Effective date: January 20, 2023
This Privacy Notice is provided by Bill.com, LLC and explains how Bill.com, LLC and the Bill.com, LLC family of companies, including DivvyPay, LLC, Invoice2go, LLC, Cimrid Pty Ltd, and Finmark Financial, Inc. (together, along with its affiliates, successors, and assigns, “BILL”, “We”, “Us”, or “Our”). It governs our collection and handling of personal information about you (“You,” “Your” or “Yourself”) when You interact with us through any websites, applications, promotions, products, and services (collectively, the “Service”), including all those that link to this Privacy Notice, as well as any any surveys, rewards, promotions, sweepstakes, contests, referrals, or other marketing activities conducted by BILL or in connection with the Service (collectively “BILL Marketing”). It also does not apply to business information You might provide. When You share information with Us, or bring over information from third parties (like a bank or accounting software provider), We use that data together, not just within the individual offering(s) You’re using.
Capitalized terms not defined in this Privacy Notice have the meanings given to them in BILL’s Terms of Service. Please review this Privacy Notice carefully.
BILL will share Your information only as described in this Privacy Notice, or as permitted by law. BILL will not sell, lease, rent, or trade Your personal information to any third party for that party’s marketing or promotional purposes, unless You give Your consent.
If You are an individual, or are acting on behalf of an individual, and obtained a BILL Account primarily for personal, family, or household purposes, please read our Consumer Privacy Notice to understand our privacy practices and the privacy choices available to You.
By continuing to use the Service or participating in BILL Marketing after being provided with this Privacy Notice, You consent to BILL’s policies and practices as described herein.
This Privacy Notice explains:
INFORMATION WE COLLECT AND THE SOURCES FROM WHICH WE COLLECT IT
BILL collects information about You from:
You;
Your use of the Service or Your participation in BILL Marketing; and
Third parties.
The Services You use and how You use them dictate the information that BILL collects.
Information We Collect from You
We collect information from You when You use the Service, contact Us for support, or provide Us with feedback on the Service. As new products, services, or features are offered on the BILL platform, We may collect new and different types of information from You when You use the Service or contact BILL in connection with Your account. The information we receive about You depends on the context of Your interactions with BILL, how You configure Your BILL Account, the choices that You make, including Your privacy settings, Your location and applicable law.
Account information. When You sign up for a BILL Account or register as a BILL User, We collect contact and identifying information about You, including but not limited to: Your name; billing address; phone number; email; Tax Identification Number or Social Security Number (collectively, “TIN”); date of birth (natural persons); government-issued identification (natural persons); and Organization information, including company name and address, formation documents, business license, tax documents, Organization revenue, phone number and business email address. We may require You to provide device information to receive multi-factor authentication.
Financial information. When You use the Service to make or receive payments or apply for or use certain Services, such as a line of credit, bank account, loan, or expense reimbursements, we may collect certain financial information from You, including bank routing and account information, bank statements and bank transaction history, personal and/or business credit score, verification of bank account ownership, and/or a credit or debit card to bill Service Fees.
Information about Your Users, Customers, and Vendors. We may collect information from You about Your Users, Customers, and Vendors, including but not limited to name, address, email address, phone number, TIN, and financial information, which may be based on Your use of the Service and payment instructions.
Payment transaction information. When You request, make, receive, record, or otherwise process a payment through the Service, We collect information about the payment transaction and the transacting parties, such as the date, time and location(s) of the transaction, identifying information of the sender and recipient, the payment or transfer amount(s), bank account information for the sender and/or recipient, a description of the transaction, and the Service Fees charged by BILL.
Feedback. We collect information that You choose to provide to Us in connection with Your feedback about BILL or the Service, including through Your use of the Service or Your participation in BILL Marketing.
Online forms. We collect the information that You provide to us through online forms, including but not limited to forms on Our Website or social media forms, such as BILL webinar sign-up forms or LinkedIn forms.
BILL Marketing participant information. We collect the information that You provide voluntarily in connection with Your participation in BILL Marketing, including but not limited to engagement with event booths, sweepstakes, contests, promotions, awards, surveys, and referrals.
Importing Your contacts. If You choose to import contacts from Your email account, including to invite those contacts to use the Service, we will collect the username and password for the linked email account, as well as the contact information for Your contacts. We will only use this information for the purposes for which it is shared by You.
Other. When You use the Service or otherwise engage with BILL, even if You do not establish or use a BILL Account, We may collect information about You, such as name, email address, phone, and mailing address. We may also collect information from You when You visit our Website.
Information We Collect from Your Use of the Service
Device information. We collect information about Your device when You install, access, or use the Service on that device. The device information that we collect may include: IP address; hardware model; operating system information; unique device identifier and other technical identifiers; BILL app version; browser information; device or browser preferences; and mobile network. Your device may also allow us to collect and use information received through device-based settings, such as access to Your contacts, camera, or photos, based on Your settings. See section V (“Your Choices and Personal Information Rights”) for additional information on managing Your device settings.
Cookies and similar technologies. BILL and Our service providers may use tools such as cookies, web beacons, pixels, local shared objects and similar technologies (collectively “cookies”) to collect information about You so We can provide the experiences You request, recognize Your visit, track Your interactions, and improve Your and other customers’ experiences. You have control over some of the information we collect from cookies and how We use it. Please see section V (“Your Choices and Personal Information Rights”) for more information. For full details on how we use cookies and similar technologies please see our Cookie Notice.
Service use information. We collect information about how You access and use the Service, including but not limited to: Your IP address; the domain name of the Internet Service Provider You use; the date(s) and time(s) You access the Service; the pages You access and view; any term(s) You search; unique device identifiers.
Information from third parties You choose to interact with through BILL. We collect information about You from third parties with whom You interact through the Service, including but not limited to Your Vendors or Customers. We may also collect information about You from third party services that are supported by, sync, or integrate with the Service, including but not limited to third-party data entry services or accounting software providers.
Information We Collect about You from Third Parties
We may obtain information about You from others where permitted by applicable law. We protect and process information obtained from those parties as described in this Privacy Notice, consistent with any additional restrictions imposed by the source of the information. Our sources may vary over time and depend upon how You use the Services.
Other Users. We may receive information about You from other Users, such as Your accountant, bookkeeper, Your employer, or other business customers using the Services. For example, others may be able to input information about You--e.g., one of BILL’s customers may share information about You with Us in order to use and benefit from the Payment Services. We may also collect such information through features like referral programs.
Social networks. We may receive information about You when You interact with our Services through various social networks, for example, by “liking” Us on Facebook or “following” us on Twitter or LinkedIn. The types of information we receive depends on Your privacy settings with the particular social network. You should always review, and, if necessary, adjust Your privacy settings on third party websites, mobile applications and services before linking or connecting them to our Services.
Identify verification providers. We collect information about You, such as contact details, Organization information, and financial details, from third party identification verification providers. This may include email and telecommunication providers.
Risk management, cybersecurity, and anti-fraud providers. We collect information about You, such as contact details, Organization information, and financial details, from fraud detection and prevention and security providers. This may include email and telecommunication providers.
Publicly-available and third-party sources. We collect information about current and prospective Users of the Service from publicly and/or commercially available services, including but not limited to lead generation services, providers of customer and lead data, and marketing partners, as well as enriched data about visitors to Our Website, all as permitted by law.
Credit bureaus. Some of Our Services rely on information about You or Your Organization that we receive from personal and business credit reporting agencies.
Joint offering partners. We may offer co-branded services or experiences or engage in joint-marketing activities with others, including through online or live events, and will receive information about You or Your Organization from these partners.
Third parties that You connect to BILL. If You choose to sync a non-BILL account/service with Your Account, we will receive information from that account/service according to Your settings with that account/service.
HOW WE USE THE INFORMATION WE COLLECT
We use the information that We collect for purposes of:
providing or facilitating the Service;
improving the Service;
maintaining the security of the Service and Our Network;
marketing Our products and Services and other products and services offered through the BILL platform (unless You choose to opt out); and
as required or permitted by law.
To Provide or Facilitate the Service
Registering Your Account. When You create a BILL Account or enroll as a User, we use the information We collect about You, including any identifying information or financial information, for purposes related to the review, establishment, provision, administration, maintenance and monitoring of Your BILL Account or Your use of the Service. We also use this information to verify Your identity and Your eligibility to use the Service, and to comply with applicable law.
Providing or facilitating the Service to You. We use the information We collect about You, together with information You provide about Your Customers and Vendors and the content that You upload to the Service, to provide the Service to You. We also use Your information to process payments requested by You and to provide You with transaction history and account information.
Providing customer service and technical support. We use Your information, including Your name, phone number, email address, account number, payment history and device information, to process and respond to Your requests or inquiries, and to provide You with customer service, technical support, or software updates.
Communicating with You. We use Your information to communicate with You, including by e-mail, SMS, push notification or phone, about the Service or Your BILL Account, and to provide You with security, technical, support, and administrative messages, including for purposes of multi-factor authentication.
When contacting You by phone, We may use, and You consent to receive, as permitted by applicable law, informational autodialed calls and text messages, as described in our Terms of Service. If You wish to opt out of receiving autodialed calls or text messages from BILL, You can contact BILL Customer Support by clicking on Help once You have logged in (if You are unable to log in, please click on the chat modal here to connect with Us). You understand that if You opt out of receiving informational autodialed calls or text messages, such as for multi-factor authentication, You may lose access to certain features and functionalities of the Service, including but not limited to the ability to request or send payments through the Service. BILL may, without further notice or warning and in its sole discretion, where permitted by law, monitor or record telephone conversations between BILL or its agents and You or anyone acting on Your behalf, for quality control and training purposes or for BILL’s protection. While Your communications with BILL may be overheard, monitored, or recorded, not all telephone lines or calls may be recorded by BILL, and BILL does not guarantee that recordings of any particular telephone calls will be retained or retrievable.
To Improve the Service
Improving and developing the Service. We use our information, including Your payment transaction information and Your feedback to BILL, to analyze trends, monitor usage or traffic patterns (including to better understand how You use the Services), develop new products or features, and improve and enhance the Service.
Links to other websites or applications. If You link to a third-party service, website, application, or any services offered through such sites and applications, through the Service, We may track whether the link has been followed to improve the Service, understand how You use the Service, and build and improve BILL’s partnership activities. This Privacy Notice does not apply to and We are not responsible for any third-party website or applications or any services offered through such sites and applications that are not owned or controlled by BILL, including those that link to the Service. To understand how third parties process and protect Your information, We recommend You review their privacy policies, terms of use, and websites.
To Maintain a Secure Environment
Protecting Your Account. We use Your information to prevent, detect, investigate, and report fraud, security incidents, errors, unauthorized transactions, or other activities that may violate Our policies or be illegal.
Ensuring the reliability, safety, and security of the Service. We use the information that We collect to secure and protect the integrity of Our Network, prevent unauthorized access to the Service, help diagnose and troubleshoot potential hardware malfunctions, and otherwise secure the Service.
Compliance with the law. We use the information that We collect to comply with and enforce our Terms of Service and all laws and regulations applicable to the Service.
Marketing and Promotional Purposes
Marketing and advertising. We use the information that We collect about You to market the Service to You, to communicate with You about products, features, or BILL Marketing, and to tailor ads based on Your interests and browsing history (please see Section I.B.2. (Cookies and similar technologies)). If We send You a marketing email, We will provide You with information on opting out of future marketing emails or communications from Us. If You opt out, We can continue to send You informational communications relating to the use of the Service, such as transaction receipts or administrative messages about Your BILL Account. We may also use information about You for Our marketing purposes, including to identify other similar prospective customers who may be interested in the Service.
Referrals. If You refer another person to the Service, we will collect a name and email address for the referral. We will use this information to send an email invitation to use BILL to the person You are referring. BILL may retain the referral information, but solely for the purpose of tracking the success of Our referral program.
Sweepstakes, contests, and other promotions. We may use the information that You voluntarily provide in connection with a sweepstakes, contest or other promotion (“Promotion”) sponsored by BILL in accordance with the official rules for the Promotion.
As Required or Permitted by Law
We may use the information We collect about You as required or permitted by law. Such uses include, but are not limited to, compliance with anti-money laundering and anti-terrorism financing laws, “know your customer” regulations, and OFAC sanctions requirements.
We may also use information about You where You have given us consent to do so for a specific purpose not listed above. As one example, We may publish testimonials or featured customer stories to promote the Services, with Your permission.
HOW WE SHARE OR DISCLOSE THE INFORMATION WE COLLECT
We share or disclose Your information:
within the BILL corporate family;
with third parties that You authorize
with Our service providers and third party;
as required or permitted by law; and
with Your consent.
Within the BILL Corporate Family
We may share Your information within Our corporate family, including, but not limited to Bill.com, LLC, Bill.com Canada LLC, DivvyPay, LLC, Invoice2go, LLC, Cimrd Pty Ltd, Finmark Financial, Inc., and any affiliates or subsidiaries of these companies or Our parent company, Bill.com Holdings, Inc. (collectively, “BILL Group Companies”) for the purposes identified in the BILL Privacy Notice. As the Services grow and expand, including into other countries, we may add to Our corporate family.
With Third Parties That You Authorize
With other Users on Your BILL Account. If You are the Administrator for a BILL Account, We will share Your information with Your Users in accordance with Your account settings and preferences. If You are a BILL User, the Account Administrator can access certain of Your information and change certain of Your settings, and BILL may send information about Your Use of the Service to the Administrator.
With Your authorized service providers. If You sign up or authorize Your accountant or another third party service provider to use or access the Service on Your behalf or to use Your BILL Account, including by linking Your BILL Account to a Console, we will share Your information with that authorized third party.
With third parties You choose to interact with through BILL. We share Your information with third parties that You choose to interact with through the Service, including, but not limited, to Your Vendors or Customers. We may also share Your information with third party services that are supported by and integrate or sync with the Service, based on Your choices and account settings, such third-party data entry services, accounting software providers, or social media sites that link to the Service. This Privacy Notice does not apply to collection, storage, or other processing of Your information by third parties. The privacy practices of third parties, such as accounting software providers or social media sites, are governed solely by their privacy policies and terms of use. To understand how third parties process and protect Your information, We recommend that You review their privacy policies, terms of use, and websites.
Fraud prevention. We may share information about changes to Your BILL account, such as changes to a bank account or to Your address, with Your Vendors or Customers for purposes of fraud prevention and detection.
With others on the BILL Network. We may share certain information about You with members of the BILL Network, in accordance with the Network Rules. The processing of Your information by any other member of the BILL Network is governed solely by the privacy policy of the third party.
With Our Service Providers and Third Party Partners
With Our service providers. We may share Your information with Our service providers that perform services on our behalf, as needed to carry out their work for Us, which may include providers of services for identifying and serving advertisements, content or service fulfillment, or providing analytic, archival, auditing, accounting, legal, business consulting, banking, payment, delivery, data processing, data analysis, research, investigation, marketing, website or other technology services. Services provided to BILL by these providers include, but are not limited to, identity verification, payment processing, fraud prevention, database management, data storage, web analytics, and marketing services. Service providers are required to implement reasonable privacy and information protection controls to maintain the privacy and security of information provided to them consistent with the privacy practices outlined in this Privacy Notice, and are obligated not to use or disclose Your information for any other purpose or in any manner that is inconsistent with this Privacy Notice.
With Our third party partners. We may share Your information with Our third party partners, depending on how You use the Service. For example:
If You apply for or use a line of credit, bank account, or loan, We may share Your information with the partner providing that service and the partner may also collect or receive additional information from You, all of which may be subject to the partner’s own privacy policies and terms.
BILL may use Plaid Technologies (“Plaid”) or other partners to gather certain information about You from financial institutions. By using the Service, You grant Us, Plaid, and other partners the right, power, and authority to access and transmit the information obtained about You from financial institutions for purposes related to the Service. This Privacy Notice does not apply to collection, storage or other processing of Your information by Plaid, which is governed solely by the Plaid Privacy Policy.
If You access or use the Google Maps Platform (“Google Maps”) through the Service, Your use of Google Maps is subject to Google’s Terms of Service and the Google Privacy Policy.
As Required or Permitted by Law
As required by law. We will share Your information with third parties as required by law. BILL cooperates with government, law enforcement, and private third party requests for information as We, in Our sole discretion, determine is reasonably necessary to comply with any applicable law, regulation, government request or legal process, including but not limited to subpoenas.
As permitted by law. We may share Your personal information as permitted by law, including, but not limited to, as We, in Our sole discretion, believe necessary or appropriate to ensure the security and confidentiality of the Service, to prevent, detect or respond to fraud or security incidents, to enforce, remedy, or apply our Terms of Service or other agreements, to respond to claims and legal process, to protect the property or rights of BILL or a third party, to protect the safety of the public or any person, or to prevent or stop any illegal, unethical or legally actionable activity.
In connection with business transactions or corporate changes. The information that we collect in connection with the Service is a business asset. As a result, We may share or transfer Your information if we enter bankruptcy or are party to a business transaction, such as a merger, acquisition, reorganization, or asset sale.
With Your Consent
We may share Your information at Your direction or with Your consent.
HOW LONG WE RETAIN INFORMATION
BILL will retain Your information as long as it is necessary to comply with Our internal records retention and management policies and procedures and to provide You with the Service or administer Your BILL Account, or as long as necessary to comply with legal obligations, resolve disputes, reserve legal rights, and enforce agreements.
YOUR CHOICES AND PERSONAL INFORMATION RIGHTS
Managing Your Account. When You create a BILL Account, You will create an Account profile. You have options for managing Your Account information and communication preferences within Your Account. You can update, change, or correct certain Account information and communication preferences at any time by logging into Your Account and changing Your Account settings. If You have questions about reviewing or modifying Your Account information, You may contact BILL’s Customer Support by clicking on Help once You have logged in (if You are unable to log in, please click on the chat modal here to connect with Us).
Managing Marketing Communications From Us. We will honor any request from You to opt out of receiving marketing communications, including emails and text messages.
To opt out of receiving marketing emails from BILL, click the “unsubscribe” link at the bottom of a BILL marketing email. For marketing text (SMS) messages, reply “STOP” or follow the instructions in the message.
Please note that, even if You choose not to receive marketing communications from BILL, We can continue to send You informational communications related to Your use of the Service or Your BILL Account.
Device Settings. The device You use to interact with the Service may have setting options that can be enabled or disabled to allow the Service to access and use certain information and features on Your device, such as mobile app push notifications, Your contacts, camera, or photos. You can adjust Your device setting if You do not want BILL or the Service to have access to this information or these features. You can also adjust Your device or browser settings to block or provide notice of cookies on Your browser or mobile device. Please note, however, that disabling or limiting certain cookie settings on Your device or browser may prevent You from interacting with some or all of the features of the Service, or may require You to do additional authentication. Learn more about cookies here.
Opting Out of Targeted Online Ads. We use cookies to gather information about Your activities in order to provide You with targeted advertising based on Your online activity and interests. You can opt out of receiving targeted ads by visiting the Digital Advertising Alliance’s opt-out page. Learn more here. You can also opt out of targeted advertising on the following channels using the included links: Twitter; Facebook; LinkedIn; Google; Bing. If You reside in California, Colorado, Connecticut, Virginia, or Utah, please refer to the US State Supplemental Privacy Notice for more information about opting out of tracking for targeted advertising purposes, or opting-out of sale and/or sharing of Your Information.
Community Forums. BILL may offer blogs and publicly accessible community forums. You should be aware that any information You provide in these forums may be read, collected, and used by others who access them. To request removal of Your information from a blog or community forum, contact BILL’s Customer Support by clicking on Help once You have logged in (if You are unable to log in, please click on the chat modal here to connect with Us).
Supplemental Privacy Notice. Residents of some states have additional privacy rights. Information on these rights are provided in the following supplemental privacy notices:
HOW WE PROTECT THE SECURITY OF YOUR INFORMATION
BILL recognizes the importance and confidentiality of Your information, and is committed to protecting the security and privacy of Your information collected through the Services. We have implemented commercially reasonable technical, administrative, and physical security measures designed to protect Your information from unauthorized access, disclosure, use, and modification. BILL maintains industry standard attestations and has formal SSAE18 SOC1, SOC2 and SOC3 attestation reports. Please be aware, however, that no security measures are perfect or impenetrable and We cannot guarantee that Your information under Our control may not be accessed, disclosed, altered, or destroyed by breach of our administrative, managerial, and technical safeguards. Therefore, We encourage You to take adequate precautions to protect Your personal information as well, including never sharing Your BILL password with anyone.
If BILL learns that Your personal information under Our control is compromised as a result of a breach of security, We will take reasonable steps to investigate the situation and where appropriate, notify those individuals or customers whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.
INTERNATIONAL TRANSFERS
Your information may be transferred to and maintained on computers located outside of Your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in Your jurisdiction. For example, if You are located in the European Economic Area (“EEA”), Canada, New Zealand, or Australia, We may transfer Your personal information to the United States or other countries outside of the country of Your residence. By using our Service or website or otherwise providing personal information to Us, You hereby expressly consent to the transfer of Your personal information outside Your country or region.
NOTICES TO CONSUMERS
INFORMATION FOR CHILDREN UNDER THE AGE OF 18
Persons under the age of 18 years old are not eligible to use, access or otherwise interact with BILL or the Service. If we become aware that a child under the age of 18 has created an account with Us or is otherwise using the Service, we will take steps to remove access, disable the account, and delete any information related to the child as soon as reasonably possible and where required by law.
UPDATES TO THIS PRIVACY NOTICE
This Privacy Notice may be updated periodically and will be posted on the Website, with an “Effective Date” at the top of the page indicating when it was last updated. Any changes are effective on the date that the updated Privacy Notice is posted. If the applicable law requires that We provide notice in a specified manner prior to making any changes to this Privacy Notice, We will provide such required notice. If You object to any changes to this Privacy Notice, You can cancel Your Account at any time. By continuing to use the Service or participating in BILL Marketing after being provided with this Privacy Notice, You consent to the updated Privacy Notice.
HOW TO CONTACT US
If You have any questions or concerns about this Privacy Notice or about how BILL collects, uses, or otherwise processes Your information, You can reach contact BILL’s Customer Support by clicking on Help once You have logged in (if You are unable to log in, please click on the chat modal here to connect with Us) or the BILL Privacy Team at privacy@divvypay.com or contact us at:
Attn: Privacy Officer
BILL
6220 America Center Drive, Suite 100
San Jose, CA 95002
U.S.A.
Supplemental Privacy Notice to Residents of California, Colorado, Connecticut, Virginia, and Utah