UNCATEGORIZED

How Long Should You Keep Time and Activity Logs of Your Remote Workers ?

Last updated: January 9, 2026 By Mark

Before we get into the numbers, understand why this matters at all.

Time and activity logs aren’t just about knowing who worked when.

They’re your evidence if:

  • The IRS or BIR (Bureau of Internal Revenue in the Philippines) comes knocking
  • A VA disputes their hours or payment
  • You need to prove compliance with labor laws
  • There’s a disagreement about what work was actually done

Most businesses think “I’ll just keep everything forever to be safe.”

That creates two problems.

First, storage costs add up when you’re keeping years of screenshots and detailed activity data.

Second, privacy laws like GDPR actually penalize you for keeping personal data longer than necessary.

You need a middle ground.

Stop worrying about dispute windows and missing records.

Get real-time time tracking with built-in approval workflows that create audit-ready records automatically.

Get Started

Policies Worth Knowing About

If you’re based elsewhere or managing VAs from multiple countries, here are the key retention periods:

United States: The Fair Labor Standards Act says you must keep payroll records for at least three years.

Australia: Employers must keep time and wages records for seven years under Fair Work regulations.

New Zealand: Wages, time records, and leave records must be kept for six years, even after someone leaves.

Canada: The Canada Revenue Agency expects payroll records kept for six years from the end of the last tax year they relate to.

European Union and UK: GDPR requires keeping data for the shortest time possible, but national labor and tax laws often require five to seven years for payroll and HR records. Many UK employers keep payroll records for six years or more.

Philippines: The Department of Labor and Employment requires employers to preserve payroll and employment records for at least three years

If you operate across multiple jurisdictions, use the longest requirement that applies to you.

What Kind of Logs Are We Actually Talking About

Not all time logs are created equal.

There are different types of data you might be collecting, and they have different retention needs.

Raw activity detail includes things like:

  • Screenshots from time tracking software
  • Keystroke and mouse activity levels
  • App and website usage logs
  • Minute-by-minute activity data

Summarized work logs include:

  • Date worked
  • Project or task descriptions
  • Total billable hours
  • Manager approvals

Payment records tied to logs include:

  • Invoices showing hours worked
  • Payment confirmations
  • Currency conversion records
  • Tax documentation

Each category serves a different purpose and should be kept for different lengths of time.

What Actually Happens in Disputes

It helps to understand how disputes actually play out in the real world.

Looking at VA and freelancer communities (especially Upwork discussions), a few patterns emerge.

Disputes are time-bounded. Clients have a short window (usually a few days after the billing week closes) to dispute logged hours. After that, hours are effectively locked in from the platform’s perspective.

Quality matters more than quantity. Clean work segments with reasonable activity matter far more than hoarding years of old screenshots. Low-activity segments and off-task screenshots routinely lead to lost disputes or forced deletions.

Client perception is real. Many VAs voluntarily delete low-activity or questionable segments immediately, not for compliance, but because clients react badly to seeing them. That alone can trigger disputes or lost contracts.

The practical implication: build a short, clearly communicated review window where managers can look at detailed logs.

For example: “We retain screenshot-level logs for 60 days for quality assurance and dispute handling.”

After that, rely on aggregated timesheets, invoices, and any platform-level reports.

Those handle the majority of legal and tax risk without the privacy and storage burden.

Building Your Retention Policy

Here’s how to put this into a concrete policy you can actually follow.

For granular activity data (screens, keystroke metrics, app usage):

  • Keep for 30 to 90 days
  • Delete or minimize after that period
  • Exception: preserve longer if there’s an active dispute, investigation, or legal hold

For summarized timesheets and approvals (date, project, task, billable hours, manager signoff):

  • Keep for seven years from the end of the tax year
  • This covers US, Philippine, Australian, New Zealand, and Canadian requirements in one policy

For payment and payroll data tied to those logs:

  • Keep for seven to ten years
  • Align with your accountant’s tax record policy
  • Especially important if you operate across multiple countries

Document your rationale.

Note both the statutory minimums and your legitimate interests: audit defense, dispute resolution, fraud prevention.

This documentation matters if you ever need to explain your policy to a regulator or in a legal proceeding.

What This Looks Like in Practice

Let’s say you run a small agency with five Filipino VAs.

You use time tracking software that captures screenshots every ten minutes.

Here’s what your retention might look like:

Month 1-3: You keep everything. Detailed screenshots, activity levels, timesheets, invoices. This covers your dispute window and gives you data for quality reviews.

Month 4-84 (seven years): You’ve deleted the screenshots and detailed activity. You keep the summarized timesheets showing dates worked, projects, total hours, and manager approvals. You also keep all invoices and payment confirmations.

Year 8-10: You still have payment records for tax purposes, but the detailed timesheets might be archived or deleted depending on your accountant’s guidance and whether any audits are pending.

This approach balances all the competing requirements: legal compliance, privacy principles, practical business needs, and storage costs.

Turn retention policy into actual practice.

Get Started

Common Mistakes to Avoid

Keeping everything forever. Storage is cheap, but privacy violations and data breach liability are expensive. Don’t keep detailed personal data longer than you need it.

Deleting too soon. The flip side: some businesses panic about storage and delete timesheets after a year. That leaves you exposed if the IRS or another authority comes looking three years later.

No documentation. Simply having a retention policy isn’t enough. Document WHY you keep data for specific periods and review that documentation annually.

Forgetting about platform data. If you use Upwork, Fiverr, or similar platforms, they keep their own records. Understand what they preserve and for how long so you’re not duplicating unnecessarily.

Ignoring contractor vs employee classification. The retention requirements can differ based on whether someone is truly independent or functionally an employee. Get this classification right first, then build your retention policy around it.

Final Thoughts

Record retention isn’t exciting.

But it’s one of those foundational things that protects you when something goes wrong.

The good news: once you set up a clear policy and automate what you can, it mostly runs itself.

Keep detailed activity data short (30 to 90 days).

Keep summarized timesheets long (seven years).

Keep payment records even longer if your accountant recommends it (seven to ten years).

Document everything.

That’s the formula.

You’ll sleep better knowing you’re covered if questions come up years down the road.

Share this post

Manage your Filipino team with confidence

Simplify compliance, payroll, and team management for your remote workers in the Philippines with ManagePH's all-in-one platform.

Start Managing Your Team →
← Back to Blog