Recruitment Privacy Statement

Last Updated: January 2, 2020


We are Workday, a global group of companies with offices all over the world. Workday is committed to protecting the personal data of anyone who applies to work at any Workday company as an employee, contingent worker, contractor, or intern.

This Recruitment Privacy Statement describes Workday’s collection, use, disclosure, transfer, and storage of personal data as part of our recruitment process for companies in the Workday group. It provides details on your personal data rights and how to exercise your rights with us.


Quick links.

We recommend that you read this Recruitment Privacy Statement in full to ensure you are fully informed; however, if you only want to access a particular section you can click on the relevant link below to jump to that section:

Personal data we collect

How we use your personal data

Disclosure of data

Data transfers

Data retention

Automated decisions

Your rights over your personal data

Legal basis for processing


Changes to this Privacy Statement

How to contact us


Personal data we collect.

To apply for a position within Workday, you will create an account on the Workday careers site portal. The portal requires an email address and password to authenticate you to your account.

Additional basic contact information, such as name, email address. and phone number, is also required to create your profile and for the recruitment process to work.

When you submit a job application on the careers site, you will be asked to supply your resumé/CV so that we have your employment background and your academic and professional qualifications in order to be considered for a role.

Where expenses incurred in the recruitment process are covered by Workday, we will ask you to share your banking details so that the expense costs can be reimbursed to you.

You can apply for a role with Workday using a number of third-party career sites, for example SEEK, LinkedIn, etc. This will connect your profile from these systems with the Workday job application.

For some roles, we may request candidates to perform candidate matching assessments with a third-party talent management organization.

As part of our commitment to diversity and inclusion, where permitted or required by law, we will ask you to provide information such as ethnicity, sexual orientation, or gender identity.

Later in the recruitment process, we may collect additional identity information to complete background checks.

When you visit the Workday Recruitment site, we or our service providers may use cookies, web beacons, tags, and scripts.

We mostly collect your personal data directly from you with a few exceptions, including:

  • Recruitment agencies that you have asked to support you in finding a job
  • Workday personnel who have referred you
  • Background checking company that will verify the accuracy of information that you have provided


How we use your personal data.

We will use your contact information, such as email and telephone number, to keep in touch with you and send you relevant information throughout the course of your recruitment journey with us. We may also contact you with roles that we believe may be of interest to you.

During the application process, we will process your resumé/CV information to check your skills and experience against the position for which you have applied. If we ask you to complete a candidate matching assessment with a talent management company, we will include the match results in the recruitment process. We will also capture additional personal data during in-person and/or remote interviews to assess your suitability for the job.

We will use your bank account details to reimburse you if you have claimed for expenses associated with the Workday recruitment process.

If you are successful in the interview process, we will carry out background checks and validation of your experience and academic and professional qualifications. We will use a third-party organization to perform these checks and will share the CV and identity information that you have provided. Background checks will be completed only as permitted by local law.

If you accept an offer for a position at Workday, your personal data will transfer to your personnel file.

In certain Workday locations, we are required by law to provide reports on the diversity of our recruitment talent pools and will need to send reports to the relevant authorities covering a particular time period.

If you are not successful in the interview process, we will hold on to your details so that we may reach out to you and invite you to apply for other positions that we think may be a good fit for you. If you don’t want us to do this, you can let us know.

We use cookies and similar technologies to authenticate your access to the careers site, and to capture your interactions, preferences, transactional information, and other device and connection information relating to your use of the site.

These technologies are also used when you use the “Apply with LinkedIn” or “Apply with SEEK” options on the open positions.


Disclosure of data.

We will share your personal data internally within Workday to allow the job application and recruitment processes to work. Your data will only be shared with those people in Workday who need to view your data to do their job.

We will share your personal data with the following categories of third parties:

  • Background-checking organizations that perform the background checks to verify employment history, and academic and professional achievements
  • Third-party service providers that support the Workday Recruitment process
  • Third parties that you instruct Workday to share your personal data with
  • Government agencies or authorities where laws require us to share your data
  • Law enforcement or government agencies where we have a good-faith belief we must share the data to comply with the law, protect individuals/the general public, or to respond to a valid legal process

Third-party organizations that we use to process data on our behalf must protect your data to the same standard as Workday and only process the data as we have instructed.

Workday does not sell personal data that it collects or processes as part of the recruitment process or any related processes.


Data transfers.

Your personal data may be processed in the countries where you have applied for a job, the United States, or any other country where Workday or its subcontractors have operations. Third-party organizations processing personal data for Workday must comply with all relevant privacy laws in order to protect your personal data in any country where they process or transfer the data.

Workday complies with the U.S. Department of Commerce-maintained EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework regarding the collection, use, and retention of personal data transferred from the European Union, Switzerland, or the United Kingdom to the United States. Workday has certified to the Department of Commerce that it adheres to the Privacy Shield Principles and this is verified by TrustArc. If there is any conflict between the terms in this Privacy Statement and the Privacy Shield Principles, the Privacy Shield Principles will be used.

For more information about Privacy Shield, click here. To view Workday’s EU-U.S. and Swiss-U.S. Privacy Shield Notice, click here.

Additionally, Workday’s privacy practices described in this statement have been verified by TrustArc as compliant with APEC Cross Border Privacy Rules System.



Automated decisions.

We do not perform automated decision-making as part of our recruitment processes.


Data retention.

Workday will retain your data at least as long as necessary to fulfill the service that you have requested, comply with any laws or regulations, resolve disputes, and enforce our agreements. Workday may retain your data longer with your consent or for a legitimate business interest where we have assessed the business benefit and confirmed that this is not outweighed by your personal rights and freedoms.


Your rights over your personal data.

Depending where you are located, you may have certain rights over the personal data we hold about you, subject to local privacy laws. These may include the right to:

  • Access the personal data we hold about you
  • Have incorrect personal data updated or deleted
  • Have your personal data deleted
  • Restrict the use of your personal data
  • Object to certain uses of your personal data
  • Receive a copy of your personal data in an electronic and machine-readable format
  • Receive the categories of sources from whom we collected your personal data
  • Not to be subject to automated decision-making

Workday will not discriminate against you for exercising your rights.

You, or an authorized individual who we can verify is acting on your behalf, can exercise the applicable rights by contacting us using the contact details at the bottom of this Statement.

You also have the right to complain directly to a data protection authority about our collection and use of your personal data.


Legal basis for processing personal data.

Our legal grounds for collecting and using your personal data as described in this privacy statement fall into the following four categories.

Consent: In some cases, we ask you for your consent to process your personal data. You can withdraw your consent at any time, which will not affect the lawfulness of the processing before your consent was withdrawn. If you would like to withdraw your consent, you can do so by emailing

Legitimate Interest: We process certain data for the legitimate interests of Workday, our affiliates, our partners, or our customers. These legitimate interests include, for example, improving effectiveness and efficiency in our recruitment processes and detecting, preventing, and investigating illegal activities and potential security issues. We will rely on our legitimate interests for processing personal data only after balancing our interests and rights against the impact of the processing on individuals.

Performance of a Contract: We process personal data to perform our obligations under an agreement we have with you. For example, we use your personal information to make you a job offer or complete a contract of employment with you.

Other Legal Bases: In some cases, we may have a legal obligation to process your personal data, such as in response to a court or regulator order. We also may need to process your personal data to protect vital interests, or to exercise, establish, or defend legal claims.



We use technical and organizational measures that provide a level of security appropriate to the risk of processing your personal data. However, the security of information transmitted through the internet can never be guaranteed. You are responsible for maintaining the security of your password or other form of authentication involved in accessing password-protected or secured areas of any Workday recruitment web page. Access to and use of password protected and/or secure areas of any ​Workday recruitment web pages​ is restricted to authorized users only.


Changes to this Privacy Statement.

This Recruitment Privacy Statement may be amended or revised from time to time at Workday’s discretion. The most recent document is available via the Workday careers webpages. We encourage you to periodically review this Recruitment Privacy Statement for any changes. For new users, changes or updates are effective upon posting. For existing users, changes or updates are effective 30 days after posting.


How to contact us.

If you have any questions about this Statement, or wish to exercise your rights, please contact the Privacy Team at or by regular mail addressed to:

Contact details of business/controller Contact details of EU subsidiary
Workday, Inc.
Attn.: Privacy
6110 Stoneridge Mall Road
Pleasanton, CA 94588
Workday Limited
Attn.: Privacy
Kings Building
May Lane
Dublin 7 Ireland

To contact the Data Protection Officer, please email

Workday will respond to your request within a reasonable timeframe or as required by law.

If you have an unresolved EEA or Swiss privacy or data use concern that we have not addressed satisfactorily, you have the right to lodge a complaint with the relevant EU data protection authority or the Swiss Federal Data Protection and Information Commissioner, as applicable. If you have a non-EEA or non-Swiss privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at