Delete your HelpingHands account

HelpingHands is a mobile marketplace for short video help sessions, operated by VDGT Consultancy BV (CBE 1004820426, Belgium). This page explains how to request deletion of your HelpingHands account and what happens to your data afterwards. It satisfies our obligation under Article 17 GDPR (right to erasure) and the account-deletion disclosure requirements of the Apple App Store and Google Play Store.

The fastest way to delete your account is from the app itself:

1. Open the HelpingHands app and sign in with the account you want to delete.
2. Open Settings (profile icon → Settings).
3. Scroll to the bottom and tap Delete account.
4. Confirm your password when prompted.
5. Read the grace-period notice and tap Confirm deletion.

Your account is immediately scheduled for deletion. You can still sign in during a 30-day grace period to cancel the request — after that, deletion is final and irreversible.

If you have lost access to your account (forgotten password, lost device, account locked) you can request deletion by e-mail. Send a message from the e-mail address associated with the account to [email protected] with the subject line "Account deletion request" and include:

• the e-mail address registered on the account;
• your first and last name as registered;
• a brief confirmation that you wish to delete the account.

We will verify your identity (typically by replying to the registered e-mail address with a confirmation link or code) and complete the deletion within 30 days of verification, in line with Article 12(3) GDPR.

When deletion is completed (after the 30-day grace period or after e-mail verification), the following data is permanently removed:

• your profile (name, e-mail address, profile photo, language preferences, country of residence);
• your authentication credentials (password hash, linked Apple/Google identifiers);
• your skills, availability, hourly rate (helpers);
• your in-app chat messages and notification history;
• your push-notification tokens;
• your saved payment-method references held by us (your payment-card data itself is held by Stripe and deleted on the same basis — see §6).

Some data must be retained after account deletion to comply with mandatory legal retention periods. After deletion, this data is no longer associated with your account profile but remains in the underlying records:

• Transaction data (invoices, refunds, platform-fee receipts): retained for at least 7 years under Article III.86 of the Belgian Code of Economic Law (statutory bookkeeping obligation).
• DAC7 tax-compliance data for helpers (date of birth, TIN, home address, tax-residence country, VIES validation payload, statement-acceptance audit): retained for 10 years from the end of the calendar year to which it relates, in line with the Belgian transposition of Council Directive 2021/514 (Law of 21 December 2022).
• Help-request descriptions: anonymised on deletion — your name and identifiers are removed, but the description text may remain associated with the helper's transaction record so the helper retains their service history.
• Reviews you have written: anonymised on deletion (the review remains visible without your name, so the rated helper retains their score history). This balances your right to erasure against the helper's legitimate interest in keeping their accumulated reputation.
• Server logs: maximum 90 days (application logs) or 30 days (framework/proxy logs); cleared automatically by retention rules.

The legal basis for retention is Article 6(1)(c) GDPR (compliance with a legal obligation) and, for review anonymisation, Article 6(1)(f) GDPR (legitimate interests of the platform and other users).

Where third-party processors hold copies of your data on our behalf, deletion propagates as follows:

• Stripe (payment processor): account references and payment-method tokens are deleted; transaction records are retained by Stripe for their own statutory periods under Stripe's privacy policy.
• Agora (video infrastructure): session signalling tokens are short-lived and not persisted; call audio/video content is not recorded.
• Firebase Cloud Messaging (push notifications): your device token is removed.
• OpenObserve (technical telemetry, EU-hosted): application logs are subject to the 90-day retention above; no user-identifying logs are retained beyond that window.

Independently of deletion, you can also exercise:

• Right of access (Article 15 GDPR) and portability (Article 20 GDPR): request a JSON export via Settings → Data export.
• Rectification (Article 16 GDPR): edit your profile data via Settings.
• Restriction (Article 18) and objection (Article 21): contact [email protected].
• Lodge a complaint with the Belgian Data Protection Authority (gegevensbeschermingsautoriteit.be), our lead supervisory authority.

Privacy contact: [email protected] General support: [email protected] Controller: VDGT Consultancy BV — CBE 1004820426 — Belgium