Privacy and Security

Effective Date: 11/08/2013

Truste Web Privacy Seal

Bill.com has been awarded TRUSTe's Privacy Seal signifying that this privacy policy and practices have been reviewed by TRUSTe for compliance with TRUSTe's program requirements including transparency, accountability and choice regarding the collection and use of your personal information. The TRUSTe program covers only information that is collected through the Bill.com website, and does not cover other information, such as information that may be collected through software downloaded from www.bill.com. TRUSTe's mission, as an independent third party, is to accelerate online trust among consumers and organizations globally through its leading privacy trustmark and innovative trust solutions. If you have questions or concerns regarding this statement, you should first contact support. You can also reach Bill.com Customer Support by telephone at 1.866.989.BILL (2455) or by mail at 3200 Ash Street, Palo Alto, California 94306-2242. If you do not receive acknowledgement of your inquiry or your inquiry has not been satisfactorily addressed, you should contact TRUSTe here. TRUSTe will then serve as a liaison with us to resolve your concerns.

What Information Bill.com Collects, and How It Is Used

This privacy policy applies to the collection, use and disclosure of personal information we receive from users of the Site and services offered through the Site.

In order to provide Bill.com's service, our web site asks you to provide personally identifiable information about you, your employees and anyone you sign up on Bill.com. This information includes your company's name, address, phone number and your business tax identification number, and your employees' names and email addresses. We will also ask for a credit card to pay for your subscription to Bill.com. If you enroll others on Bill.com, we will ask them to provide a name and email address. If you elect to use Bill.com's payment service, Bill.com will also collect your company's bank account details. Bill.com will use this and other information collected about you to verify your identity and your company's creditworthiness.

Bill.com asks you to provide information about how to contact you by telephone, fax and email. We will use this information to provide you with updated information and service your account in other ways. We may also use this information to contact you about additional products or services that may be of interest to you. You will have an opportunity to "opt out" of such offers in the future, if you so choose, by following the instructions set forth in the offer that we send you.

If you sign up your accountant, he or she may use Bill.com to process payables and receivables for you. Accordingly, your accountant may enter the foregoing types of personally identifiable information on behalf of you. Bill.com will use this information for the purposes of verifying identity and creditworthiness, as described above. When you send emails or otherwise communicate with Bill.com, we may retain those communications in order to process your requests and inquiries and improve the quality of our Site.

We use a technology called "cookies" to keep track of who visits our site. A cookie is an element of data that a web site can send to your browser, which may then store it on your system. You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it. If you do not accept cookies from Bill.com, you will not be able to use our site. Usage of a cookie is in no way linked to any personally identifiable information while on our site. The use of third party cookies by our partners, affiliates, tracking utility company, service providers is not covered by our privacy statement. We do not have access or control over these cookies. Our partners, affiliates, tracking utility company, service providers use session ID cookies to make it easier for you to navigate our site.

In addition to cookies, we collect the following information from all visitors to our site: the name of the domain through which you access the internet; the date and time you access our site; the internet address from which you linked to our site; and the individual address of the computer you used to access our site. We use this information in the aggregate to administer our web site, to help diagnose and trouble shoot potential server malfunctions, and to gather broad demographic information about usage of our web site.

We may also collect other information as part of the registration and personalization process (e.g., zip code and individual preferences). Certain non-identifying information would be considered a part of your personal information if it were combined with other identifiers (e.g., combining your zip code with your street address) in a way that enables you to be identified. However, the same pieces of information are considered non-identifying information when they are taken alone or combined only with other non-identifying information (e.g., your viewing preferences). We may combine your personal information with non-identifying information and aggregate it with information collected from other users to attempt to provide you with a better experience, to improve the quality and value of the Site and to analyze and understand how the Site is used.

Bill.com does not share, rent, or trade Personally Identifiable Information with third parties for their promotional purposes.

How Information May Be Shared

Service Providers. We share your personal information with third parties as needed to maintain, support and operate the Site and to perform Site-related services (e.g., maintenance services, database management, web analytics and improvement of the Site's features) and to assist us in analyzing how our Site is used. These third parties have access to your personal information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. We may also provide personal information to our business partners or other trusted entities for the purpose of providing you with information we believe will be of interest to you.

Compliance with Laws and Law Enforcement. Bill.com cooperates with government and law enforcement officials or private parties to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect the property and rights of Bill.com or a third party, to protect the safety of the public or any person, or to prevent or stop any illegal, unethical or legally actionable activity.

Business Transfers. Bill.com may sell, transfer or otherwise share some or all of its assets, including your personal information, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy. We will provide notice before personal information is transferred and becomes subject to a different privacy policy.

Aggregate Information and Non-Identifying Information. We may share aggregated information which does not include personal information and we may otherwise disclose non-identifying information and log data with third parties for industry analysis, demographic profiling and other purposes. Any such aggregated information will not contain your personal information.
How to Correct and Delete Inaccurate Information

The Bill.com web site enables you to update, correct, and delete/remove personally identifiable information regarding you, your employees and others at any time on the web site. The web site also permits you to cancel our service at any time. If you have further concerns about how Bill.com stores or uses personally identifiable information, please contact us at support@hq.bill.com.

Links to Other Sites

The Site may provide links to other sites. If you choose to visit another site by "clicking on" an external link, you will be directed to that party's site. We may track whether these links have been followed to improve the quality of the Site and Bill.com's partnership activities. The fact that we link to another site is not an endorsement, authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third party sites. These other sites may place their own cookies or other files on your computer, collect data or solicit personal information from you. This privacy policy addresses the use and disclosure of information that we collect from you through this Site. Other sites follow different rules regarding the use or disclosure of the personal information you submit to them. We encourage you to read the privacy policies or statements of the other sites you visit.

Social Media Widgets

Our Site includes social media features, such as the Facebook Like button and widgets, such as the Share this button or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these features are governed by the privacy policy of the company providing it.

International Transfer

Your information may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to provide information to us, Bill.com transfers personal information to the United States for processing. Your submission of such information represents your agreement to that transfer.

Our Policy Toward Children

This Site is intended for business-to-business use and is not directed to children under the age of 18. If a parent becomes aware that his or her child has provided us with personal information without parental consent, he or she should contact us at support@bill.com. If we become aware that a child under the age of 13 has provided us with personal information, we will delete such information from our files.

Testimonials

We post customer testimonials on our web site which may contain personally identifiable information such as the customer's name. We do obtain the customer's consent prior to posting the testimonial to post their name along with their testimonial. If you wish to update or delete your testimonial, you can contact us at support@hq.bill.com.

Changes to This Privacy Policy

If we decide to change our privacy policy, we will post those changes to this privacy statement, the home page, and other places we deem appropriate, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.

We reserve the right to modify this privacy statement at any time, so please review it frequently. If we make material changes to this policy, we will notify you here, by email, or by means of a notice on our home page prior to the change becoming effective.

Bill.com Security

Bill.com is committed to protecting the security and privacy of your information. We know that information regarding you and your company is extremely important and confidential. Bill.com uses the industry's most advanced security and process controls to ensure that the security, confidentiality, and availability of your data is protected. Bill.com is a US-based corporation and all storage and processing of data is done in the US.

Best-in-Class Data Security

  • Extended Validation (EV) SSL encryption technology - ensures privacy of communications between your browser and the Bill.com service
  • Firewalls prevent unauthorized electronic access to servers
  • Production servers are in high-security locked facility with biometric access controls preventing unauthorized physical access to servers
  • All sensitive data is encrypted at rest in our database
  • Offsite continuous backup enables Bill.com to recover from a potential disaster quickly

Industry-Leading Controls

  • Bill.com undergoes an annual SSAE 16 SOC 1 Type II Audit by a leading national CPA Firm
  • Payments are FDIC-insured en route
  • Our employees may access your information only to help us provide you with our service.
  • All employees undergo background checks and annual training on security and handling sensitive data
  • We will make any legally required disclosures of any breach of the security, confidentiality, or integrity of your information to you via email or conspicuous posting on this Site without unreasonable delay, insofar as consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.

When you sign up for Bill.com, you provide an email address and password to access our web site. You can help protect your information by using a strong password, keeping your password secret and by changing it from time-to-time. See https://answers.bill.com/app/answers/detail/a_id/1485 for some tips on choosing and maintaining a strong password.

We will retain your information for as long as your account is active or as needed to provide you services. Please contact us if you wish to cancel your account or request that we no longer use your information to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.