Privacy Shield Notice

Effective: November 23, 2020

EU-U.S. and Swiss-U.S. Privacy Shield

Workday complies with the U.S. Department of Commerce-maintained EU-U.S. and Swiss-U.S. Privacy Shield Frameworks regarding the collection, use, and retention of personal data transferred from the European Economic Area (“EEA”), Switzerland, or the United Kingdom to the United States. Workday has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  

To learn more about the Privacy Shield Frameworks and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List.

Workday is responsible for processing personal data it receives under the Privacy Shield Frameworks, and subsequently transfers to a third party acting as an agent on its behalf.  Workday complies with the Privacy Shield Principles for all onward transfers of personal data from the EEA, Switzerland, or the United Kingdom, including the onward transfer liability provisions.

While Workday no longer relies on either Privacy Shield Framework as a lawful transfer mechanism, with respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Workday is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.