Workday Guest Privacy Statement
Data privacy is important to Workday, which includes Workday, Inc and its affiliates. This Workday Guest Privacy Statement describes the collection and processing of information when visiting a Workday office, and if accessing, connecting or communicating on the Workday Guest Wireless Network (“Guest Wifi”). This Guest Privacy Statement does not apply to other Workday sites, products, services or applications.
When you visit a Workday office as a guest we collect the following information from you: Name, email address, company name, and Workday host. This information that you have provided to Workday may be entered by us prior to you visiting one of our offices, or may be provided by you at the time you access one of our offices.
When you visit a Workday office you may access and use the Guest Wifi. When you use the Guest Wifi Workday collects information about you and your device such as:
- email address;
- Workday host;
- operating system version;
- browser version;
- regional and language settings;
- IP address;
- hardware ID;
- geographic location; and
- usage statistics.
Use of Your Information
When you visit a Workday office we use the information provided to present you a standard non disclosure agreement, send an automated calendar invite, create a name tag, and/or to allow you to access our secure offices. We may also use the information to send you communications related to your visit.
If you choose to connect to Workday’s Guest Wifi Workday uses the information collected for the following purposes:
- enable your access to the Guest Wifi;
- improve the Guest Wifi service;
- respond to lawful third party requests; and
- protect the network.
Workday may monitor, prevent and intercept any transmissions made using the Guest Wifi to protect Workday, other users, or the Guest Wifi network.
The personal information collected will be stored in accordance with applicable laws and kept as long as needed to carry out the purposes described in this Privacy Statement or as otherwise required. Generally this means your personal information will be retained until the end of your visit to a Workday office plus a reasonable period of time thereafter to respond to any inquiries associated with your visit to a Workday office or to deal with any legal matters (e.g. judicial actions).
Workday may share information (a) with third party service providers which process personal information as data processors on behalf of Workday to provide certain services; (b) law enforcement, other government entities, or authorized third parties where Workday has a good faith belief such disclosure is required to comply with applicable law or to respond to a valid legal process; or (c) as necessary to protect persons from harm.
The information collected may also be shared if Workday goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, your personal information may be among the assets transferred.
European Privacy Rights
If you are a guest in the European Economic Area, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.
However, we will normally collect personal information from you only where we have your consent to do so, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
Under the General Data Protection Regulation (GDPR) you have a number of rights with regard to your personal data. You have the right to request from us access to and rectification or erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability.
If you have provided consent for the processing of your personal data you have the right to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.
If you are a European Workday guest, you also have the right to lodge a complaint to the competent data protection supervisory authority if you believe that we have not complied with the requirements of the GDPR with regard to your personal data.
If you visit an office in the U.S., Workday, Inc. will be the controller of your personal data. If you reside in Switzerland, the European Union or European Economic Area or visit an office in Switzerland, one of the member states of the European Union or European Economic Area, the appropriate Workday affiliate identified below will be the controller of your personal data.
|Name of Entity||Country|
|Workday Austria GmbH||Austria|
|Workday Belgium SPRL||Belgium|
|Workday Denmark ApS||Denmark|
|Workday Finland Oy||Finland|
|Workday Italy S.r.l.||Italy|
|Workday (NZ) Unlimited||New Zealand|
|Workday Norway AS||Norway|
|Workday Polska sp z o.o.||Poland|
|Workday Espana SL||Spain|
|Workday Sweden Aktiebolag||Sweden|
|Workday Switzerland GmbH||Switzerland|
|Workday (UK) Limited||United Kingdom|
Personal information collected about you may be stored and processed in your region, the United States, or in any other country where Workday or its subsidiaries and affiliates, or subcontractors maintain operations. Third parties processing personal information on Workday’s behalf are required to comply with applicable laws, including without limitation onward transfer requirements.
Workday complies with the U.S. Department of Commerce-maintained EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively. Workday has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Statement and the Privacy Shield Principles, the Privacy Shield Principles shall govern.
To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.
Please click here to view our EU-U.S. & Swiss-U.S. Privacy Shield Notice.
Workday’s privacy practices described in this Statement comply with the APEC Cross Border Privacy Rules System.
Workday employs industry standard security measures to help ensure the security of information. However, the security of information transmitted through the Guest Wifi can never be guaranteed. Workday is not responsible for any interception or interruption of any communications through the Guest Wifi, or for changes to or losses of information.
Changes to the Workday Guest Privacy Statement
We reserve the right to change or update this Guest Privacy Statement at any time. The “Last Updated” date at the bottom of the page will be revised when changes are made to the Guest Privacy Statement. In the event of a material change to this Guest Privacy Statement or how Workday processes your information, we will post a notice of such changes prior to the effective date or send you a notice.
If you do not agree to the collection and use of your personal information as described above, please do not use the guest registration tools that have been provided. Please contact your Workday host to make other arrangements.
If you have any questions regarding this Guest Privacy Statement or if you need to update, access, change or request deletion of your information, you can do so by contacting email@example.com or by or by regular mail addressed to:
6110 Stoneridge Mall Road
Pleasanton, CA 94588
Alternatively, regular mail may also be directed toour European subsidiary, Workday Limited, by addressing it to:
Dublin 7 Ireland
If you are a resident in the European Union, and are unsatisfied with the responses provided to you regarding the processing of your personal information you have the right to lodge a complaint with the relevant data protection supervisory authority.
Last Updated: May 24, 2018