Effective date: October 11, 2022
This Privacy Notice applies to all Bill.com, LLC (“BILL”) websites, applications, products and services in Canada (collectively, the “BILL Service” or the “Service”), including all those that link to this Privacy Notice, and describes how BILL collects, uses, shares, transfers, stores, retains, or otherwise processes your personal information. This Privacy Notice also applies to any surveys, rewards, promotions, sweepstakes, contests, referrals, or other marketing activities conducted by BILL or in connection with the BILL Service (collectively “BILL Marketing”). This Privacy Notice does not apply to any third party website or service that BILL does not own or control. Please review this Privacy Notice carefully.
BILL will share your information only as described in this Privacy Notice, or as permitted by law. BILL will not sell, lease, rent, or trade your personal information to any third party for that party’s marketing or promotional purposes, unless you give your consent.
This Privacy Notice explains:
Information we collect and the sources from which we collect it
Information we collect and the sources from which we collect it
BILL collects information about you from:
your use of the Service or your participation in BILL Marketing; and
Information that We Collect from You
Financial information. When you use the BILL Service to receive payments we collect certain financial information from you, such as bank routing and account information.
Payment transaction information. When you request, receive, record, or otherwise process a payment through the BILL Service, we collect information about the payment transaction and the transacting parties, such as the date, time and location(s) of the transaction, identifying information of the sender and recipient, the payment or transfer amount(s), bank account information for the sender and/or recipient, a description of the transaction, and the Service Fees charged by BILL.
Feedback. We collect information that you choose to provide to us in connection with your feedback about BILL or the BILL Service, including through your use of the BILL Service.
Online forms. We collect the information that you provide to us through online forms, including but not limited to forms on our Website or social media forms, such as BILL webinar sign-up forms or LinkedIn forms.
BILL marketing participant information. We collect the information that you provide voluntarily in connection with your participation in BILL Marketing, including but not limited to engagement at event booths, sweepstakes, contests, promotions, surveys, and referrals.
Other. When you use the BILL Service or otherwise engage with BILL we may collect information about you, such as name, email address, phone, and mailing address. We may also collect information from you when you visit our Website.
Information We Collect from Your Use of the BILL Service
Device information. We collect information about your device when you install, access, or use the BILL Service on that device. The device information that we collect may include IP address, hardware model, operating system information, BILL app version, browser information, and mobile network. Your device may also allow us to collect and use information received through device-based settings, such as access to your contacts, camera, or photos, based on your settings. See the “How you can manage your privacy choices” section below for additional information on managing your device settings.
How you interact with the BILL Services. We collect information about how you access and use the Service, including but not limited to: your IP address; the domain name of the Internet Service Provider you use; and the date(s) and time(s) you access the Service; the pages you access and view; any term(s) you search; and the individual address of the device that you use to interact with the BILL Service.
Information from third parties you choose to interact with through BILL. We collect information about you from third parties with whom you interact through the BILL Service, including your customers.
Information We Collect about You from Third Parties
Identify verification. We collect information about you from third parties as required and permitted by law, including but not limited to for purposes of verifying your identity and/or complying with anti-money laundering and anti-terrorism financing laws, “know your customer” regulations, and OFAC sanctions requirements.
Compliance and fraud. We collect information about you from third parties for purposes of fraud detection and prevention, in connection with certain types of investigations, or as otherwise permitted by law to ensure the safety and security of the Service.
Address and Organization information. We collect information about you or your legal non-natural person or entity (your “Organization”) from commercially available sources to ensure your account information, for example your address, is accurate and up-to-date.
Marketing. We collect information about current and prospective users of the Service from third party services, including but not limited to lead generation services and providers of customer and lead data, as well as enriched data about visitors to our Website, all as permitted by law.
How we use the information we collect
We use the information that we collect for purposes of:
providing the BILL Service,
improving the Service,
maintaining the security of the Service and our network,
marketing our products and services (if you choose to opt in to receiving marketing communications from us), and
as required or permitted by law.
To Provide the BILL Service
Providing our Service to you. We use the information that we collect about you, together with the content that you upload to the Service, to provide the Service to you in accordance with your instructions. We also use your information to process payments requested by you and to provide you with transaction history information.
Providing customer service and technical support. We use your information, including your name, phone number, email address, account number, payment history and device information, to process and respond to your requests or inquiries, and to provide you with customer service, technical support, or software updates.
Communicating with you. We will use your information to contact you about the Service, and to provide you with security, technical, support and administrative messages.
When contacting you by phone, BILL may, without further notice or warning and in its sole discretion, where permitted by law, monitor or record telephone conversations between BILL or its agents and you or anyone acting on your behalf, for quality control and training purposes or for BILL’s protection.
To Improve the BILL Service
Improving and developing the Service. We aggregate your information, including your payment transaction information and your feedback to BILL, with information from other BILL users and use that data to improve the Service, to develop new BILL products or features, and to enhance the quality of the Service. We use this information to provide you with a better experience, to administer the Service, to improve the quality and value of the Service, and to gather broad demographic information about how the Service is used.
Marketing and Promotional Purposes
Marketing and advertising. If you choose to receive marketing communications from us, we use the information that we collect about you to market the Service to you, and to communicate with you about BILL products or features, or BILL Marketing, that may be of interest to you. If we send you a marketing email, we will provide you with information on opting out of future marketing emails or communications from us. If you opt out, we can continue to send you informational communications relating to the use of the BILL Service, such as transaction receipts.
Sweepstakes, contests, and other promotions. We may use the information that you voluntarily provide in connection with a sweepstakes, contest or other promotion (“Promotion”) sponsored by BILL in accordance with the official rules for the Promotion.
To Maintain a Secure Environment
Protecting your use of the Service. We use the information we collect from you to prevent, detect, investigate, and report fraud or security incidents related to your use of the Service. We use your information to investigate any error, unauthorized transaction, or other fraud or security incident that we discover or that you report to us.
Ensuring the reliability, safety and security of the Service. We use the information that we collect to comply with all laws and regulations applicable to the Service. We use the information that we collect to secure and protect the integrity of our network, prevent unauthorized access to the Service, help diagnose and troubleshoot potential hardware malfunctions, and otherwise secure the Service.
As Required or Permitted by Law
We may use the information that we collect about you as required or permitted by law. Such uses include but are not limited to compliance with anti-money laundering and anti-terrorism financing laws, “know your customer” regulations, and OFAC sanctions requirements.
How we share the information that we collect
We share your information:
with third parties that you authorize,
with our partners and service providers,
as required or permitted by law, and
with your consent.
With Third Parties That You Authorize
Fraud prevention. We may share information about changes to your BILL account, such as changes to a bank account or to your address, with BILL customers for purposes of fraud prevention and detection.
With Our Third Party Service Providers and Partners
With our third-party service providers and business partners. We may share your information with our third-party service providers and business partners as needed to provide, maintain, support, secure, and improve the Service. Services provided to BILL by these third-party providers include, but are not limited to, identity verification, payment processing, fraud prevention, database management, data storage, error reporting, web analytics, and marketing services. Our third-party service providers have access to your information only for the purposes of performing specific tasks on our behalf, and are obligated not to use or disclose your information for any other purpose or in any manner that is inconsistent with this Privacy Notice.
Aggregated and non-identifying information. We share aggregated and anonymized information with third parties for industry and clickstream analysis, and other purposes. Aggregated and anonymized information shared for these purposes will not contain personal information that can be associated with you.
As Required or Permitted by Law
As required by law. We will share your information with third parties as required by law. BILL cooperates with government, law enforcement, and private third party requests for information as we, in our sole discretion, determine is reasonably necessary to comply with any applicable law, regulation, government request or legal process, including but not limited to subpoenas.
As permitted by law. We may share your personal information as permitted by law, including, but not limited to, as we, in our sole discretion, believe necessary or appropriate to ensure the security and confidentiality of the Service, to prevent, detect or respond to fraud or security incidents, to respond to claims and legal process, to protect the property or rights of BILL or a third party, to protect the safety of the public or any person, or to prevent or stop any illegal, unethical or legally actionable activity.
In connection with business transactions or corporate changes. The information that we collect in connection with the Service is a business asset. As a result, we may share or transfer your information if we enter bankruptcy or are party to a business transaction, such as a merger, acquisition, reorganization, or asset sale.
With Your Consent
We may share your information at your direction or with your consent.
How long we retain information
BILL will retain your information in accordance with our internal records retention and management policies and procedures, including as necessary to provide you with the Service, or as long as necessary to comply with our legal obligations, resolve disputes, reserve our legal rights, and enforce our agreements. The file containing your information will be maintained on our servers or those of our service providers and will be accessible by our authorized employees, representatives and agents as necessary for the purposes described in this Privacy Notice.
What are your rights
You have certain rights in respect of your information. In particular, you have a right of access and correction. If you wish to exercise these rights, please contact the BILL Privacy Team at firstname.lastname@example.org.
Cookies and third party technologies
Cookies are typically assigned to one of the following categories, depending on their function and intended purpose:
Essential cookies enable you to navigate our Website and to use the Service. Without these cookies, our Website will not perform as smoothly for you as we would like, and we may not be able to provide certain core functions and features.
Analytics cookies collect information about the use of our Website and application, and enable us to improve the way our Service works. For example, analytics cookies show us the most frequently visited pages and analyze site traffic. We use them to analyze broad trends and patterns of usage on our Website, rather than to monitor the usage of any particular individual.
We use third-party service providers, including Google Analytics, to analyze the use of our Website. You can opt-out of the use of web analysis at any time either by downloading and installing a Browser Plugin offered by Google or by configuring your browser to delete and reject cookies.
Social Media cookies collect information about your visits to our Website, but only when you are logged in to your social media account(s).
Customer interaction cookies allow us to communicate with you, including for purposes of real-time communication through our chat feature.
Marketing cookies track browsing habits and are used to deliver targeted (interest-based) advertising. You can opt out of receiving interest-based ads for web properties here (Digital Advertising Alliance’s WebChoices).
Most browsers are set up to accept cookies automatically. You can deactivate the storing of cookies or adjust your browser to inform you before the cookie is stored on your computer. Some browsers have “Do Not Track” features that allow you to tell websites not to track you. These features are not all uniform. BILL does not currently respond to “Do Not Track” signals.
How you can manage your privacy choices
Managing marketing communications from us. We will honor any request from you to opt out of receiving marketing communications, including emails and text messages.
To opt out of receiving marketing emails from BILL, click the “unsubscribe” link at the bottom of a BILL marketing email.
For marketing text (SMS) messages, reply “STOP” or follow the instructions in the message.
Please note that, even if you choose not to receive marketing communications from BILL, we can continue to send you informational communications related to your use of the Service.
Device settings. The device that you use to interact with the Service may have setting options that can be enabled or disabled to allow the BILL Service to access and use certain information and features on your device, such as mobile app push notifications. You can adjust your device setting if you do not want BILL or the Service to have access to this information or these features. You can also adjust your device or browser settings to block or provide notice of Cookies on your browser or mobile device. Please note, however, that disabling or limiting certain cookie settings on your device or browser may prevent you from interacting with some or all of the features of the Service, or may require you to do additional authentication. Learn more about cookies here.
If you sync or connect your BILL account with third party services. If you choose to sync or connect your BILL account with third-party services, such as accounting software services or social media sites, we will share your information with the third-party service provider. If you do not want us to share your information with these third parties, you can choose not to sync or connect your BILL account with the third party service.
Community forums. BILL may offer blogs and publicly accessible community forums. You should be aware that any information you provide in these forums may be read, collected, and used by others who access them. To request removal of your information from a blog or community forum, contact the BILL Privacy Team at email@example.com.
How we protect the security of your information
BILL is committed to protecting the security and privacy of your information. BILL recognizes the importance and confidentiality of your information. We have implemented technical, administrative, and physical security measures designed to protect your information from unauthorized access, disclosure, use, and modification. BILL maintains industry standard attestations and has formal SSAE18 SOC1, SOC2 and SOC3 attestation reports. Please be aware however that no security measures are perfect or impenetrable.
Your information may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. We and our third-party service providers store and process your information outside of Canada, in the United States of America and elsewhere in the world.Your submission of such information represents your consent to that transfer.
Information for children under the age of 18
Persons under the age of 18 year are not eligible to use, access or otherwise interact with BILL or the Service. If we become aware that a child under the age of 18 has created an account with us or is otherwise using the Service, we will take steps to remove access, disable the account, and delete any information related to the child as soon as reasonably possible.
Updates to this Privacy Notice
This Privacy Notice may be updated periodically and will be posted on the Website, indicating when it was last updated. If there are material changes to our Privacy Notice, we will post a notice on our website and/or provide other notice as required by law. If you object to any changes to this Privacy Notice, you can stop using the Service.
How to contact us
If you have any questions or concerns about this Privacy Notice or about how BILL collects, uses, or otherwise processes your information, you can reach the BILL Privacy Team at firstname.lastname@example.org or contact us at:
Attn: Privacy Officer
6220 America Center Drive, Suite 100
San Jose, CA 95002