Workday Guest Privacy Statement

Introduction

Data privacy is important to Workday, which includes Workday Inc. and its affiliates. This Workday Guest Privacy Statement describes the collection and processing of information, including personal data, when visiting a Workday office, and if accessing, connecting or communicating on the Workday Guest Wireless Network (“Guest Wifi”). This Guest Privacy Statement does not apply to other Workday websites, products, services or applications.

 

Information Collected

When you visit a Workday office as a guest we collect the following information, including personal data, from you: Name, email address, company name, and Workday host. This information may be collected prior to you visiting one of our offices, or may be provided by you at the time you access one of our offices.

When you visit a Workday office you may access and use the Guest Wifi. When you use the Guest Wifi, Workday collects information about you and your device such as:

  • name;
  • email address;
  • Workday host;
  • operating system version;
  • browser version;
  • regional and language settings;
  • IP address;
  • hardware ID;
  • geographic location; and
  • usage statistics.
  •  

Use of Your Information

When you visit a Workday office we use the information provided to present you a standard non disclosure agreement, send an automated calendar invite, create a name tag, and/or to allow you to access our secure offices. We may also use the information to send you communications related to your visit.

If you choose to connect to Workday’s Guest Wifi, Workday uses the information collected for the following purposes:

  • enable your access to the Guest Wifi;
  • improve the Guest Wifi service;
  • respond to lawful third party requests; and
  • protect the network.

Workday may monitor, prevent and intercept any transmissions made using the Guest Wifi to protect Workday, other users, or the Guest Wifi network.

The personal information collected will be stored in accordance with applicable laws and kept as long as needed to carry out the purposes described in this Privacy Statement or as otherwise required. Generally, this means your personal information will be retained until the end of your visit to a Workday office plus a reasonable period of time thereafter to respond to any inquiries associated with your visit to a Workday office or to deal with any legal matters (e.g. judicial actions).

Workday may share information with (a) third-party service providers that process personal information as data processors on behalf of Workday to provide certain services (e.g., the hosted visitor sign-in application); (b) law enforcement, other government entities, or authorized third parties where Workday has a good faith belief that such disclosure is required to comply with applicable law or to respond to a valid legal process; or (c) as necessary to protect persons from harm.

If Workday goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, your personal information may be among the assets transferred.

EU Privacy Rights

Our legal basis for collecting and using the personal information described above will depend on the personal information and the specific context in which we collect it.

However, we will normally collect personal information from you only where we have your consent to do so, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.

As an EU resident under the General Data Protection Regulation (GDPR), you have a number of rights with regards to your personal data. You have the right to request from Workday access to and rectification or erasure of your personal data, the right to restrict processing, object to processing as well as, in certain circumstances, the right to data portability.

If you have provided consent for the processing of your personal data you have the right to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.

You also have the right to lodge a complaint to the competent data protection supervisory authority if you believe that we have not complied with the requirements of the GDPR with regard to your personal data. If you visit an office in the U.S., Workday, Inc. will be the controller of your personal data.

If you visit an office in Switzerland, one of the member states of the European Union or European Economic Area, the appropriate Workday entity you are visiting, will be the controller of your personal data.

Data Transfers

Personal information collected about you may be stored and processed in your country, the United States, or in any other country where Workday or its subsidiaries and affiliates, or subcontractors maintain operations. Third parties processing personal information on Workday’s behalf are required to comply with applicable laws,including, without limitation, onward transfer requirements.

Workday complies with the U.S. Department of Commerce-maintained EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework regarding the collection, use, and retention of personal information transferred from the European Union and the United Kingdom to the United States, and from Switzerland to the United States, respectively. Workday has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Statement and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

Please click here to view our EU-U.S. & Swiss-U.S. Privacy Shield Notice.

Workday’s privacy practices described in this Statement comply with the APEC Cross Border Privacy Rules System.

Security

Workday employs industry standard security measures to help ensure the security of information. However, the security of information transmitted through the Guest Wifi can never be guaranteed. Workday is not responsible for any interception or interruption of any communications through the Guest Wifi, or for changes to or losses of information.

 

Changes to the Workday Guest Privacy Statement

We reserve the right to change or update this Guest Privacy Statement at any time. The “Last Updated” date at the bottom of the page will be revised when changes are made to the Guest Privacy Statement. In the event of a material change to this Guest Privacy Statement or how Workday processes your information, we will post a notice of such changes prior to the effective date or send you a notice.

 

Contact Us

If you have any questions regarding this Guest Privacy Statement or if you need to update, access, change or request deletion of your information, you can do so by contacting ​privacy@workday.com​ or by or by regular mail addressed to:

Workday, Inc.
Attn.: Privacy Office
6110 Stoneridge Mall Road
Pleasanton, CA 94588
United States

Alternatively, regular mail may also be directed toour European subsidiary, Workday Limited, by addressing it to:

Workday Limited
Attn.: Privacy Office
Kings Building
May Lane
Dublin 7
Ireland

If you are an EEA, UK, or Swiss resident, and are unsatisfied with the responses provided to you regarding the processing of your personal information, you have the right to lodge a complaint with your local data protection supervisory authority.

TRUSTe

Last Updated: May 30, 2019