Effective date: January 30, 2023
This Privacy Notice applies to all Bill.com, LLC (along with its affiliates, successors, and assigns, “BILL”) websites, applications, promotions, products and services (“the Service”), including all those that link to this Privacy Notice, and describes how BILL collects, uses, shares, transfers, stores, retains, or otherwise processes your personal information. This Privacy Notice also applies to any surveys, rewards, promotions, sweepstakes, contests, referrals, or other marketing activities conducted by BILL or in connection with the Service (collectively “BILL Marketing”). This Privacy Notice does not apply to any third party website or service that BILL does not own or control. Capitalized terms not defined in this Privacy Notice have the meanings given to them in BILL’s Terms of Service. Please review this Privacy Notice carefully.
BILL will share your information only as described in this Privacy Notice, or as permitted by law. BILL will not sell, lease, rent, or trade your personal information to any third party for that party’s marketing or promotional purposes, unless you give your consent.
If you are an individual, or are acting on behalf of an individual, and obtained a BILL account primarily for personal family or household purposes, please read our Consumer Privacy Notice to understand our privacy practices and the privacy choices available to you.
By continuing to use the Service or participating in BILL Marketing after being provided with this Privacy Notice, you consent to BILL’s policies and practices as described herein.
This Privacy Notice explains:
BILL collects information about you from:
Account information. When you sign up for a BILL account or register as a BILL User, we collect contact and identifying information about you, including but not limited to: your name; billing address; phone number; email; Tax Identification Number or Social Security Number (collectively, “TIN”); date of birth (natural persons); government-issued identification (natural persons); and Organization information, including company name and address, formation documents, business license, tax documents, phone number and business email address. We require you to choose a strong password, and may require you to provide device information to receive multi-factor authentication. We collect information from you when you use the Service, contact us for support, or provide us with feedback on the Service. As new products, services, and features are offered on the BILL platform, we may collect new and different types of information from you when you use the Service or contact BILL in connection with your account.
US PATRIOT Act. To help the U.S. government fight the funding of terrorism and money laundering activities, federal and state law requires financial institutions, including money services businesses like BILL and banks that offer services through BILL, to obtain, verify, and record information that identifies every customer.
What this means for you: When you use the Service, we and banks that offer services through BILL will ask you for your name, address, date of birth, and other information that will allow us to identify you. We may also ask to see your driver’s license or other identifying documents, such as business related documents. We will let you know if additional information is required.
Financial information. When you use the Service to make or receive payments, we collect certain financial information from you, such as bank routing and account information, including bank statements and verification of bank account ownership, and/or a credit or debit card to bill Service Fees. We may also collect information to verify financial condition and creditworthiness.
Information about your Customers and Vendors. We may collect information from you about your Customers and Vendors, including but not limited to name, address, email address, phone number, TIN, and financial information, based on your use of the Service and payment instructions.
Payment transaction information. When you request, make, receive, record, or otherwise process a payment through the Service, we collect information about the payment transaction and the transacting parties, such as the date, time and location(s) of the transaction, identifying information of the sender and recipient, the payment or transfer amount(s), bank account information for the sender and/or recipient, a description of the transaction, and the Service Fees charged by BILL.
Feedback. We collect information that you choose to provide to us in connection with your feedback about BILL or the Service, including through your use of the Service or your participation in BILL Marketing.
Online forms. We collect the information that you provide to us through online forms, including but not limited to forms on our Website or social media forms, such as BILL webinar sign-up forms or LinkedIn forms.
BILL marketing participant information. We collect the information that you provide voluntarily in connection with your participation in BILL Marketing, including but not limited to engagement at event booths, sweepstakes, contests, promotions, surveys, and referrals.
Importing your contacts. If you choose to import contacts from your email account, including to invite those contacts to use the Service, we will collect the username and password for the linked email account, as well as the contact information for your contacts. We will only use this information for the purposes for which it is shared by you.
Other. When you use the Service or otherwise engage with BILL, even if you do not establish or use a BILL account, we may collect information about you, such as name, email address, phone, and mailing address. We may also collect information from you when you visit our Website.
Device information. We collect information about your device when you install, access, or use the Service on that device. The device information that we collect may include IP address, hardware model, operating system information, BILL app version, browser information, and mobile network. Your device may also allow us to collect and use information received through device-based settings, such as access to your contacts, camera, or photos, based on your settings. See the “How you can manage your privacy choices” section below for additional information on managing your device settings.
Geolocation information. When you use the Service, we collect the location of the device that you are using to access BILL.
How you interact with the Services. We collect information about how you access and use the Service, including but not limited to: your IP address; the domain name of the Internet Service Provider you use; and the date(s) and time(s) you access the Service; the pages you access and view; any term(s) you search; and the individual address of the device that you use to interact with the Service.
Information from third parties you choose to interact with through BILL. We collect information about you from third parties with whom you interact through the Service, including but not limited to your Vendors or Customers. We may also collect information about you from third party services that are supported by, or sync or integrate with the Service, including but not limited to third-party data entry services or accounting software providers.
Identify verification. We collect information about you from third parties as required and permitted by law, including but not limited to for purposes of verifying your identity and/or complying with anti-money laundering and anti-terrorism financing laws, “know your customer” regulations, and OFAC sanctions requirements.
Compliance and fraud. We collect information about you from third parties for purposes of fraud detection and prevention, in connection with certain types of investigations, or as otherwise permitted by law to ensure the safety and security of the Service.
Address and Organization information. We collect information about you or your Organization from commercially available sources to ensure your account information, for example your address, is accurate and up-to-date.
Marketing. We collect information about current and prospective users of the Service from third party services, including but not limited to lead generation services and providers of customer and lead data, as well as enriched data about visitors to our Website, all as permitted by law.
We use the information that we collect for purposes of:
Registering your account. When you create a BILL account or enroll as a BILL account User, we use the information that we collect about you, including any identifying information or financial information, for purposes related to the review, establishment, provision, administration, maintenance and monitoring of your BILL account or your use of the Service. We also use this information to verify your identity and your eligibility to use theService, and to comply with applicable law.
Providing or facilitating the Service. We use the information that we collect about you, together with information that you provide about your Customers and Vendors and the content that you upload to the Service, to provide and facilitate the Services in accordance with your instructions and BILL account settings and elections. We also use your information to process payments requested by you and to provide you with transaction history and account information.
Providing customer service and technical support. We use your information, including your name, phone number, email address, account number, payment history and device information, to process and respond to your requests or inquiries, and to provide you with customer service, technical support, or software updates.
Communicating with you. We will use your information to contact you about the Service or your BILL account, and to provide you with security, technical, support and administrative messages, including for purposes of multi-factor authentication.
When contacting you by phone, we may use, and you consent to receive, as permitted by applicable law, informational autodialed calls and text messages, as described in our Terms of Service. If you wish to opt out of receiving autodialed calls or text messages from BILL, you can contact BILL Customer Support through our customer support portal. You understand that if you opt out of receiving informational autodialed calls or text messages, such as for multi-factor authentication, you may lose access to certain features and functionalities of the Service, including but not limited to the ability to request or send payments through the Service. BILL may, without further notice or warning and in its sole discretion, where permitted by law, monitor or record telephone conversations between BILL or its agents and you or anyone acting on your behalf, for quality control and training purposes or for BILL’s protection. While your communications with BILL may be overheard, monitored, or recorded, not all telephone lines or calls may be recorded by BILL, and BILL does not guarantee that recordings of any particular telephone calls will be retained or retrievable.
Improving and developing the Service. We aggregate your information, including your payment transaction information and your feedback to BILL, with information from other BILL users and use that data to improve the Service, to develop new products and services or features, and to enhance the quality of the Service. We use this information to provide you with a better experience, to administer the Service, to improve the quality and value of the Service, and to gather broad demographic information about how the Service is used.
Links to other websites or applications. If you link to a third-party website or applications, or any services offered through such sites and applications, through the Service, we may track whether the link has been followed to improve the quality of the Service and BILL’s partnership activities. This Privacy Notice does not apply to and we are not responsible for any third-party website or applications or any services offered through such sites and applications that are not owned or controlled by BILL, including those that link to the Service. To understand how third parties process and protect your information, we recommend that you review their privacy policies, terms of use, and websites.
Protecting your account. We use the information we collect from you to prevent, detect, investigate, and report fraud or security incidents related to your use of the Service or your BILL account. We use your information to investigate any error, unauthorized transaction, or other fraud or security incident that we discover or that you report to us.
Ensuring the reliability, safety and security of the Service. We use the information that we collect to comply with and enforce our Terms of Service and all laws and regulations applicable to the Service. We use the information that we collect to secure and protect the integrity of our network, prevent unauthorized access to the Service, help diagnose and troubleshoot potential hardware malfunctions, and otherwise secure the Service.
Marketing and advertising. We use the information that we collect about you to market the Service to you, and to communicate with you about products or features, or BILL Marketing, that may be of interest to you. If we send you a marketing email, we will provide you with information on opting out of future marketing emails or communications from us. If you opt out, we can continue to send you informational communications relating to the use of the Service, such as transaction receipts or administrative messages about your BILL account. We may also use information about you for our (and banks that offer services through BILL) marketing purposes, including to identify other similar prospective customers who may be interested in the Service.
Referrals. If you refer another person to the Service, we will collect a name and email address for the referral. We will use this information to send an email invitation to use BILL to the person you are referring. BILL may retain the referral information, but solely for the purpose of tracking the success of our referral program.
Sweepstakes, contests, and other promotions. We may use the information that you voluntarily provide in connection with a sweepstakes, contest or other promotion (“Promotion”) sponsored by BILL in accordance with the official rules for the Promotion.
We may use the information that we collect about you as required or permitted by law. Such uses include but are not limited to compliance with anti-money laundering and anti-terrorism financing laws, “know your customer” regulations, and OFAC sanctions requirements.
We share your information:
We may share your information within our corporate family, including, but not limited to Bill.com, LLC, Bill.com, Canada LLC, DivvyPay, LLC and any affiliates or subsidiaries of these companies or our parent company, Bill.com Holdings, Inc. (collectively, “BILL Group Companies”) for the purposes identified in the BILL Privacy Notice. As the Services grow and expand, including into other countries,We may add to our corporate family.
With other Users on your BILL account. If you are the Administrator for a BILL account, we will share your information with your Users in accordance with your account settings and preferences. If you are a BILL User, the account Administrator can access your information and change certain of your settings, and BILL may send information about your use of the Service to the Administrator.
With your authorized service providers. If you sign up or authorize your accountant or another third party service provider to use or access the Service on your behalf or to use your BILL account, including by linking your BILL account to a Console, we will share your information with that authorized third party.
With third parties you choose to interact with through BILL. We share your information with third parties that you choose to interact with through the Service, including but not limited to your Vendors or Customers. We may also share your information with third party services that are supported by and integrate or sync with the Service, based on your choices and account settings, such third-party data entry services, accounting software providers, or social media sites that link to the Service. This Privacy Notice does not apply to collection, storage, or other processing of your information by third parties. The privacy practices of third parties, such as accounting software providers or social media sites, are governed solely by their privacy policies and terms of use. To understand how third parties process and protect your information, we recommend that you review their privacy policies, terms of use, and websites.
Fraud prevention. We may share information about changes to your BILL account, such as changes to a bank account or to your address, with your Vendors or Customers for purposes of fraud prevention and detection.
With others on the BILL network, based on your choices. Based on your profile visibility choices, we may share certain information about you with members of the BILL payment network. See Controlling your profile visibility for more information. The processing of your information by any other member of the BILL network with whom you choose to share your information, based on your profile settings, is governed solely by the privacy policy of the third party.
With our partners and service providers. We may share your information with our third-party service providers and business partners as needed to provide, maintain, support, secure, and improve the Service. Services provided to BILL by third-party providers include, but are not limited to, identity verification, payment processing, fraud prevention, database management, data storage, web analytics, and marketing services. Our third-party service providers have access to your information only for the purposes of performing specific tasks on our behalf in compliance with our Terms of Service, and are obligated not to use or disclose your information for any other purpose or in any manner that is inconsistent with this Privacy Notice.
For example, BILL may use Plaid Technologies (“Plaid”) to gather certain information about you from financial institutions. By using the Service, you grant us and Plaid the right, power, and authority to access and transmit the information obtained about you from financial institutions for purposes related to the Service. This Privacy Notice does not apply to collection, storage or other processing of your information by Plaid, which is governed by solely by the Plaid Privacy Policy. Another example is that if you access or use the Google Maps Platform (“Google Maps”) through the Service, your use of Google Maps is subject to Google’s Terms of Service and the Google Privacy Policy.
Aggregated and non-identifying information. We share aggregated and anonymized information with third parties for industry and clickstream analysis, demographic profiling, and other purposes. Aggregated and anonymized information shared for these purposes will not contain personal information that can be associated with you.
As required by law. We will share your information with third parties as required by law. BILL cooperates with government, law enforcement, and private third party requests for information as we, in our sole discretion, determine is reasonably necessary to comply with any applicable law, regulation, government request or legal process, including but not limited to subpoenas.
As permitted by law. We may share your personal information as permitted by law, including, but not limited to, as we, in our sole discretion, believe necessary or appropriate to ensure the security and confidentiality of the Service, to prevent, detect or respond to fraud or security incidents, to respond to claims and legal process, to protect the property or rights of BILL or a third party, to protect the safety of the public or any person, or to prevent or stop any illegal, unethical or legally actionable activity.
In connection with business transactions or corporate changes. The information that we collect in connection with the Service is a business asset. As a result, we may share or transfer your information if we enter bankruptcy or are party to a business transaction, such as a merger, acquisition, reorganization, or asset sale.
We may share your information at your direction or with your consent.
BILL will retain your information in accordance with our internal records retention and management policies and procedures, including as necessary to provide you with the Service or administer your BILL account, or as long as necessary to comply with legal obligations, resolve disputes, reserve legal rights, and enforce agreements.
You can update, correct, or restrict processing of the information associated with your BILL account at any time. You can make such changes through the Service, or you can request changes to your account information by contacting BILL Customer Support through our customer support portal. You understand that if you restrict processing of the information associated with your BILL account, you may lose access to certain features and functionalities of the Service, including but not limited to the ability to request or send payments through the Service.
You may cancel your BILL account at any time through the Service, or by contacting BILL Customer Support through our customer support portal. See our Terms of Service for more information on canceling your BILL account. After cancellation of your account, this Privacy Notice will continue to apply to any information collected about you by BILL.
BILL and our third-party service providers set and use cookies and similar technologies to store and manage user preferences, enable content, gather analytic and usage data, and deliver targeted advertising. A cookie is a small text file that is placed on a computer or other device, and is used to identify the device and to collect information.
Cookies are typically assigned to one of the following categories, depending on their function and intended purpose:
Most browsers are set up to accept cookies automatically. You can deactivate the storing of cookies or adjust your browser to inform you before the cookie is stored on your computer. Some browsers have “Do Not Track” features that allow you to tell websites not to track you. These features are not all uniform. BILL does not currently respond to “Do Not Track” signals.
Controlling your profile visibility. When you create a BILL account, you will create an account profile. The settings that you choose for your profile will control how your profile information is shared within the BILL payment network or with the public. See Network Profile Visibility Settings for details about your profile visibility options.
Updating your account information. You can access, update, change, or correct your account information at any time by accessing your profile through the Service or by contacting BILL Customer Support through our customer support portal. You can also change your email preferences through your BILL account profile settings at any time.
Managing marketing communications from us. We will honor any request from you to opt out of receiving marketing communications, including emails and text messages.
Please note that, even if you choose not to receive marketing communications from BILL, we can continue to send you informational communications related to your use of the Service or your BILL account.
Device settings. The device that you use to interact with the Service may have setting options that can be enabled or disabled to allow the BILL Service to access and use certain information and features on your device, such as mobile app push notifications, your contacts, camera, or photos. You can adjust your device setting if you do not want BILL or the Service to have access to this information or these features. You can also adjust your device or browser settings to block or provide notice of Cookies on your browser or mobile device. Please note, however, that disabling or limiting certain cookie settings on your device or browser may prevent you from interacting with some or all of the features of the Service, or may require you to do additional authentication. Learn more about cookies here.
Opting out of targeted online ads. We use cookies to gather information about your activities in order to provide you with targeted advertising based on your online activity and interests. You can opt out of receiving targeted ads by visiting the Digital Advertising Alliance’s opt-out page. Learn more here. You can also opt out of targeted advertising on the following channels using the included links: Twitter; Facebook; LinkedIn; Google; Bing.
If you sync or connect your BILL account with third party services. If you choose to sync or connect your BILL account with third-party services, such as accounting software services or social media sites, we will share your information with the third-party service provider. If you do not want us to share your information with these third parties, you can choose not to sync or connect your BILL account with the third party service.
Community forums. BILL may offer blogs and publicly accessible community forums. You should be aware that any information you provide in these forums may be read, collected, and used by others who access them. To request removal of your information from a blog or community forum, contact BILL Customer Support through our customer support portal.
Supplemental privacy notice. Residents of some states and countries have additional privacy rights. Information on these rights are provided in the following supplemental privacy notices:
BILL is committed to protecting the security and privacy of your information. BILL recognizes the importance and confidentiality of your information. We have implemented technical, administrative, and physical security measures designed to protect your information from unauthorized access, disclosure, use, and modification. BILL maintains industry standard attestations and has formal SSAE18 SOC1, SOC2 and SOC3 attestation reports. Please be aware however that no security measures are perfect or impenetrable.
Your information may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to provide information to us, we may transfer such information to the United States or other jurisdictions for processing. Your submission of such information represents your consent to that transfer.
BILL’s E-SIGN Disclosure and Consent
Persons under the age of 18 year are not eligible to use, access or otherwise interact with BILL or the Service. If we become aware that a child under the age of 18 has created an account with us or is otherwise using the Service, we will take steps to remove access, disable the account, and delete any information related to the child as soon as reasonably possible.
This Privacy Notice may be updated periodically and will be posted on the Website, indicating when it was last updated. If there are material changes to our Privacy Notice, we will post a notice on our website and/or provide other notice as required by law. If you object to any changes to this Privacy Notice, you can cancel your account at any time. See the “Canceling or making changes to your account” section above for more information on canceling your account.
If you have any questions or concerns about this Privacy Notice or about how BILL collects, uses, or otherwise processes your information, you can reach BILL Customer Support through our customer support portal or the BILL Privacy Team at privacy@hq.bill.com or contact us at: