Last updated: 7.1.2025
This Data Security Policy explains how WELINK LTD protects user information and complies with data security requirements for the Apple App Store and Google Play Store.
This policy should be read together with our Privacy Policy and Terms of Use.
1.1 The Platform follows a data minimisation approach.
1.2 The Platform does not store payment card details or bank account information. All payment data is handled securely by third‑party payment processors.
1.3 The Platform stores only essential user information, which may include:
name
email address
phone number
limited identification information (where required)
work history and reliability data
GPS check‑in and check‑out records related to booked shifts
1.4 Where possible, data is viewed or referenced rather than permanently stored.
2.1 All payments are processed by Stripe, a globally recognised payment provider.
2.2 Stripe is responsible for:
payment card security
Afterpay transaction processing
compliance with PCI‑DSS standards
2.3 The Platform never has access to full payment credentials.
3.1 User data is accessible only to authorised staff for legitimate operational purposes such as:
account verification
dispute resolution
customer support
3.2 Access is role‑restricted and logged where applicable.
The Platform uses reasonable and industry‑standard safeguards, including:
encryption of data in transit using HTTPS/TLS
secure storage environments provided by third‑party infrastructure
restricted administrative access
regular system monitoring
5.1 GPS data is used solely to:
verify attendance
confirm check‑in and check‑out within a defined radius of a job location
5.2 Location data is not sold, shared for advertising, or used outside core Platform functionality.
6.1 The Platform relies on reputable third‑party service providers, including Stripe.
6.2 These providers maintain their own security and compliance obligations.
6.3 The Platform is not responsible for the internal security practices of third‑party providers but selects providers with recognised security standards.
7.1 Users may request deletion of their personal data at any time.
7.2 Certain records may be retained where required for:
legal compliance
dispute resolution
accounting and tax obligations
7.3 Retained data is limited to what is legally necessary.
8.1 In the event of a data security incident, the Platform will:
investigate promptly
take reasonable steps to mitigate risk
comply with applicable notification obligations under New Zealand law
9.1 This Data Security Policy may be updated periodically.
9.2 Continued use of the Platform indicates acceptance of the updated policy.
This Policy is governed by the laws of New Zealand.