Privacy and Security

Effective Date: 12/8/14

TRUSTe Web Privacy Seal

Bill.com has been awarded TRUSTe's Privacy Seal signifying that this privacy policy and practices have been reviewed by TRUSTe for compliance with TRUSTe's program requirements including transparency, accountability and choice regarding the collection and use of your personal information. The TRUSTe program covers only information that is collected through the Bill.com website, and does not cover other information, such as information that may be collected through software downloaded from www.bill.com. TRUSTe's mission, as an independent third party, is to accelerate online trust among consumers and organizations globally through its leading privacy trustmark and innovative trust solutions. If you have questions or concerns regarding this statement, you should first contact support. You can also reach Bill.com Customer Support by telephone at 1.866.989.BILL (2455) or by mail at 1810 Embarcadero, Palo Alto, California 94303. If you do not receive acknowledgement of your inquiry or your inquiry has not been satisfactorily addressed, you should contact TRUSTe here. TRUSTe will then serve as a liaison with us to resolve your concerns.

 

What Information Bill.com Collects, and How It Is Used

This privacy policy applies to the collection, use and disclosure of personal information we receive from users of Bill.com (the “website”) and our accounts payable and accounts receivable services offered through the website and via our mobile application (“app”).

Account Information.  When you sign up for us to provide Bill.com's services, our website asks you to choose a username and password and to provide various types of information, some of it relating to the corporate entity on behalf of which you will be using Bill.com, some of it related to individuals.  Some of the latter is personally identifiable information (PII) about:

  • you, either in your personal capacity or in your role of administering a Bill.com account for a corporate entity;
  • your employees who will be using the Site and services; and/or
  • anyone you sign up to interact with your company on Bill.com. 

The provided information includes:

  • Your company's:
    • name,
    • business information [number of employees, industry, annual revenue, accounting system(s), etc.],
    • address, phone number; business tax identification number, and
  • The names, work phone numbers and work email addresses of your employees who will be using the Site and services.
  • A credit card to pay for your subscription to Bill.com.
  • Your company's bank account details if you elect to use Bill.com's payment service.  Bill.com will use those details and other information collected about you to verify your identity and your company's creditworthiness.

If you enroll an individual on Bill.com, we will ask that person to provide a name and email address and to choose a password.  In addition, if you elect to use Bill.com’s payment service or receivables service, we will ask each of your pertinent vendors and customers, respectively, whom you enroll to provide the same various types of information about it and its pertinent employees as we asked you to provided to us about your company and your pertinent employees (See bulleted lists in the preceding paragraph.)  This privacy policy is presented to each enrolled individual and entity online at the time he, she or it is about to enter into the Terms of Service for using Bill.com.

Bill.com also asks you to provide information about how to contact you not only by email but also by telephone and fax.  We will use this information to provide you with updated information and service your account in other ways. We may also use this information to contact you about additional products or services that may be of interest to you. You will have an opportunity to "opt out" of such offers in the future, if you so choose, by following the instructions set forth in the offer that we send you.

If you sign up your accountant, he or she may use Bill.com to process payables and receivables for you.  Accordingly, your accountant, on your behalf, will be able to enter your PII of the types described above.  Bill.com will use this information for the purposes of verifying identity and creditworthiness, as also described above.  When you send emails or otherwise communicate with Bill.com, we may retain those communications to process your requests and inquiries and improve the quality of our Site.Bill.com also asks you to provide information about how to contact you not only by email but also by telephone and fax.  We will use this information to provide you with updated information and service your account in other ways. We may also use this information to contact you about additional products or services that may be of interest to you. You will have an opportunity to "opt out" of such offers in the future, if you so choose, by following the instructions set forth in the offer that we send you.

Information Collected Using Cookies we Place.  We use a technology called "cookies" to keep track of who visits our site.  A cookie is an element of data that a website can send to your browser, which may then store it on your system.  You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it.  If you do not accept cookies from Bill.com, you will not be able to use our site. Usage of a cookie is in no way linked to any PII while on our site.

In addition to cookies, we collect the following information from all visitors to our site: the name of the domain through which you access the internet; the date and time you access our site; the internet address from which you linked to our site; and the individual address of the computer you used to access our site. We use this information in the aggregate to administer our website, to help diagnose and troubleshoot potential server malfunctions, and to gather broad demographic information about usage of our website.

Cookies Placed by Third Parties.  The use of third party cookies by our partners, affiliates, tracking utility company and service providers is not covered by this privacy policy.  We do not have access or control over these cookies. Our partners, affiliates, tracking utility company and service providers use session ID cookies to make it easier for you to navigate our site.

Non- PII.  We may also collect other information as part of the registration and personalization process (e.g., zip code and individual preferences). Certain non-identifying information would be considered a part of your PII if it were combined with other identifiers (e.g., combining your zip code with your street address) in a way that enables you to be identified. However, the same pieces of information are considered non-identifying information when they are taken alone or combined only with other non-identifying information (e.g., your viewing preferences). We may combine your PII with non-identifying information and aggregate it with information collected from other users to attempt to provide you with a better experience, to improve the quality and value of the Site and to analyze and understand how the Site is used.

Bill.com does not share, rent, or trade PII with third parties for their promotional purposes.

 

How Information May Be Shared

Service Providers.  We share your PII with third parties as needed to maintain, support and operate the Site and to perform Site-related services (e.g., maintenance services, database management, web analytics and improvement of the Site's features) and to assist us in analyzing how our Site is used. These third parties have access to your PII only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. We may also provide PII to our business partners or other trusted entities for the purpose of providing you with information we believe will be of interest to you.

Compliance with Laws and Law Enforcement.  Bill.com cooperates with government and law enforcement officials or private parties to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect the property and rights of Bill.com or a third party, to protect the safety of the public or any person, or to prevent or stop any illegal, unethical or legally actionable activity.

Business Transfers/Transactions.  Information, including PII, that we collect from our users is considered to be a business asset.  As a result, if we go out of business or enter bankruptcy or if we are acquired as a result of a transaction such as a merger, acquisition, reorganization or asset sale, your PII may be disclosed, sold or transferred to the third-party acquirer in connection with the transaction.

Aggregate Information and Non-Identifying Information. We may share aggregated information which does not include PII and we may otherwise disclose non-identifying information and log data with third parties for industry analysis, demographic profiling and other purposes.  Any such aggregated information will not contain your PII.

Bill.com payment network.  As part of the Bill.com service you may optionally allow us to share information with your vendors and/or customers.  This information includes your company’s address, phone number, website URL/link, name and email address of each user managing the account; and this information may also include similar business data and/or transactional information, such as bills, invoices and payment data.  You can control how much information is shared, respectively, with other Bill.com customers and the public, as described in more detail in “Your Profile Visibility – Three Choices” immediately below.

The Bill.com website enables you to update, correct, and delete/remove PII regarding you, your employees and your accountant at any time. The website also permits you to cancel our service at any time. If you have further concerns about how Bill.com stores or uses PII, please contact us at support@hq.bill.com.

 

Your Profile Visibility – Three Choices

As described and displayed in more detail at Network Profile Visibility Settings, your profile, i.e., where you'll display your business contact information, your logo and more, is how you are represented on the internet  and/or within the Bill.com network of customers and vendors (“Network”).

You can also control your profile visibility by choosing one of the three different setting options described below:

  • 1)  Public

Bill.com offers a “Public” profile feature that allows you to publish portions of your Bill.com Network profile to the public Internet.  This Public profile will be indexed and displayed through Internet search engines when someone searches for your company’s name.  Then the web surfer will know it can connect with you to send and/or receive electronic payments via Bill.com. 

You may choose the parts of your profile that get indexed and displayed on the public Internet you or completely opt out of this feature in your Bill.com Network Profile settings.  However, third-party search engines may not automatically update their caches, which may contain old public profile information.

If you choose the “Public” option:

  • Your profile, including your custom Network profile URL, will be shareable with, and available to anyone, including those:
    • other Bill.com members logged into the Bill.com Network (see “Limited” and “Private” below); and
    • also on the public internet, including web surfers/searchers who are not logged into, the Bill.com Network and who may not yet be Bill.com users.
  • You will have some control over how much of your business information is displayed through the service functionality.  Note, though, that:
    • At a minimum (by default), the following information will always be displayed:
      • Company Name
      • Company Logo (if provided)
      • Date Joined Bill.com 
      • Number of Bill.com connections
      • Bill.com Payment Network ID
    • At your option, the following additional information can be displayed:
      • Company Address
      • Phone Number
      • “About” – Description of the business
  • IMPORTANTREMEMBER If the home address, cell phone number and/or home phone number for you and/or another individual is used in any of the above categories and you choose the “Public” profile option, then all such address and phone information will be available publicly as part of your profile.

 

  • 2)  Limited (one of our two “in-Network” option)

Alternatively, Bill.com offers a “Limited” profile feature, which enables only other Bill.com members who are logged into the Bill.com network to search for your profile.  However, non-Bill.com members will not be able to search for your profile. 

If you choose the “Limited” option:

  • You will have some control over how much of your business information is displayed through the service functionality.  Note, though, that:
    • At a minimum (by default), the following information will always be displayed in a result of a search run by another Bill.com member and in a “recommendation” that Bill.com proactively generates for another member:
      • Company Name
      • Company Logo (if provided)
      • Date Joined Bill.com 
      • Number of Bill.com connections
      • Bill.com Payment Network ID
      • Username and email address of the user managing the account
      • Company Address
      • Phone Number
      • “About” – Description of the business (if provided)
  • IMPORTANTREMEMBER:  If the home address, cell phone number and/or home phone number for you and/or another individual is used in any of the above categories and you choose the “Limited” profile option, then all such address and phone information will be available to other Bill.com members as part of your profile.

 

  • 3)  Private (the other of our two in-“Network” option)

If you choose the “Private” option:

  • By default, your company profile will not be searchable, even by Bill.com members logged into the Bill.com network.
  • Your profile will only be visible to those logged-in Bill.com members with whom you have shared your Bill.com Payment Network ID.

 

Links to Other Sites

The Site may provide links to other sites. If you choose to visit another site by "clicking on" an external link, you will be directed to that party's site. We may track whether these links have been followed to improve the quality of the Site and Bill.com's partnership activities. The fact that we link to another site is not an endorsement, authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third party sites. These other sites may place their own cookies or other files on your computer, collect data or solicit PII from you. This privacy policy addresses the use and disclosure of information that we collect from you through this Site. Other sites follow different rules regarding the use or disclosure of the PII you submit to them. We encourage you to read the privacy policies or statements of the other sites you visit.

 

Social Media Widgets

Our Site includes social media features, such as the Facebook Like button and widgets, such as the Share this button or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these features are governed by the privacy policy of the company providing it.

 

Data Retention

We will retain and use your information in accordance with our internal retention, archiving and back-up regimens, including as necessary to comply with our legal obligations, resolve disputes and enforce our agreements.

 

Modifying Your Information; Cancelling Your Account

The Bill.com website enables you to update, correct, and delete/remove PII regarding you, your employees and your accountant at any time on the website.  The website also permits you to cancel our service at any time.   If you have any concerns about how Bill.com stores or uses PII, please contact us at support@hq.bill.com.

 

International Transfer

Your information may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction.  If you are located outside the United States and choose to provide information to us, Bill.com transfers PII to the United States for processing.  Your submission of such information represents your consent to that transfer.

 

Our Policy Toward Children

This Site is intended for business-to-business use and is not directed to children under the age of 18.  If a parent becomes aware that his or her child has provided us with PII without parental consent, he or she should contact us at support@hq.bill.com.  If we become aware that a child under the age of 13 has provided us with PII, we will delete such information from our files.

 

Testimonials

On our website, we post customer testimonials that may contain PII such as the customer's name. Prior to posting, we do obtain the customer's consent to post his or her name accompanying the testimonial.  If you wish to update or delete a testimonial, you can contact us at support@hq.bill.com.

 

Changes to This Privacy Policy

If we decide to change our privacy policy, we will post those changes to this privacy policy page, the home page, and other places we deem appropriate, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.

We reserve the right to modify this privacy statement at any time, so please review it frequently.  If we make material changes to this policy, we will notify you here, by email, or by means of a notice on our home page prior to the change becoming effective.

 

Bill.com Data Security

Bill.com is committed to protecting the security and privacy of your information. We know that information regarding you and your company is extremely important and confidential.  Bill.com uses reasonable measures – consistent with industry standard practices – as well as some advanced security and process controls designed to ensure that the security, confidentiality, integrity and availability of your data are protected.  Bill.com is a U.S.-based corporation, and all storage and processing of data occurs in the US.

Best-in-Class Data Security.  At Bill.com, we follow these practices:

  • Extended Validation (EV) SSL encryption technology designed to achieve privacy of communications between your browser and the Bill.com service.
  • Firewalls that aim to prevent unauthorized electronic access to servers
  • Production servers in a high-security locked facility with biometric access controls to protect against unauthorized physical access to servers
  • Encryption of all sensitive data at rest in our database
  • Off-site continuous backup processes intended to enable Bill.com to recover promptly from a potential disaster

Industry-Leading Controls.  We take controls seriously, as follows:

  • Bill.com undergoes an annual SSAE 16 SOC 1 Type II Audit by a leading national CPA Firm.
  • Payments are FDIC-insured en route.
  • Our employees may access data only on a “need to know” basis, and then the relevant employees access your information only to the extent necessary to help us provide you with our services.
  • All employees undergo background checks and annual training on handling and securing sensitive data.
  • We will make any legally required disclosures of any breach of the security, confidentiality, integrity or availability of your information.  Such disclosures will be made to you via email or conspicuous posting on this Site without unreasonable delay, insofar as consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.

Passwords.  When you sign up for Bill.com, you provide an email address and password to access our website.  You can help protect your information by using a strong password, keeping your password secret and by changing it from time-to-time. See https://answers.bill.com/app/answers/detail/a_id/1485 for some tips on choosing and maintaining a strong password.