Effective date: January 1, 2023
To review the previous Privacy Notice, click here.
This Privacy Notice applies to all Bill.com, LLC (along with its affiliates, successors, and assigns, “BILL”) websites, applications, promotions, products and services (collectively, the “BILL Service” or the “Service”), including all those that link to this Privacy Notice, and describes how BILL collects, uses, shares, transfers, stores, retains, or otherwise processes your personal information. This Privacy Notice also applies to any surveys, rewards, promotions, sweepstakes, contests, referrals, or other marketing activities conducted by BILL or in connection with the BILL Service (collectively “BILL Marketing”). This Privacy Notice does not apply to any third party website or service that BILL does not own or control. Capitalized terms not defined in this Privacy Notice have the meanings given to them in BILL’s Terms of Service. Please review this Privacy Notice carefully.
BILL will share your information only as described in this Privacy Notice, or as permitted by law. BILL will not sell, lease, rent, or trade your personal information to any third party for that party’s marketing or promotional purposes, unless you give your consent.
If you are an individual, or are acting on behalf of an individual, and obtained a BILL account primarily for personal family or household purposes, please read our Consumer Privacy Notice to understand our privacy practices and the privacy choices available to you.
By continuing to use the Service or participating in BILL Marketing after being provided with this Privacy Notice, you consent to BILL’s policies and practices as described herein.
This Privacy Notice explains:
Information we collect and the sources from which we collect it
BILL collects information about you from:
your use of the Service or your participation in BILL Marketing; and
Information that We Collect from You
Account information. When you sign up for a BILL account or register as a BILL User, we collect contact and identifying information about you, including but not limited to: your name; billing address; phone number; email; Tax Identification Number or Social Security Number (collectively, “TIN”); date of birth (natural persons); government-issued identification (natural persons); and Organization information, including company name and address, formation documents, business license, tax documents, phone number and business email address. We require you to choose a strong password, and may require you to provide device information to receive multi-factor authentication. We collect information from you when you use the Service, contact us for support, or provide us with feedback on the Service. As we introduce new products, services or features, we may collect new and different types of information from you when you use the Service or contact BILL in connection with your account.
US PATRIOT Act. To help the U.S. government fight the funding of terrorism and money laundering activities, federal and state law requires financial institutions, including money services businesses like BILL, to obtain, verify, and record information that identifies every customer.
What this means for you: When you use the Service, we will ask you for your name, address, date of birth, and other information that will allow us to identify you. We may also ask to see your driver’s license or other identifying documents, such as business related documents. We will let you know if additional information is required.
Financial information. When you use the BILL Service to make or receive payments, we collect certain financial information from you, such as bank routing and account information, including bank statements and verification of bank account ownership, and/or a credit or debit card to bill Service Fees. We may also collect information to verify financial condition and creditworthiness.
Information about your Customers and Vendors. We may collect information from you about your Customers and Vendors, including but not limited to name, address, email address, phone number, TIN, and financial information, based on your use of the Service and payment instructions.
Payment transaction information. When you request, make, receive, record, or otherwise process a payment through the BILL Service, we collect information about the payment transaction and the transacting parties, such as the date, time and location(s) of the transaction, identifying information of the sender and recipient, the payment or transfer amount(s), bank account information for the sender and/or recipient, a description of the transaction, and the Service Fees charged by BILL.
Feedback. We collect information that you choose to provide to us in connection with your feedback about BILL or the BILL Service, including through your use of the BILL Service or your participation in BILL Marketing.
Online forms. We collect the information that you provide to us through online forms, including but not limited to forms on our Website or social media forms, such as BILL webinar sign-up forms or LinkedIn forms.
BILL marketing participant information. We collect the information that you provide voluntarily in connection with your participation in BILL Marketing, including but not limited to engagement at event booths, sweepstakes, contests, promotions, surveys, and referrals.
Importing your contacts. If you choose to import contacts from your email account, including to invite those contacts to use the Service, we will collect the username and password for the linked email account, as well as the contact information for your contacts. We will only use this information for the purposes for which it is shared by you.
Other. When you use the BILL Service or otherwise engage with BILL, even if you do not establish or use a BILL account, we may collect information about you, such as name, email address, phone, and mailing address. We may also collect information from you when you visit our Website.
Information We Collect from Your Use of the BILL Service
Device information. We collect information about your device when you install, access, or use the BILL Service on that device. The device information that we collect may include IP address, hardware model, operating system information, BILL app version, browser information, and mobile network. Your device may also allow us to collect and use information received through device-based settings, such as access to your contacts, camera, or photos, based on your settings. See the “How you can manage your privacy choices” section below for additional information on managing your device settings.
Geolocation information. When you use the Service, we collect the location of the device that you are using to access BILL.
How you interact with the BILL Services. We collect information about how you access and use the Service, including but not limited to: your IP address; the domain name of the Internet Service Provider you use; and the date(s) and time(s) you access the Service; the pages you access and view; any term(s) you search; and the individual address of the device that you use to interact with the BILL Service.
Information from third parties you choose to interact with through BILL. We collect information about you from third parties with whom you interact through the BILL Service, including but not limited to your Vendors or Customers. We may also collect information about you from third party services that are supported by, or sync or integrate with the Service, including but not limited to third-party data entry services or accounting software providers.
Information We Collect about You from Third Parties
Identify verification. We collect information about you from third parties as required and permitted by law, including but not limited to for purposes of verifying your identity and/or complying with anti-money laundering and anti-terrorism financing laws, “know your customer” regulations, and OFAC sanctions requirements.
Compliance and fraud. We collect information about you from third parties for purposes of fraud detection and prevention, in connection with certain types of investigations, or as otherwise permitted by law to ensure the safety and security of the Service.
Address and Organization information. We collect information about you or your Organization from commercially available sources to ensure your account information, for example your address, is accurate and up-to-date.
Marketing. We collect information about current and prospective users of the Service from third party services, including but not limited to lead generation services and providers of customer and lead data, as well as enriched data about visitors to our Website, all as permitted by law.
How we use the information we collect
We use the information that we collect for purposes of:
providing the BILL Service,
improving the Service,
maintaining the security of the Service and our network,
marketing our products and services (unless you choose to opt out), and
as required or permitted by law.
To Provide the BILL Service
Registering your account. When you create a BILL account or enroll as a BILL account User, we use the information that we collect about you, including any identifying information or financial information, for purposes related to the review, establishment, provision, administration, maintenance and monitoring of your BILL account or your use of the Service. We also use this information to verify your identity and your eligibility to use the BILL Service, and to comply with applicable law.
Providing our Service to you. We use the information that we collect about you, together with information that you provide about your Customers and Vendors and the content that you upload to the Service, to provide the Service to you in accordance with your instructions and BILL account settings and elections. We also use your information to process payments requested by you and to provide you with transaction history and account information.
Providing customer service and technical support. We use your information, including your name, phone number, email address, account number, payment history and device information, to process and respond to your requests or inquiries, and to provide you with customer service, technical support, or software updates.
Communicating with you. We will use your information to contact you about the Service or your BILL account, and to provide you with security, technical, support and administrative messages, including for purposes of multi-factor authentication.
When contacting you by phone, we may use, and you consent to receive, as permitted by applicable law, informational autodialed calls and text messages, as described in our Terms of Service. If you wish to opt out of receiving autodialed calls or text messages from BILL, you can contact BILL Customer Support through our customer support portal. You understand that if you opt out of receiving informational autodialed calls or text messages, such as for multi-factor authentication, you may lose access to certain features and functionalities of the Service, including but not limited to the ability to request or send payments through the Service. BILL may, without further notice or warning and in its sole discretion, where permitted by law, monitor or record telephone conversations between BILL or its agents and you or anyone acting on your behalf, for quality control and training purposes or for BILL’s protection. While your communications with BILL may be overheard, monitored, or recorded, not all telephone lines or calls may be recorded by BILL, and BILL does not guarantee that recordings of any particular telephone calls will be retained or retrievable.
To Improve the BILL Service
Improving and developing the Service. We aggregate your information, including your payment transaction information and your feedback to BILL, with information from other BILL users and use that data to improve the Service, to develop new BILL products or features, and to enhance the quality of the Service. We use this information to provide you with a better experience, to administer the Service, to improve the quality and value of the Service, and to gather broad demographic information about how the Service is used.
To Maintain a Secure Environment
Protecting your account. We use the information we collect from you to prevent, detect, investigate, and report fraud or security incidents related to your use of the Service or your BILL account. We use your information to investigate any error, unauthorized transaction, or other fraud or security incident that we discover or that you report to us.
Ensuring the reliability, safety and security of the Service. We use the information that we collect to comply with and enforce our Terms of Service and all laws and regulations applicable to the Service. We use the information that we collect to secure and protect the integrity of our network, prevent unauthorized access to the Service, help diagnose and troubleshoot potential hardware malfunctions, and otherwise secure the Service.
Marketing and Promotional Purposes
Marketing and advertising. We use the information that we collect about you to market the Service to you, and to communicate with you about BILL products or features, or BILL Marketing, that may be of interest to you. If we send you a marketing email, we will provide you with information on opting out of future marketing emails or communications from us. If you opt out, we can continue to send you informational communications relating to the use of the BILL Service, such as transaction receipts or administrative messages about your BILL account. We may also use information about you for our marketing purposes, including to identify other similar prospective customers who may be interested in the Service.
Referrals. If you refer another person to the BILL Service, we will collect a name and email address for the referral. We will use this information to send an email invitation to use BILL to the person you are referring. BILL may retain the referral information, but solely for the purpose of tracking the success of our referral program.
Sweepstakes, contests, and other promotions. We may use the information that you voluntarily provide in connection with a sweepstakes, contest or other promotion (“Promotion”) sponsored by BILL in accordance with the official rules for the Promotion.
As Required or Permitted by Law
We may use the information that we collect about you as required or permitted by law. Such uses include but are not limited to compliance with anti-money laundering and anti-terrorism financing laws, “know your customer” regulations, and OFAC sanctions requirements.
How we share the information that we collect
We share your information:
within the BILL corporate family,
with third parties that you authorize,
with our partners and service providers,
as required or permitted by law, and
with your consent.
Within the BILL Corporate Family
We may share your information within our corporate family, including, but not limited to Bill.com, LLC, Bill.com Canada LLC, DivvyPay, LLC and any affiliates or subsidiaries of these companies or our parent company, Bill.com Holdings, Inc. (collectively, “BILL Group Companies”) for the purposes identified in the BILL Privacy Notice. As we grow and expand our Services and offer our Services in other countries, we may add to our corporate family.
With Third Parties That You Authorize
With other Users on your BILL account. If you are the Administrator for a BILL account, we will share your information with your Users in accordance with your account settings and preferences. If you are a BILL User, the account Administrator can access your information and change certain of your settings, and BILL may send information about your use of the Service to the Administrator.
With your authorized service providers. If you sign up or authorize your accountant or another third party service provider to use or access the Service on your behalf or to use your BILL account, including by linking your BILL account to a Console, we will share your information with that authorized third party.
Fraud prevention. We may share information about changes to your BILL account, such as changes to a bank account or to your address, with your Vendors or Customers for purposes of fraud prevention and detection.
With Our Third Party Service Providers and Partners
With our third-party service providers and business partners. We may share your information with our third-party service providers and business partners as needed to provide, maintain, support, secure, and improve the Service. Services provided to BILL by these third-party providers include, but are not limited to, identity verification, payment processing, fraud prevention, database management, data storage, web analytics, and marketing services. Our third-party service providers have access to your information only for the purposes of performing specific tasks on our behalf in compliance with our Terms of Service, and are obligated not to use or disclose your information for any other purpose or in any manner that is inconsistent with this Privacy Notice.
Aggregated and non-identifying information. We share aggregated and anonymized information with third parties for industry and clickstream analysis, demographic profiling, and other purposes. Aggregated and anonymized information shared for these purposes will not contain personal information that can be associated with you.
As Required or Permitted by Law
As required by law. We will share your information with third parties as required by law. BILL cooperates with government, law enforcement, and private third party requests for information as we, in our sole discretion, determine is reasonably necessary to comply with any applicable law, regulation, government request or legal process, including but not limited to subpoenas.
As permitted by law. We may share your personal information as permitted by law, including, but not limited to, as we, in our sole discretion, believe necessary or appropriate to ensure the security and confidentiality of the Service, to prevent, detect or respond to fraud or security incidents, to respond to claims and legal process, to protect the property or rights of BILL or a third party, to protect the safety of the public or any person, or to prevent or stop any illegal, unethical or legally actionable activity.
In connection with business transactions or corporate changes. The information that we collect in connection with the Service is a business asset. As a result, we may share or transfer your information if we enter bankruptcy or are party to a business transaction, such as a merger, acquisition, reorganization, or asset sale.
With Your Consent
We may share your information at your direction or with your consent.
How long we retain information
BILL will retain your information in accordance with our internal records retention and management policies and procedures, including as necessary to provide you with the Service or administer your BILL account, or as long as necessary to comply with our legal obligations, resolve disputes, reserve our legal rights, and enforce our agreements.
How to cancel or make changes to your BILL account
You can update, correct, or restrict processing of the information associated with your BILL account at any time. You can make such changes through the Service, or you can request changes to your account information by contacting BILL Customer Support through our customer support portal. You understand that if you restrict processing of the information associated with your BILL account, you may lose access to certain features and functionalities of the Service, including but not limited to the ability to request or send payments through the Service.
You may cancel your BILL account at any time through the Service, or by contacting BILL Customer Support through our customer support portal. See our Terms of Service for more information on canceling your BILL account. After cancellation of your account, this Privacy Notice will continue to apply to any information collected about you by BILL.
Cookies and third party technologies
Cookies are typically assigned to one of the following categories, depending on their function and intended purpose:
Essential cookies enable you to navigate our Website and to use the Service. Without these cookies, our Website will not perform as smoothly for you as we would like, and we may not be able to provide certain core functions and features.
Analytics cookies collect information about the use of our Website and application, and enable us to improve the way our Service works. For example, analytics cookies show us the most frequently visited pages and analyze site traffic. We use them to analyze broad trends and patterns of usage on our Website, rather than to monitor the usage of any particular individual.
We use third-party service providers, including Google Analytics, to analyze the use of our Website. You can opt-out of the use of web analysis at any time either by downloading and installing a Browser Plugin offered by Google or by configuring your browser to delete and reject cookies.
Social Media cookies collect information about your visits to our Website, but only when you are logged in to your social media account(s).
Customer interaction cookies allow us to communicate with you, including for purposes of real-time communication through our chat feature.
Marketing cookies track browsing habits and are used to deliver targeted (interest-based) advertising. You can opt out of receiving interest-based ads for web properties here (Digital Advertising Alliance’s WebChoices).
Most browsers are set up to accept cookies automatically. You can deactivate the storing of cookies or adjust your browser to inform you before the cookie is stored on your computer. Some browsers have “Do Not Track” features that allow you to tell websites not to track you. These features are not all uniform. BILL does not currently respond to “Do Not Track” signals.
Your choices and privacy rights
Controlling your profile visibility. When you create a BILL account, you will create an account profile. The settings that you choose for your profile will control how your profile information is shared within the BILL payment network or with the public. See Network Profile Visibility Settings for details about your profile visibility options.
Updating your account information. You can access, update, change, or correct your account information at any time by accessing your profile through the Service or by contacting BILL Customer Support through our customer support portal. You can also change your email preferences through your BILL account profile settings at any time.
Managing marketing communications from us. We will honor any request from you to opt out of receiving marketing communications, including emails and text messages.
To opt out of receiving marketing emails from BILL, click the “unsubscribe” link at the bottom of a BILL marketing email.
For marketing text (SMS) messages, reply “STOP” or follow the instructions in the message.
Please note that, even if you choose not to receive marketing communications from BILL, we can continue to send you informational communications related to your use of the Service or your BILL account.
Device settings. The device that you use to interact with the Service may have setting options that can be enabled or disabled to allow the BILL Service to access and use certain information and features on your device, such as mobile app push notifications, your contacts, camera, or photos. You can adjust your device setting if you do not want BILL or the Service to have access to this information or these features. You can also adjust your device or browser settings to block or provide notice of Cookies on your browser or mobile device. Please note, however, that disabling or limiting certain cookie settings on your device or browser may prevent you from interacting with some or all of the features of the Service, or may require you to do additional authentication. Learn more about cookies here.
If you sync or connect your BILL account with third party services. If you choose to sync or connect your BILL account with third-party services, such as accounting software services or social media sites, we will share your information with the third-party service provider. If you do not want us to share your information with these third parties, you can choose not to sync or connect your BILL account with the third party service.
Community forums. BILL may offer blogs and publicly accessible community forums. You should be aware that any information you provide in these forums may be read, collected, and used by others who access them. To request removal of your information from a blog or community forum, contact BILL Customer Support through our customer support portal.
Supplemental privacy notice. Residents of some states and countries have additional privacy rights. Information on these rights are provided in the following supplemental privacy notices:
How we protect the security of your information
BILL is committed to protecting the security and privacy of your information. BILL recognizes the importance and confidentiality of your information. We have implemented technical, administrative, and physical security measures designed to protect your information from unauthorized access, disclosure, use, and modification. BILL maintains industry standard attestations and has formal SSAE18 SOC1, SOC2 and SOC3 attestation reports. Please be aware however that no security measures are perfect or impenetrable.
Your information may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to provide information to us, we may transfer such information to the United States or other jurisdictions for processing. Your submission of such information represents your consent to that transfer.
Notices to consumers
Information for children under the age of 18
Persons under the age of 18 year are not eligible to use, access or otherwise interact with BILL or the Service. If we become aware that a child under the age of 18 has created an account with us or is otherwise using the Service, we will take steps to remove access, disable the account, and delete any information related to the child as soon as reasonably possible.
Updates to this Privacy Notice
This Privacy Notice may be updated periodically and will be posted on the Website, indicating when it was last updated. If there are material changes to our Privacy Notice, we will post a notice on our website and/or provide other notice as required by law. If you object to any changes to this Privacy Notice, you can cancel your account at any time. See the “Canceling or making changes to your account” section above for more information on canceling your account.
How to contact us
If you have any questions or concerns about this Privacy Notice or about how BILL collects, uses, or otherwise processes your information, you can reach BILL Customer Support through our customer support portal or the BILL Privacy Team at email@example.com or contact us at:
Attn: Privacy Officer
6220 America Center Drive, Suite 100
San Jose, CA 95002
US State Supplemental Privacy Notice to Residents of California, Colorado, Connecticut, Virginia, and Utah
Supplemental Privacy Notice for Canadian Users
Supplemental Privacy Notice for European and United Kingdom Residents