Plans, billing & data
Data, privacy & GDPR
What WagePilot collects (and what it deliberately doesn’t), how to export or erase data, retention, and how it’s built for UK GDPR.
WagePilot is built for UK GDPR with data minimisation from day one — it collects what it needs to run rotas and pay accurately, and deliberately avoids what it doesn’t. You own your data and can export or erase it.
What is and isn’t collected
- Location
- Read once, only at the moment of clock-in/out, to confirm on-site. Never continuous, never background tracking.
- Hours & pay
- Clock events, breaks and rates — the records you are legally required to keep anyway.
- Identity photo
- Only if you turn on the kiosk’s identity-photo option, and only at clock-in.
- Card details
- Never stored by WagePilot — payments run through Stripe.
Export & erasure
- Export approved hours to CSV at any time.
- A staff member can request deletion of their data; you can also erase a person’s personal data when they leave.
- Account closure and erasure are handled through controlled, auditable actions — not a support email and a wait.
Where data lives
Your data is stored securely with encryption in transit and at rest, hosted in the EU/UK region. See Security for more.
Common questions
Where is my data stored, and can I export or delete it?
Your data is stored securely with encryption in transit and at rest, hosted in the EU/UK region. You own your data: approved hours export to CSV at any time, and you can request export or deletion of your account data in line with UK GDPR. Billing is handled by Stripe; we never store full card details.
Still stuck? Email hello@wagepilot.co.uk and a human replies within a working day.
All help topics