PRIVACY POLICY
Last updated: March 22, 2026
Last updated: March 22, 2026
This Privacy Policy for Jobiit Technologies Limited ("Jobiit," "we," "us," or "our") describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our services ("Services"), including when you:
- Visit our website at https://jobiit.com, or any website of ours that links to this Privacy Policy
- Download and use our mobile application (Jobiit), or any other application of ours that links to this Privacy Policy
- Engage with us in other related ways, including any sales, marketing, or events
Jobiit is a marketplace platform connecting customers with independent local traders and tradespeople. Jobiit acts as a third-party introducer — we facilitate the connection between customers and traders but do not perform the services ourselves. When you engage a trader through Jobiit, you enter into a direct contract with that trader, not with Jobiit.
Questions or concerns? Reading this Privacy Policy will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at privacy@jobiit.com.
SUMMARY OF KEY POINTS
- We process personal information based on how you interact with our Services, the choices you make, and the features you use.
- We do not process sensitive personal information.
- We do not receive information from third parties.
- We process information to: provide and improve our Services, communicate with you, ensure platform safety, prevent fraud, and comply with the law.
- We share information in specific situations with specific third parties and with public authorities where required by law (see Section 4).
- We use automated processing including Document AI for insurance verification (see Section 6).
- You have rights under GDPR depending on your geographic location (see Section 9).
- You can exercise your rights by submitting a data subject access request at https://app.termly.io/dsar/2ec1826d-9ae3-4c05-b6d2-f09d20b32f58, or by contacting us at privacy@jobiit.com.
TABLE OF CONTENTS
- What Information Do We Collect?
- How Do We Process Your Information?
- What Legal Bases Do We Rely On?
- When and With Whom Do We Share Your Information?
- Do We Use Cookies and Other Tracking Technologies?
- Automated Decision-Making & AI Processing
- How Long Do We Keep Your Information?
- Do We Collect Information From Minors?
- What Are Your Privacy Rights?
- Location Data
- In-Person Payment Data
- Mobile App Analytics & SDK Data Collection
- International Data Transfers
- Data Breach Notification
- Controls for Do-Not-Track Features
- Do We Make Updates to This Notice?
- How Can You Contact Us?
- How Can You Review, Update, or Delete Your Data?
1. WHAT INFORMATION DO WE COLLECT?
Personal Information You Provide to Us
We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our Services, when you participate in activities on the Services, or otherwise when you contact us.
Customers
| Data Category | Examples | Legal Basis | Retention |
|---|---|---|---|
| Account data | Name, email, phone, DOB (optional) | Contract performance | Duration of account + 7 years |
| Address & location | Full address, GPS coordinates, Google Place ID | Contract performance (job matching) | Duration of account + 7 years |
| Payment data | Stripe customer ID (card details held by Stripe, not Jobiit) | Contract performance | 7 years (tax/audit under TCA 1997 s.886) |
| Job data | Service requests, photos, descriptions | Contract performance | 7 years post-completion |
| Communications | Support messages, notifications sent | Legitimate interest | 3 years |
| Device data | FCM token, device type, app version | Consent (push notifications) | Until token refresh/account deletion |
| Marketing preferences | Email/SMS opt-in status | Consent | Until withdrawn |
| Contact preferences | Marketing opt-in/opt-out status | Consent | Until withdrawn |
Traders
| Data Category | Examples | Legal Basis | Retention |
|---|---|---|---|
| Identity data | Name, DOB, government-issued ID document, biometric facial image (via Stripe Identity — see below) | Legal obligation / contract | 7 years post-account closure |
| Company data | Company name, CRO no., VAT no., address | Contract performance / DSA Art. 22 | 7 years post-account closure |
| Insurance documents | Policy documents, expiry dates, AI-parsed details | Legitimate interest (platform safety) | Duration of account + 7 years |
| Qualification documents | Certificates, licence numbers, expiry dates | Legitimate interest (platform safety) | Duration of account + 7 years |
| Financial data | Stripe Connect account ID, payout history | Contract performance / legal obligation | 7 years |
| Location data | Service area centre coordinates, radius | Contract performance (job matching) | Duration of account |
| Performance data | Ratings, reviews, job completion stats | Legitimate interest | Duration of account + 3 years |
| DAC7 tax reporting data | TIN/PPS number, gross payments, transaction counts, fees deducted | Legal obligation (DAC7 / SI 609/2022) | 10 years (DAC7 record-keeping requirement) |
| Team member data | Name, email, phone, role (for team accounts) | Legitimate interest / contract performance | Duration of account owner's account + 7 years |
Sensitive Information
We do not directly process sensitive personal information. However, as part of trader identity verification, Stripe Identity processes biometric data (facial images captured from a selfie and compared against an uploaded government-issued ID document) on our behalf. This biometric processing is performed entirely by Stripe — Jobiit does not receive, store, or have access to the raw biometric data. Stripe retains this data in accordance with their own privacy notice. The legal basis for this processing is explicit consent (GDPR Art. 9(2)(a)), which traders provide during the identity verification flow. You may withdraw consent by contacting us, though this may result in your account being restricted as identity verification is a platform requirement.
Payment Data
We do not collect or store payment card details. All payment data is handled and stored by Stripe, Inc. You may find their privacy notice here: https://stripe.com/ie/privacy.
Application Data
If you use our mobile application, we may also collect the following information if you choose to provide us with access or permission:
- Geolocation information. We may request access to track your device's location while you are using the app, to enable job matching and distance calculations. You can change your permissions at any time via your device settings. Location data is cached for no more than 24 hours.
- Mobile device access. We may request access to your mobile device's camera (for uploading job photos and documents). You can change your permissions at any time via your device settings.
- Push notifications. We may request to send you push notifications regarding your account, jobs, quotes, and payments. You can opt out at any time via your device settings.
This information is primarily needed to maintain the security and operation of our application, for troubleshooting, and for our internal analytics and reporting purposes.
Google API
Our use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
2. HOW DO WE PROCESS YOUR INFORMATION?
We process your personal information for a variety of reasons, depending on how you interact with our Services, including:
- To facilitate account creation and authentication and otherwise manage user accounts.
- To deliver and facilitate delivery of services to the user, including matching customers with traders based on location, service category, and availability.
- To respond to user inquiries and offer support. We may process your information to respond to your inquiries and resolve issues via our in-app support and email.
- To fulfil and manage orders, payments, returns, and exchanges made through the Services, including processing deposits, final payments, platform fees, and invoices via Stripe.
- To enable user-to-user communications. We may process your information in order to enable communications between customers and traders regarding jobs, quotes, and scheduling.
- To comply with legal obligations, including DAC7 tax reporting to Revenue Commissioners, responding to data subject access requests, and cooperating with law enforcement.
- To save or protect an individual's vital interest. We may process your information when necessary to save or protect an individual's vital interest, such as to prevent harm.
- To share information with matched traders. When you post a job, your job details and address are shared with traders in the relevant service area to enable quoting. Your precise address is only shared with traders who are matched to your job.
- To maintain platform integrity and audit trails. We log administrative actions taken on the platform (e.g., account approvals, suspensions, dispute resolutions) in an internal audit log. These logs may contain references to your account or job data and are retained for the purpose of accountability, fraud prevention, and regulatory compliance.
3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?
The General Data Protection Regulation (GDPR) requires us to explain the valid legal bases we rely on in order to process your personal information. We may rely on the following legal bases:
- Consent. We may process your information if you have given us specific consent to use your personal information for a specific purpose (e.g., marketing communications, push notifications, external marketing use of reviews). You can withdraw your consent at any time by contacting us at privacy@jobiit.com or via app settings.
- Performance of a Contract. We may process your personal information when we believe it is necessary to fulfil our contractual obligations to you, including providing our Services, or at your request prior to entering into a contract with you.
- Legal Obligations. We may process your information where we believe it is necessary for compliance with our legal obligations, including: GDPR data subject rights, DAC7 tax reporting to Revenue Commissioners (SI 609/2022), DSA trader traceability requirements, and retention of financial records under TCA 1997 s.886.
- Legitimate Interests. We may process your information when we believe it is reasonably necessary to achieve our legitimate business interests, provided those interests do not override your fundamental rights and freedoms. Our legitimate interests include: platform safety (insurance/qualification verification), fraud prevention, analytics, and service improvement.
- Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.
Jobiit is the data controller for all personal information collected through the Services. In limited circumstances, where we process data on behalf of a trader company's team members, we may act as a data processor in accordance with a data processing agreement.
4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
Third-Party Service Providers (Data Processors)
We share your data with the following categories of third-party processors to operate our Services:
- Stripe, Inc. (US) — Payment processing, identity verification (Stripe Identity — including biometric facial matching against government-issued ID documents), invoice generation, Stripe Terminal (Tap to Pay). Stripe is certified under the EU-US Data Privacy Framework. Stripe processes biometric data on behalf of Jobiit during trader identity verification; Jobiit does not receive or store the raw biometric data.
- Google Cloud Platform (US/EU) — Document AI processing (insurance/qualification verification), Cloud Storage (document hosting), Maps API (geocoding, distance calculations), Cloud Logging (application logs in production, which may contain user IDs, request metadata, and IP addresses). Google operates under Standard Contractual Clauses.
- Firebase / Google — Authentication, push notifications (FCM), mobile app analytics (SDK-based — see Section 12), and website analytics (cookie-based — see Section 5). Firebase Analytics on the website uses cookies and is subject to your cookie consent preferences.
- Cloudinary (US/Israel) — Photo storage and delivery (job photos, profile images).
- SendGrid / Twilio (US) — Transactional email delivery.
- Plain.com — Customer support messaging.
- Termly — Cookie consent management.
Data Recipients (Public Authorities)
- Revenue Commissioners (Ireland) — Annual reporting of trader income, transaction counts, and tax identification data as required by DAC7 (EU Directive 2021/514 / SI 609/2022). This is a legal obligation, not a voluntary disclosure. Revenue may share this data with tax authorities in other EU Member States under the automatic exchange of information framework.
Business Transfers
We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
Other Users
When you share personal information (for example, by posting a job, submitting a quote, or leaving a review) or otherwise interact with public areas of the Services, such personal information may be viewed by other users and may be publicly available. If you interact with other users of our Services, they may see your name, profile, and description of your activity (e.g., job requests, quotes, ratings, and reviews). Traders may post a public response to any review left on their profile.
Google Maps Platform APIs
We may share your information with certain Google Maps Platform APIs (e.g., Google Maps API, Places API). Google Maps uses GPS, Wi-Fi, and cell towers to estimate your location. GPS is accurate to approximately 20 metres, while Wi-Fi and cell towers help improve accuracy when GPS is unavailable. Google processes location data in accordance with their privacy policy. We cache Google Maps location data for no more than 24 hours. You can revoke your consent to location collection at any time via your device settings.
5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
We may use cookies, web beacons, and similar tracking technologies to access or store information on our website. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Notice.
The jobiit.com website uses the following cookie-based technologies:
- Firebase Analytics — Measures website engagement including page views, user interactions, and performance metrics. Uses cookies to track sessions. Legal basis: consent (controlled via cookie consent banner). You may opt out by declining analytics cookies.
- Stripe.js — Required for payment processing on the website. Uses cookies for fraud detection. Legal basis: contract performance (strictly necessary).
- Cookie consent preferences — We store your cookie consent choices in a browser cookie (
jobiit_cookie_consent, 365-day expiry). This is a strictly necessary cookie and does not require consent.
For mobile apps, see Section 12 (Mobile App Analytics) regarding SDK-based data collection, which is distinct from cookie-based tracking.
6. AUTOMATED DECISION-MAKING & AI PROCESSING
We use AI-powered products and automated processing in the following ways:
- Document AI (Google Cloud AI): Insurance and qualification documents uploaded by traders are processed by Google Cloud Document AI to extract policy details (coverage amounts, expiry dates, insurer details) and perform text analysis. This assists our review but does not result in fully automated decisions — traders review AI-parsed data via a confirmation screen, and account approval involves human review. You have the right to request human review of any automated assessment that affects your account status.
- Job matching: Jobs are automatically matched to traders based on service area (geographic proximity), service categories, and availability. This is necessary for contract performance and does not involve profiling.
- Account deactivation: Trader accounts may be automatically restricted if insurance or qualifications expire. Traders are notified 30 days in advance and can update their documents to prevent restriction.
All personal data processed through AI products is handled in accordance with this Privacy Policy and our agreements with third-party AI providers. Jobiit is committed to transparency in its use of AI systems in accordance with the EU AI Act.
7. HOW LONG DO WE KEEP YOUR INFORMATION?
We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).
| Category | Retention Period | Legal Basis |
|---|---|---|
| Active accounts | Duration of account | Contract |
| Closed accounts (core data) | 7 years post-closure | TCA 1997 s.886 (tax/audit) |
| Job records | 7 years post-completion | Tax/contractual records |
| Payment/invoice records | 7 years | TCA 1997 s.886 |
| Support communications | 3 years | Legitimate interest |
| Marketing data | Until consent withdrawn | Consent |
| Identity verification data | Managed by Stripe | Stripe's retention policy |
| DSA trader traceability data | 6 months after account termination | DSA Art. 22(3) |
| DAC7 tax reporting records | 10 years from date of report | DAC7 / SI 609/2022 record-keeping |
| Team member data | Duration of account owner's account + 7 years | Contract / legitimate interest |
| Admin audit logs | 7 years | Legitimate interest (accountability / fraud prevention) |
| Application logs (Cloud Logging) | 90 days | Legitimate interest (debugging / security) |
| Cookie consent preferences | 365 days (browser cookie) | Strictly necessary |
After retention periods expire, data is permanently deleted or irreversibly anonymised. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
8. DO WE COLLECT INFORMATION FROM MINORS?
We do not knowingly collect, solicit data from, or market to children under 18 years of age, nor do we knowingly sell such personal information. By using the Services, you represent that you are at least 18 years of age. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and delete all personal data not subject to legal retention obligations (e.g., tax records required under TCA 1997 s.886). Data subject to legal retention will be anonymised to the maximum extent possible.
If you become aware of any data we may have collected from children under age 18, please contact us at privacy@jobiit.com.
9. WHAT ARE YOUR PRIVACY RIGHTS?
In the EEA and UK, you have certain rights under applicable data protection laws. Under GDPR, you have the right to:
- Access: Request a copy of all personal data we hold about you. We will respond within 30 days. No identity verification beyond your logged-in session is required for in-app requests.
- Rectification: Request correction of inaccurate personal data via the app or by contacting us.
- Erasure ("Right to be Forgotten"): Request deletion of your personal data, subject to our legal retention obligations (e.g., 7-year tax records under TCA 1997, 10-year DAC7 records). Data subject to legal retention will be anonymised rather than deleted. We will notify our third-party processors (Stripe, Cloudinary, GCS, Firebase, SendGrid, Plain) to delete your data from their systems.
- Portability: Receive your data in a structured, machine-readable format (JSON).
- Object: Object to processing based on legitimate interest. We will cease processing unless we demonstrate compelling legitimate grounds.
- Restrict processing: Request restriction of processing while a complaint is being resolved.
- Withdraw consent: For consent-based processing (e.g., marketing, push notifications, external marketing use of reviews), withdraw at any time via app settings or by contacting us. Withdrawal does not affect the lawfulness of prior processing.
- Automated decision-making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. See Section 6 for details on how we use automated processing.
- Lodge a complaint: With the Irish Data Protection Commission (DPC) at www.dataprotection.ie, or with your local supervisory authority if you reside outside Ireland.
If you are a resident of Switzerland, you may also contact the Federal Data Protection and Information Commissioner.
To exercise any of these rights, contact us at privacy@jobiit.com or submit a data subject access request at https://app.termly.io/dsar/2ec1826d-9ae3-4c05-b6d2-f09d20b32f58. We will not charge a fee for processing your request.
Withdrawing Your Consent
If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. You can withdraw your consent by contacting us at privacy@jobiit.com, or by updating your preferences in the app settings. Please note that this will not affect the lawfulness of the processing before its withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
Opting Out of Marketing
You can unsubscribe from our marketing emails at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us at privacy@jobiit.com. You will then be removed from the marketing lists. However, we may still communicate with you — for example, to send you service-related messages that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.
Account Information
If you would at any time like to review or change the information in your account or terminate your account, you can:
- Log in to your account settings and update your user account
- Contact us at support@jobiit.com
Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information as necessary for our legitimate business interests, to prevent fraud, to comply with legal obligations (including tax retention requirements), to resolve disputes, and to enforce our applicable terms.
10. LOCATION DATA
- Customers: Your job address coordinates are used to match you with nearby traders. Your precise address is shared only with matched/quoting traders.
- Traders: Your service area centre and radius are used to match you with nearby jobs. Your exact home/office address is not shared with customers.
- Location data is stored using encrypted geographic coordinates. We do not track real-time movement.
11. IN-PERSON PAYMENT DATA (STRIPE TERMINAL / TAP TO PAY)
Jobiit facilitates in-person card payments through Stripe Terminal (Tap to Pay on iPhone). When a trader takes a card payment in person:
- Card data (card number, expiry, CVV) is processed entirely by Stripe's Terminal SDK and is never transmitted to, stored by, or accessible to Jobiit.
- Jobiit receives only the payment confirmation, amount, and Stripe payment intent ID.
- PCI DSS compliance for in-person payments is managed by Stripe. Jobiit does not process, store, or transmit cardholder data.
- Transaction records (amount, date, job reference) are retained by Jobiit for 7 years in accordance with tax/audit obligations.
12. MOBILE APP ANALYTICS & SDK DATA COLLECTION
The Jobiit mobile apps collect analytics data via Firebase Analytics SDK (not cookies). This includes: app opens, screen views, feature usage, crash reports, and device metadata (OS version, device model, app version). This data is collected via the SDK embedded in the app, not via cookies or browser-based tracking.
The legal basis for this processing is legitimate interest (GDPR Art. 6(1)(f)) — specifically, Jobiit's interest in monitoring app performance, identifying bugs, and improving the user experience. The ePrivacy Directive cookie consent requirements (SI 336/2011) do not apply to SDK-based mobile analytics. You may opt out of analytics data collection via your device's operating system settings.
13. INTERNATIONAL DATA TRANSFERS
Your data may be transferred to and processed in countries outside the EEA (primarily the United States) by our sub-processors. For each transfer, we ensure an adequate level of protection through one of:
- EU-US Data Privacy Framework (Stripe)
- Standard Contractual Clauses (SCCs) approved by the European Commission (Google, Cloudinary, Twilio/SendGrid)
- Adequacy decisions where applicable
You may request a copy of the relevant SCCs by contacting privacy@jobiit.com. A full list of sub-processors is available on request.
14. DATA BREACH NOTIFICATION
In the event of a personal data breach, we will:
- Notify the Irish Data Protection Commission within 72 hours where the breach is likely to result in a risk to your rights and freedoms.
- Notify affected users without undue delay if the breach is likely to result in a high risk to their rights and freedoms.
- Maintain an internal breach register documenting all incidents.
15. CONTROLS FOR DO-NOT-TRACK FEATURES
Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognising and implementing DNT signals has been finalised. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Policy.
16. DO WE MAKE UPDATES TO THIS NOTICE?
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. The updated version will be indicated by an updated "Last updated" date at the top of this Privacy Policy.
When we make material changes, we will notify you by email or in-app notification at least 30 days before the changes take effect. Your continued use of the Services after the effective date constitutes acceptance of the updated Privacy Policy. If we make material changes to this Privacy Policy, we may also post a prominent notice on our website and/or application.
17. HOW CAN YOU CONTACT US?
If you have questions or comments about this Privacy Policy, you may contact us:
Data Controller: Jobiit Technologies Limited
- Data Protection Contact: privacy@jobiit.com
- General enquiries: support@jobiit.com
- Phone: +353 89 618 4576
- Postal address: 79 Berford, Duleek, County Meath, A92 E67F, Ireland
EEA Representative (GDPR Art. 27): Daniel Rossi, 79 Berford, Duleek, County Meath, A92 E67F, Ireland Email: dan@jobiit.com | Phone: +353 89 618 4576 | Website: jobiit.com
You also have the right to lodge a complaint with the Irish Data Protection Commission (DPC):
- Website: www.dataprotection.ie
- Address: 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland
- Phone: +353 1 765 0100 / 1800 437 737
18. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?
Based on the applicable laws of your country or state of residence, you may have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information.
To exercise these rights, you can:
- Submit a data subject access request at: https://app.termly.io/dsar/2ec1826d-9ae3-4c05-b6d2-f09d20b32f58
- Contact us at privacy@jobiit.com
- Use the in-app account settings to review and update your information
We will consider and act upon any request in accordance with applicable data protection laws.