Privacy Statement

Last updated: 27 March 2020



We are Workday, a group of companies with offices all over the world. Workday is committed to protecting your personal data.

This Privacy Statement describes how Workday collects, uses, discloses, transfers, and stores your personal data as a visitor to or other Workday websites that link to this Privacy Statement (“Website”); our marketing and learning events both online and offline (“Events”); and our business account management. This Privacy Statement describes your choices and rights related to your personal data.

The Workday Service

If you are a user of Workday Cloud-Based Enterprise Applications (the “Service”), please refer to the Workday Service Privacy Statement for more details. In the normal course of using the Workday Service, Customers will input electronic data into the Workday systems (“Customer Data”). Workday will not share or distribute any such Customer Data except as provided in the contractual agreement between Workday and the customer, or as may be required by law.

Your use of the Workday Service is governed by your organisation’s policies. Please direct your privacy questions or concerns to your employer or your organisation’s Workday administrators.


Quick links

We recommend that you read this Privacy Statement in its entirety to ensure you are fully informed; however, if you only want to access a particular section, click the relevant link below to jump to that section:

Personal data we collect

How we use your personal data

Disclosure of data

Data transfers

Data retention

Cookies and tracking technologies

Your rights over your personal data

Legal basis for processing personal data

Workday forums

Workday Cloud Platform

Mobile applications


Changes to this Privacy Statement

How to contact us


Personal data we collect.

As a visitor to the Website you may choose to provide us with your personal data such as:

  • First name
  • Last name
  • Business email
  • Phone number
  • Company name
  • Job level
  • Functional role
  • Street address

To access some areas of the Website, including Workday Community, you will need to have account authentication credentials. As part of your account, you may choose to provide us with additional data, such as:

  • A photo
  • Social media profiles
  • Areas of expertise

If you register to attend a Workday-sponsored Event, we may require certain data, including:

  • First name
  • Last name
  • Business email
  • Company name
  • Emergency contact (in some instances)
  • Dietary preferences (in some instances)
  • Billing information (such as billing name, billing address, and credit card number)

Account management
We collect business contact information for account management purposes related to the use of the Workday Service.

Cookies, web beacons, and other similar technologies
Workday or Workday Service providers may use website tracking technologies to observe your activities, interactions, preferences, transactional information, and other computer and connection information (such as an IP address) relating to your use of our websites and services. We may also use log files, cookies, and similar technologies to collect information about the pages you view, links you click, and other actions you take when accessing our website or emails.

Workday Events mobile application
When you choose to use the Workday Events mobile application, we may collect information from your device, such as your photos, contacts, or geolocation data, to enable some functions in accordance with your device’s privacy settings. For more information about our Workday Events mobile application, please see the section below on Mobile applications.


How we use your personal data

To contact you
Workday uses the data we collect about you to provide Workday websites, services, and support. For example, if you provide data to us in a “Contact us” form, we will use your data to respond to the request.

Workday uses the contact details we collect from you and information about your activity on our websites to send you information that we believe may be of interest to you, such as product announcements, newsletters, educational materials, and details on upcoming events. We also use it to send administrative information, such as notices related to products, services, or policy changes.

In some instances, Workday may combine the data you have provided to us with other publicly available information. We may also purchase data from third parties and combine this with information we have already collected. We process this combined data, via both automated and manual methods, to update, expand, and analyse our marketing leads, identify new customers, and create more tailored advertising.

To plan and manage events
Workday uses your data for event planning and management, including registration, billing, and connecting with other event attendees, or to contact you further about relevant products and services. Any information you provide about emergency contacts or dietary preferences would be used for your safety and health purposes.

For improvement purposes
Workday uses the data we collect to understand how our websites and services are being used and to make improvements. For example, we may use the search queries entered into Workday Community to improve search capabilities or performance. As another example, we may use questions posted or comments on Workday Community to enrich the content or help guide future enhancements to our products and services.

For security and investigations
Workday may use your information to diagnose website technical problems, as well as to prevent, detect, mitigate, and investigate potential security issues, as well as fraudulent or illegal activity.

For education and training
If you participate in a Workday-offered education or training course, your enrolment and attendance information will be recorded to track and potentially report your participation and completion. For example, completion of Workday certifications by a services partner may be visible to Workday and our customers, and completion of a training course may also be visible to the entity making the training available to you. This registration and tracking may be conducted by third parties on behalf of Workday.

To personalise your experience
Workday may also use your data to personalise your experience on our websites. Workday or our services providers use website tracking technologies to display products or features that are tailored to your interests and to present advertising on other sites. For more information on these technologies see the “Cookies and tracking technologies” section below. For more information on managing your choices in relation to cookies, please click “Cookie Preferences” in the footer of this page.


Disclosure of data

Affiliates and service providers
Workday may share data with Workday affiliates and third-party service providers or vendors contracted to provide services on our behalf. These third-party service providers or vendors may use data we provide to them only as instructed by Workday.

Webinars, events, and other activities related to Workday offerings
Workday may offer the following solely or jointly with third parties or partners: webinars, events, whitepaper downloads, or other services related to Workday offerings or services. We may share your contact information and interests in these offerings or services with these approved third parties to communicate with you about Workday.

When you attend an event (either sponsored by Workday or one where Workday is a participating vendor) and have your badge scanned, your data will be shared with Workday, as well as with any partner or third party participating in that event, and potentially with the entity sponsoring your attendance at the event. For example, if your badge is scanned as you attend a session at a Workday-sponsored conference, Workday and any co-presenters will have access to that information to understand who was in attendance, and potentially follow up with you on relevant products or services. If you do not want your data shared with Workday or partners in this manner, do not have your badge scanned. If your badge is scanned by a partner or a third party at an event, your data will be governed by that party’s privacy statement.

Additional disclosures
Workday may disclose data if we have a good faith belief that such action is necessary to (a) conform to legal requirements or comply with legal processes; (b) protect and defend our rights or property; (c) enforce the website Terms and Conditions; and/or (d) act to protect the interests of our users or others.

If Workday goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, your personal data may be among the assets transferred.

Workday does not sell personal data that we collect or process under this Privacy Statement.


Data transfers

Your personal data may be stored and processed in the United States and in any other country where Workday or its affiliates, subsidiaries, or third-party service providers maintain facilities. When you provide personal data to Workday, we may process and transfer your data within the United States and around the world. We follow applicable data protection laws when transferring personal data.

EU-US and Swiss-US Privacy Shield
Workday complies with the US Department of Commerce-maintained EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework regarding the collection, use, and retention of personal data transferred from the European Economic Area (EEA), Switzerland, or the United Kingdom to the United States. Workday has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Statement and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

To learn more about the Privacy Shield Frameworks and to view our certification, visit the US Department of Commerce’s Privacy Shield List.

Workday is responsible for processing personal data we receive under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf.  Workday complies with the Privacy Shield Principles for all onward transfers of personal data from the EEA, Switzerland, or the United Kingdom, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Workday is subject to the regulatory enforcement powers of the US Federal Trade Commission.  In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.


APEC participation
Workday’s privacy practices, described in this Privacy Statement, comply with the APEC Cross-Border Privacy Rules System. The APEC CBPR system provides a framework for organisations to ensure protection of personal information transferred among participating APEC economies. More information about the APEC framework can be found here.



Data retention

Workday will retain your data at least as long as necessary to fulfil the service that you have requested, comply with any laws or regulations, resolve disputes, and enforce our agreements. Workday may retain your data longer for a legitimate business interest where we have assessed the business benefit and confirmed that this is not outweighed by your personal rights and freedoms. Data entered into the Workday Service is retained in accordance with the agreement between the Workday Customer and Workday.


Cookies and tracking technologies

Workday or Workday service providers may observe your activities, interactions, preferences, transactional information, and other computer and connection information (such as an IP address) relating to your use of Workday websites. We may collect and store this data and combine this data with other personal data provided to Workday.

Workday uses cookies and other similar technologies, such as web beacons, HTML5 Local Storage, local shared objects, tags, and scripts on our websites and in email communications. We use these technologies to authenticate your access to various areas of our websites, understand your interests, analyse web traffic, combat fraud, provide interest-based advertising, improve our products and services as further described above in the “Use” section, and tailor content to your preferences. In emails we send, we may use these technologies to track their effectiveness.

You can configure your browser settings to manage certain tracking technology interactions. For some tracking technologies, you may need to take additional steps to manage their use and removal. Please review your browser privacy settings.

Online advertising may use data collected about your web browsing behaviour, such as the pages you have visited or the searches you have conducted. This data may be used to display more relevant advertisements and content to you on non-Workday websites. The data used for targeted advertising may come from Workday or through third-party ad networks.

If you would like to opt out of targeted advertising on our websites, please click here (if you are located in the EEA, United Kingdom, or Switzerland, please click here). Please note, this does not opt you out of being served advertising. You will continue to receive generic ads.

For additional information about the cookies and the tracking technologies Workday uses on our sites, and to manage your preferences, please click “Cookie Preferences” in the footer of this page. Below, please review how Workday uses different categories of cookies.

There are also some cookies that will enable a more personalised experience. If required by local law, these cookies will not be used until you opt in to their functionality.


Type of Cookie Description
Required These cookies and similar technologies enable basic features of the site to function and collect statistical information about visitors to our website to manage site usage. All of the information collected is aggregated and used anonymously.

There are also some cookies that will enable a more personalised experience. If required by local law, these cookies will not be used until you opt in to their functionality.
Functional Functional technologies allow the Workday website to remember information you have entered or choices you make, and provide enhanced and more personalised features based on your interaction with the site.
Advertising Advertising technologies are used to deliver advertising that is relevant to your interests. These technologies are also used to limit the number of times you see an advertisement and to help measure the effectiveness of the advertising campaign. After visiting our site, you may see an advertisement for Workday on another site.

Do Not Track
Without a common industry or legal standard for interpreting Do Not Track (DNT) signals, Workday does not respond to browser DNT signals. We will continue to monitor the further development of a DNT standard by the privacy community and industry.


Your rights over your personal data

Depending on where you are located, you may have certain legal rights over the personal data we hold about you, subject to local privacy laws. These may include the right to:

  • Access the personal data we hold about you
  • Have incorrect personal data updated or deleted
  • Have your personal data deleted
  • Restrict the use of your personal data
  • Object to certain uses of your personal data
  • Receive a copy of your personal data in an electronic and machine-readable format
  • Not to be subject to automated decision-making
  • Receive the categories of sources from whom we collected your personal data
  • Opt out of marketing communications at any time by clicking on the “Unsubscribe” or “Opt out” link in marketing emails we send you or by contacting us

Workday will not discriminate against you for exercising your rights.

You, or an authorised individual we can verify is acting on your behalf, can exercise the applicable rights by contacting us using the contact details at the bottom of this Privacy Statement.

You also have the right to complain directly to a data protection authority about our collection and use of your personal data.


Legal basis for processing personal data.

Our legal grounds for collecting and using your personal data as described in this Privacy Statement fall into the following four categories.  

Consent: In some cases, we ask you for your consent to process your personal data, such as when we need your consent for marketing purposes. You can withdraw your consent at any time, which will not affect the lawfulness of the processing before your consent was withdrawn. If you would like to withdraw your consent, you can do so by emailing

Legitimate interest: We process certain data for the legitimate interests of Workday, our affiliates, our partners, or our customers. These legitimate interests include, for example, contacting you to provide support or sending you marketing information (subject to applicable law); detecting, preventing, and investigating illegal activities and potential security issues; and maintaining and improving the Website and mobile applications. We will rely on our legitimate interests for processing personal data only after balancing our interests and rights against the impact of the processing on individuals.

Performance of a contract: Sometimes we process personal data to perform our obligations under an agreement with you. For example, we use payment information you provide when you register for an event to process your payment.  

Other legal bases: In some cases, we may have a legal obligation to process your personal data, such as in response to a court or regulator order. We also may need to process your personal data to protect vital interests, or to exercise, establish, or defend legal claims.


Workday forums

You may post comments or questions on our websites; for example, on a blog, Community site or developer forum. Some of these forums allow you to provide your personal data and create a profile. Personal data you submit in these public areas can be read and collected by others who access them. You should only post personal information to online forums with the awareness that the information will be available to others in the forum (unless stated otherwise). Comments posted by individuals in an online forum reflect their own views and should not be considered to reflect the opinion of Workday.


Workday Cloud Platform

Workday Cloud Platform allows partners and developers to build applications independent of Workday. Before using these applications, please review the relevant privacy statement and terms of service.


Mobile applications

When you are using a Workday mobile application, Workday may obtain information from or access data stored on your device, to provide services related to the relevant mobile application. Workday uses this information to deliver requested application services, to continue to improve our mobile applications, and to facilitate event participation, such as providing event schedules and the opportunity to connect with event attendees.

For example, when you are using the Workday Events mobile application, we may access your camera to allow you to upload photographs to the mobile service; access your calendar, social media, and contact information to allow you to interact with other event attendees; or access the geographic location of your device to enable you to identify nearby contacts. Workday may also collect information from your usage of the Workday Events mobile application to improve events and services, communicate with you about the event and relevant products and services, and for security purposes. You may configure Workday mobile applications, and this configuration will affect how information from your device is accessed and obtained in the mobile application.

The Workday mobile application uses third-party services for enabling easier access to the application, troubleshooting and improvement, and in conjunction with some services mentioned above. These services, such as Google Analytics, allow Workday to view aggregated information about end-user usage and interactions. Where possible, Workday takes steps to minimise or mask the information sent to third parties (such as encoding the data). These services do not collect any Customer Data as described in the Service Privacy Statement.



We use technical and organisational measures that provide a level of security appropriate to the risk of processing your personal data. However, the security of information transmitted through the internet can never be guaranteed. You are responsible for maintaining the security of your password or other form of authentication involved in accessing password-protected or secured resources.


Changes to this Privacy Statement

This Privacy Statement may be amended or revised from time to time at the discretion of Workday. Changes to this Privacy Statement will be posted on the Website and links to the Privacy Statement will indicate that the statement has been changed or updated. If we propose to make any material changes, we will notify you via a notice on this page prior to the change becoming effective. We encourage you to periodically review this Privacy Statement for the latest information on our privacy practices.


How to contact us

If you have any questions about this Privacy Statement, or wish to exercise your rights, please contact the Privacy Team at or by letter addressed to:

Contact details of business/controller Contact details of Workday Inc.’s data protection representative in the EEA
Workday, Inc.
Attn: Privacy
6110 Stoneridge Mall Road
Pleasanton, CA 94588
Workday Limited
Attn: Privacy
Kings Building
May Lane
Dublin 7 Ireland

To contact the Data Protection Officer, please email

Workday will respond to your request within a reasonable time frame or as required by law.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our US-based third-party dispute resolution provider (free of charge) at

If you have an unresolved EEA or Swiss privacy or data use concern that we have not addressed satisfactorily, you have the right to lodge a complaint with the relevant EU data protection authority or the Swiss Federal Data Protection and Information Commissioner, as applicable.

To view the previous version of this Privacy Statement click here.