy, retention, reactivation, deletion handling, or Worqa’s privacy practices can be sent to chigo@worqa.xyz. We may update this policy from time to time, and the current version will always display its latest effective date on this page.