Global Privacy Statement

Dayforce’s Global and Service Provider Privacy Statements are now combined into a single Dayforce Privacy Statement. This new combined statement was last updated on September 8, 2025, and replaces both the Global Privacy Statement and Service Provider Statement.

At Dayforce, we believe that making work life better starts with trust. As a global people platform, Dayforce helps organizations manage their workforce through innovative solutions that bring together HR, payroll, benefits, and talent management in one seamless experience. We recognize that you expect Dayforce to protect the personal information of everyone we engage with. Whether you're visiting our website, using our mobile app, or partnering with us as a client or supplier, we’re committed to handling your personal information with care, transparency, and respect.

Some quick details:

• “Dayforce” includes Dayforce, Inc., and its affiliates and Subsidiaries.
• “Personal Information” as used in this Privacy Statement has the same meaning as “personal data” or similar terms under applicable laws.
• Many data protection laws distinguish between “Controllers” – those who decide why and how to process (collect, use, transfer and disclose) Personal Information - and “Processors” or “Service Providers” – who only process information on behalf of a Controller and at their instruction. Dayforce has adopted these terms for the purpose of this Privacy Statement.

Scope

Dayforce operates as a software provider for employers. In most cases, Dayforce only collects, uses and discloses Personal Information on behalf of its employer customers. In those cases, Dayforce is considered a “Service Provider”.  If you are an Individual whose potential, current or past employer uses Dayforce products and services, such as the Dayforce HCM or Powerpay software applications, to help manage their workforce, you should review that employer’s own privacy statement to understand that employer’s privacy practices.

For information on how we process Personal Information when we’re considered a Service Provider, please scroll down or jump to the “Dayforce as a Service Provider” Section of this Privacy Statement.

In other situations, Dayforce decides how certain Personal Information is collected, used and disclosed, and so Dayforce is considered a “Controller,” for example   – when you:
 

• visit our websites and physical sites,
• use our Dayforce HCM web or mobile application (e.g., you log in to your employer-provided Dayforce application),
• interact with Dayforce as a client, supplier and/or business partner with whom we have or contemplate a business relationship).

This Statement does not apply to:

• prospective employees of Dayforce (please see Dayforce’s Job Applicant Privacy Statement for related details).
• Personal Information collected or used by us as part of Dayforce Wallet (please see the Dayforce Wallet Privacy Statement) for more details.
• Personal Information collected or used in connection with Dayforce Flex Work, Ideal or Jitjatjo.
• Websites that link to their own unique privacy statement.

Changes to This Privacy Statement

Dayforce may update this Statement periodically to reflect changes to our privacy practices.  We will provide notice online when we make any material changes to this Statement.

The Personal Information Dayforce Collects

Directly from You

Dayforce collects Personal Information directly from you when you interact with us online, in person or through other communication channels. For example:

• When you request information about our services, chat with Dayforce online, register for a webinar or download content from our website or mobile app, we collect your contact information such as name, telephone number, mailing address and email address;
• When you register for and/or engage with us at a trade show or other event, we collect your contact information and employment-related information such as the name of your employer and job title;
  • If the event is managed by Dayforce, we may also collect payment information (such as credit card number), emergency contact information and dietary requirements for meals at the event;
• When you create an account on a Dayforce platform, we collect authentication credentials such as username and password;
• When you enter a contest or a sweepstakes, we collect your contact information and employment-related information;
• When you interact with the emails that we send to you, we automatically collect information about your activity, such as whether you opened the email;
• When you give us permission to post a customer testimonial, we collect photos or videos as well as your opinions;
• When you respond to a survey, we collect your contact information and your opinions on our products and services;
• When you engage with us via a social media platform, we collect contact information that includes social media handles;
• When you contact our customer support center, or speak to our sales team, we collect personal information in order to authenticate you or understand more about who you are, voice recordings and chat transcripts;
• When you visit our offices, we collect your contact information and details about your visit such as the time and date of your arrival and departure; we may also capture your image through security cameras;
• We may also collect other information you may choose to provide through our interactions.

Automatically when you use our Products and Services
 

• When you access our website or use our products and services, including our Dayforce Mobile application, we automatically collect Personal Information about your device such as IP Address and information pertaining to your usage. We do this by using technologies such as web beacons, pixels, and cookies—See Dayforce’s Cookie Statement for further details.
• We also collect Personal Information like credentials when you create an account on a Dayforce platform.

From Other Sources

Dayforce also obtains Personal Information from third parties. For example:
 

• Other companies provide us with the contact information and employment-related information of businesses or individuals that they think may be interested in our products or services;
• Dayforce purchases contact information and other information from third parties and combines it with information we already must develop marketing leads and tailor advertising to customers and prospects;
• A colleague at your organization may share your contact information with us because they think you will be interested in our products or services;
• Dayforce collects contact information from publicly available sources as permitted by applicable law.

From or On Behalf Our Employer Customers

If your employer uses Dayforce to manage their workforce, they may submit your Personal Information into Dayforce products and services, share your Personal Information with Dayforce, or otherwise use the Dayforce products and services to collect data about you.  This Personal Information is only processed by Dayforce provide the services the employer requests. For more information about Dayforce’s processing of this information scroll or jump to the “Dayforce as a Service Provider” section of this Statement.

Anonymized Data

Dayforce also collects, uses and shares anonymized and/or de-identified data that does not identify you personally for any purpose permitted under applicable law. This includes creating or anonymized data and/or deidentified data to develop new products or services, to facilitate research, and for analytics purposes to help assess the speed, accuracy, and/or security of our services. In the event that Dayforce de-identifies Personal Information in support of legitimate business purposes, we will not attempt to re-identify the data.

How Dayforce Uses the Personal Information it Controls

Dayforce uses the Personal Information it controls (that is, when we are acting as a Controller) for Dayforce’s legitimate business purposes which include, among others, to:
 

• Develop and maintain business relationships;
• Personalize your experience on our websites and while using our applications;
• Plan and manage Dayforce-sponsored events;
• Send marketing communications
  • If you decide you do not want to receive marketing communications from Dayforce, you can opt-out by clicking on the “unsubscribe” link provided at the bottom of every marketing email or by visiting our Preference Center;
• Understand how you interact with our marketing communications in order to provide tailored communications;
• Send informational communications such as invitations to events, satisfaction surveys, training and product alerts;
• Conduct sweepstakes and contests;
• Communicate with you concerning normal business administration such as projects, services and billing;
• Provide access to information systems and premises;
• Develop, improve and maintain our products, services, mobile applications (apps), software and website through research, development, analytics and business intelligence;
• Comply with data protection legislation, information security requirements and other legal requirements;
• Manage claims with and between customers, Dayforce, individuals and/or third parties, including beyond termination of the Agreement;
• Manage Dayforce’s internal operations;
• Respond to inquiries and feedback from business contacts;
• Prevent fraud;
• Conduct internal audits or investigations;
• Manage network security, which includes disaster recovery and business continuity;
• Publish customer testimonials;
• Display targeted ads to groups of people who may be interested in our products and services.

For information on how we process Personal Information when we’re considered a Service Provider, please scroll down or jump to the “Dayforce as a’ Service Provider” Section of this Privacy Statement.

Legal Basis

Depending on the circumstances and applicable law, Dayforce processes Personal Information on a number of lawful bases, including obtaining your consent, performance of a contract, compliance with a legal obligation, to protect yours or someone else’s vital interests, to perform a task in the public interest or for other legitimate interest. In Europe and other jurisdictions where this is permitted, we rely on “legitimate interest” for example, for fraud prevention, network security, resolving product issues, planning and managing Dayforce events, developing and improving our services, sending informational communications and some direct marketing.

How Dayforce Discloses the Personal Information it Controls

Here’s how Dayforce discloses Personal Information when it is acting as a Controller:

Category of Personal Information	Source of Information	Purpose of Collection & Use	Disclosed to Third Parties
Identifiers & Contact Information Examples: Name, email address, telephone number, mailing address, online identifiers (IP address, device or cookie IDs).	Directly from you: Provided when you interact with Dayforce online or in person (e.g. filling out a form on our website, registering for a webinar or event, contacting us).  From your organization: If you are a representative of a Dayforce client/partner, your employer may give us your contact details.  Third parties & public sources: We obtain business contact lists from data providers or public websites and combine them with our existing info (e.g. LinkedIn profiles, marketing lead lists).	Respond to inquiries and provide requested information (e.g. contacting you about a demo or info request).  Maintain business relationships: Communicate with clients, partners, and prospects to manage accounts and projects.  Marketing and events: Send newsletters, product updates, event invitations, and other marketing communications (with opt-out options).  Personalize user experience: Remember preferences and tailor content or offers to your interests.	Service Providers: Your contact info is shared with service providers that help us send communications, manage customer relationships (CRM), host webinars, or organize mailings. They process data only on our instructions (e.g. our email platform uses your email to send newsletters).  Affiliates: Shared with Dayforce subsidiaries/affiliates involved in serving your account (for example, a regional sales or support team).  Partners (at your direction or interest): If you request, or if appropriate for your needs, we may forward your info to a trusted business partner (for instance, a reseller or implementation partner) that offers complementary services.  Legal/Compliance: We do not disclose your contact data to third parties other than as needed for service delivery, except if required by law (e.g. in response to a subpoena) or in a business transaction (see below).

Category of Personal Information	Source of Information	Purpose of Collection & Use	Disclosed to Third Parties
Customer Records & Transaction Details  Examples: Payment information (credit card number) for event registration, emergency contact information and dietary requirements you provide for event participation; records of products or services you’ve obtained (e.g. event attendance, newsletter sign-ups).	Directly from you: Collected when you register for Dayforce events or programs (for example, when signing up for a Dayforce-sponsored conference, you might provide a credit card and dietary needs).  From your organization: If your employer coordinates training or events with Dayforce, they might share registration details for you (e.g. confirming you as an attendee).	Complete transactions and deliver services: Use payment details to process event fees or service charges, and record your enrolment in events or programs  Event planning and personalization: Use provided emergency contact and dietary info to ensure your safety and comfort at Dayforce events (e.g. meal planning, accommodations). Maintain business records: Keep track of event attendance or service usage for account management, billing, or auditing purposes. Compliance: Use transaction records for financial reporting and to comply with legal requirements (e.g. tax or receipt requirements).	Service Providers: Shared with payment processors and event management vendors to execute transactions (for instance, credit card processing companies) – these providers are contractually bound to use info only for Dayforce’s payment processing. Event partners: If an event is co-hosted by Dayforce with a partner, your necessary info (registration details, meal preferences) may be provided to that partner for event logistics only, with privacy protections in place. Internal departments: Relevant Dayforce teams (e.g. finance for billing, or facilities/catering for event planning) receive this information to carry out their functions, but it is not shared externally except as needed to service providers.

Category of Personal Information	Source of Information	Purpose of Collection & Use	Disclosed to Third Parties
Internet or Network Activity Examples: Browsing history on Dayforce websites, log data (IP address, device type, system settings), cookie and pixel data (unique IDs, advertising cookies), usage analytics for Dayforce mobile apps and platforms (features used, session duration, error logs), and email interaction data (e.g. whether you opened or clicked a marketing email).	Automatically from your device: Collected via cookies, web beacons, and similar tracking technologies when you visit our sites or use our apps – including your IP address, device identifiers, browser type, pages visited, and usage patterns (See Dayforce’s Cookie Statement for details on these technologies.) From analytics tools: We use third-party analytics services (e.g. Google Analytics) that gather information on our behalf about how users interact with our website and app. From marketing tools: Our email system logs if you open our emails or click links, and advertising platforms may provide us aggregated data on ad impressions or clicks related to your browser.	Operate and improve our websites and apps: Ensure content loads correctly, track uptime and performance, and fix technical issues (e.g. using crash logs to debug). Analytics and product development: Understand user behavior (what features or pages are most used) to improve our services and user experience. This data helps us make informed decisions on new features and enhancements Personalization: Remember returning visitors and preferences (e.g. staying logged in, language settings) and provide content relevant to your region or past activity. Marketing effectiveness: Measure engagement with our communications and ads – for example, see if you opened an email or interacted with an ad – to tailor future outreach and marketing campaigns to be more relevant Security and fraud prevention: Use IP and log data to protect against fraudulent or malicious activity (for instance, detecting multiple failed login attempts or unusual browsing patterns that may indicate bots) and to maintain the integrity of our systems.	Service Providers (Analytics & Hosting): Data is shared with analytics providers and IT service firms that operate our website and analytics tools. For example, Google Analytics receives site usage data, and cloud hosting providers log IP addresses in server records. These providers act on Dayforce’s instructions and cannot use the data for their own purposes Advertising Partners: If we run digital advertising, we may share certain online identifiers (like cookie IDs or hashed email) with advertising networks or “media agencies” to facilitate Dayforce ads on other platforms. For instance, we might disclose that a browser with a certain cookie visited our site, so that our partner can show a Dayforce ad to that browser on a different website. However, we do not allow these partners to use our data for their independent advertising purposes (per our no “share” policy). Legal/Law Enforcement: If required (for instance, a law enforcement request for server logs in an investigation), we may disclose relevant log or network information as mandated by law. Otherwise, raw web/app usage data is not shared externally except in aggregated, non-identifiable form.

Category of Personal Information	Source of Information	Purpose of Collection & Use	Disclosed to Third Parties
Audio, Electronic & Visual Information  Examples: Call recordings and chat transcripts from calls/chats with Dayforce support or sales teams; Photographs or videos you volunteer (e.g. if you provide a testimonial or are filmed at a Dayforce event); Security camera footage capturing your image when visiting a Dayforce office (CCTV at entrances).	Directly from you: Collected when you engage with Dayforce via phone or web chat (calls may be recorded, chats archived) and when you voluntarily send or allow use of your photo/video (such as providing a testimonial or participating in a recorded event) Automatically at Dayforce premises: If you visit our offices, CCTV security systems may record video of public areas; your entry/exit times are logged and badge systems might record your movement within secured areas.	Customer service and training: Call recordings and chat logs are used to review communications with you, enabling us to verify information, resolve issues, and improve our support quality (e.g. training support staff using real scenarios). We also use this data to authenticate and address your concerns effectively during support interactions. Testimonials and marketing: With your consent, photos or videos featuring you (e.g. a testimonial quote, webinar appearance) are used in Dayforce marketing materials or on our website to highlight client experiences. Security and safety: Surveillance footage and visitor logs are used to protect Dayforce facilities, personnel, and visitors – for example, to investigate an incident or control access to secure locations. This information helps us ensure physical security and emergency preparedness.	Service Providers: We use third-party platforms for telephony and chat support, so call and chat data may be stored with those providers (e.g. a cloud call center system) under strict use limitations. Similarly, security companies may monitor our CCTV or manage building entry systems, accessing visitor data and footage strictly for security services. Public (for testimonials): If you agree to let us share a testimonial or image, that content (and your name/title as applicable) may be posted on our website or social media, making it publicly viewable. We will only do this with your permission. Law Enforcement/Compliance: Security camera footage or call recordings could be disclosed to authorities if required by law or if needed to protect rights and safety (for instance, providing footage to police investigating a security incident). Aside from such cases, this category of data is not shared outside Dayforce and its support/security service providers.

Category of Personal Information	Source of Information	Purpose of Collection & Use	Disclosed to Third Parties
Professional or Employment-Related Information Examples: Your job title, employer’s name, business contact details, and industry or department (typically collected from business customers, partners, or prospects). Note: This refers to information about you in your professional capacity, not Dayforce’s internal HR data or data provided to us as a service provider.	Directly from you: Collected when you provide it in a business context – e.g. exchanging business cards, filling a web form with your company and title, registering for a webinar or event and indicating your employer and role. From colleagues or referrals: A colleague might give us your contact and role info (e.g. “Talk to Alex Lee, the CTO at my company”) because they think you could benefit from Dayforce. Third-party sources: We may obtain company and role information from data vendors or public professional profiles to identify potential clients who might be interested in Dayforce services.	B2B Relationship management: Use this information to understand your role and needs in your organization, so we can tailor our communication and services. For example, knowing you are an HR manager helps us provide relevant information about our HR solutions. Sales and account management: Engage with you (as a representative of your company) about product demos, proposals, or account status updates. Your professional info helps Dayforce’s sales/account teams personalize their approach and maintain the business relationship. Events and marketing: Ensure invitations and content are appropriate for your position/industry (e.g. sending technical webinar invites to IT directors vs. payroll webinars to HR personnel). Also, when we send out case studies or newsletters, we might segment recipients by industry or job function for relevance. Product feedback and development: In some cases, we might reach out to individuals in certain roles for surveys or beta programs (e.g. asking a payroll manager for feedback on a new payroll feature), using your professional info to select suitable participants.	Service Providers: As with contact info, we may store your professional details in our CRM and marketing systems operated by third-party providers (they use it only to help Dayforce manage our relationships). For instance, our CRM software will have your name, business email, company, and title for tracking our interactions. Affiliates: Shared within Dayforce group as needed – e.g. if your company is global and a Dayforce affiliate in another region will service your account, we share your business contact and profile with that affiliate. Business Partners: If collaborating with a reseller or technology partner to serve your company, Dayforce might share your professional contact info with that partner to coordinate service (for example, a local implementation partner working with us on your project). Such partners are contractually required to protect your info and use it only for the intended partnership purpose. No Unauthorized Third-Party Sharing: We do not expose your employment details to unrelated third parties. They are used within our business ecosystem to serve and inform you/your company, not for general public disclosure or sale.

Category of Personal Information	Source of Information	Purpose of Collection & Use	Disclosed to Third Parties
Inferences Drawn from Personal Information Examples: Profiles or preferences we infer about you – e.g. estimating your product interests or needs based on your browsing and response to emails, or an internal “lead score” indicating how likely you are to be interested in our services. (Dayforce does not use automated decision-making that produces legal effects on individuals, but we do analyse data to better understand our clientele.)	Derived from your interactions: We analyse your engagement with Dayforce (website visits, webinar attendance, email clicks, etc.) to infer what topics or solutions you care about. For instance, if you frequently read content about payroll, we might tag you as interested in payroll solutions. These inferences come from internal analysis of the data collected above, sometimes with the help of analytics tools. From combination of sources: We may combine information from third parties with our direct interactions to build a fuller picture. Example: if a data provider tells us your company is rapidly growing, and we know you clicked an article about compliance, we might infer you’re looking for scalable compliance tools.	Personalized marketing and communications: Use inferred interests to send you more relevant information. For example, if we infer you’re interested in recruiting software, we may invite you to a recruiting-tech webinar or send you content about that topic, rather than unrelated content. Sales prioritization: Our sales team might use lead scores or profiles to prioritize outreach (e.g. identifying that you have shown high interest through multiple site visits, so they follow up with you). This helps ensure we connect you with resources when you’re most interested. Product recommendations: Should you become a customer, these inferences can help your account rep suggest relevant add-on modules or services based on your indicated interests and industry trends (for instance, recommending a new analytics module if we’ve inferred a need for advanced reporting). Internal strategy and research: In aggregate, inferred data about what customers/prospects want helps Dayforce guide product development and marketing strategy to meet user needs (without identifying individuals in those strategic decisions).	Internal use primarily: Inferences and profiles are used within Dayforce; we do not sell or transfer your individual profile to third parties. They remain part of our internal CRM and analytics systems. Service Providers (analytics/marketing): Companies assisting us in analytics or campaign management might process segments or scores on our behalf. For example, our marketing platform may have an audience labelled “Interested in Workforce Management” (based on Dayforce’s analysis) to send targeted emails. These providers don’t get the reasoning or full profile – just instructions on who should receive what content. Advertising use: If we create an audience for digital advertising (e.g. a list of business emails for a LinkedIn campaign targeting “HR Managers interested in Compliance”), that is an application of inferences. We share only the necessary identifiers with the ad platform (like hashed emails or cookie IDs, as noted above). The platform shows ads to that audience, but doesn’t learn the underlying preference – and we don’t hand over our logic or profiles externally.  No independent third-party access: We do not provide your inferred preferences or any profile we derive about you to outside companies for their own use. Any sharing is under our direction and solely to serve you with Dayforce’s communications or offerings

For information on how we process Personal Information when we’re considered a Service Provider, please scroll down or jump to the “Dayforce as a Service Provider” Section of this Privacy Statement.

To Protect Rights, Property, or Safety

We may report to law enforcement or appropriate government agencies any activities that we reasonably believe to be unlawful, or that we reasonably believe will aid an investigation into unlawful activity. In addition, we reserve the right to release your Personal Information to law enforcement agencies if we determine, in our sole judgment, that either you have violated our policies, or if we determine, in our sole judgment, the release of your Personal Information will aid in the protection the rights, property, or safety of Dayforce, or another person.

Legal Process

We may disclose any Personal Information that we reasonably believe to be unlawful or will aid a law enforcement investigation into unlawful activity. This includes disclosing your Personal Information to law enforcement, governmental entities, or third parties in response to subpoenas, court orders, other legal process, or as we believe is necessary to defend against legal claims that have or believe may be brought against us or otherwise protect the rights, property or safety of you, Dayforce, our customers or others.

Third Party Sharing for Analytics and Marketing Purposes

We use third-party services, like Google Analytics and other similar services, to understand end-user usage and interactions with our websites and our web and mobile applications.

We disclose information collected on our websites via cookies and similar technologies to media agencies to show you ads for our products and services on third party platforms. Disclosure of device information and internet activity to third parties through cookies and other trackers may be considered “sharing” under some US state laws.  You may opt-out of this sharing by visiting our Cookie Preference Center.

We do not disclose information collected in our web and mobile applications to such media agencies or otherwise use such data for marketing purposes unless the Employer Customer instructs that we may do so.

Do Not Track Disclosure

Do Not Track (DNT) is a preference that you can set on your browser to opt out of the online tracking activities by some websites. Dayforce responds to DNT and GPC signals where required to do so by applicable law.

Third Party Websites

Our website, emails, or our application may link to third parties’ websites. It is also possible that third parties’ websites or emails may link to our website. We are not responsible for the content, or the privacy practices employed by third parties and Personal Information collected by third parties is not governed by Dayforce’s Privacy Statement. We encourage you to read the Privacy Statements of these websites before transmitting any Personal Information to third parties

We may also share any information you direct or authorize us to share.

Dayforce as a Service Provider

As stated above, Dayforce provides products and related services to organizations to help them manage their workforce.  Before describing how we process data on behalf of employers, here is some important information to make note of:

• As a Service Provider for employers, Dayforce regularly processes data about their employees – past, current and potential (we will call them “Employees” or “Individuals”) - on their behalf.  Dayforce’s employer customers are responsible for obtaining appropriate consent or identifying other legal basis upon which they may rely to process your Personal Information, including when they use Dayforce to process that Personal Information on their behalf.
• Dayforce may process time and attendance-related information on behalf of your Employer collected by timekeeping devices that leverage biometrics such as your fingerprint. Refer to Dayforce’s Biometric Statement to learn more about our related privacy practices.
• When you use our products, services and mobile applications, Dayforce may collect Personal Information in its capacity as a Controller to understand how that personal information is used and disclosed, please How Dayforce Uses the Personal Information it Controls and How Dayforce Discloses the Personal Information it Controls.

How we Process Data on Behalf of Employers

Dayforce relies on its employer customers and their Employees to supply Dayforce with accurate, complete and up-to-date Personal Information where relevant to Dayforce’s delivery of the services.   are asked to review their records on a regular basis and make the appropriate updates or notify their Employer of errors promptly. An Employee that contacts Dayforce and wants to make updates or changes to its records is directed by Dayforce to its Employer who is responsible for giving effect to such requests.

Dayforce may share Personal Information with its service providers to help it provide your Employer with a product or a service. When we make such transfers, we ensure that adequate contractual protections are put in place with these service providers. Dayforce’s responsibility for a service provider’s performance of its obligations is set forth in the contract between Dayforce and your Employer.

Dayforce may also share Personal Information with other third parties (e.g. banks, government tax agencies, benefit providers) at the instructions of its employer customer. Where your employer enables features that allow you to access and share your Personal Information, we may share that information on your behalf and at your direction.

In addition, Dayforce may disclose Personal Information to law enforcement or other government authorities, if required by law.  If Dayforce sells or divests assets or any portion of its assets, Dayforce may disclose Personal Information to the company involved in the business transaction in support of the sale, or divestiture, and where applicable, in support of integration activities.  It is Dayforce’s practice to require appropriate protection for Personal Information in these types of transactions.

Dayforce processes Personal Information that your Employer may collect through the service from or about you, or that your Employer may provide through the service. For example:

• Personal details such as name, birth date, national ID number, driver’s license number/state ID, passport number, marital status, signature, and image;
• Characteristics of protected classifications such as age, sex, race, ethnicity, physical or mental handicap;
• Contact details such as mailing address, telephone number, and email address;
• Financial information such as salary, bank account details, corporate card usage, and employment benefits;
• Performance information such as appraisals, performance reviews, disciplinary records, training records, details of skills and experience, and absence records;
• Information regarding your next of kin and other individuals such as emergency contacts, dependent information, and life insurance beneficiaries;
• Health-related information such as information regarding benefits programs, insurance, and sick leave;
• Voice commands and photos if you use the Dayforce mobile app;

Cross Border Transfers

Dayforce utilizes the adequacy determinations made by the European Commission to transfer Personal Information to countries with data protection that is adequate to the EU. Dayforce also utilizes Standard Contractual Clauses (SCCs) for the transfer of Personal Information from the EU, UK and Switzerland to other countries.

EU-US and Swiss- US Data Privacy Framework

Dayforce US, Inc. complies with EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Dayforce has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing Personal Information received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Dayforce also utilizes SCCs and the UK Addendum to the SCCs for the transfer of Personal Information from the EU, Switzerland and UK to other countries.

To learn more about the Data Privacy Framework (DPF) Program, and to view Dayforce’s certification, please visit https://www.dataprivacyframework.gov/.

How Personal Information is Protected

Dayforce has implemented policies and procedures to protect Personal Information. Dayforce uses recognized industry standard security safeguards appropriate to the sensitivity of the Personal Information it processes. Dayforce reviews its security policies and procedures on a regular basis and updates them as needed to maintain their relevance. Dayforce makes reasonable security arrangements to protect Personal Information from and against risks, such as loss or theft, as well as unauthorized access, collection, use, disclosure, copying, modification, disposal and destruction. The methods of protection include physical measures, organizational measures and technological measures. Dayforce requires all third parties to whom it transfers Personal Information to maintain adequate safeguards in compliance with applicable laws and standards to protect Personal Information. In the event that Dayforce is required by law to inform you of a breach of your Personal Information, we will notify you electronically, in writing or by telephone, if permitted by law.

Retention of Personal Information

Dayforce will retain your Personal Information only for as long as necessary to fulfill the purpose for which it was collected or as needed to comply with legal, fraud and security obligations.  After that, Dayforce will securely delete the Personal Information.  If there is any Personal Information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further use of such data.

How to Exercise Your Rights

For your Personal Information for which Dayforce acts as a Controller (i.e. Personal Information it processes for its own purposes – not on behalf of its employer customers), Dayforce makes reasonable efforts to keep it as accurate, complete and up to date as is necessary to fulfill the purposes for which the information is to be used. Unless Dayforce is permitted or required by law to prohibit access, you can view and if necessary, update and correct this Personal Information. Depending on the jurisdiction in which you are, you may have additional rights such as the right to request deletion of this Personal Information, the right to restrict or object to processing this Personal Information by Dayforce or the right to transfer this Personal Information to another organization.

You can submit requests for any of these rights by using this form.

Note that, as required by law, we will require you to prove your identity. We may verify your identity by phone call or email. Depending on your request, we will ask for information such as your name and contact information. We may also ask you to provide a signed declaration confirming your identity. In some circumstances, you may designate an authorized agent to submit requests on your behalf . We will require verification that you provided the authorized agent permission to make a request on your behalf.

If you choose to exercise any of these rights, we will not discriminate against you or deny services to you or provide different quality of services. Individuals can raise concerns or file complaints.  Dayforce will investigate all complaints and take appropriate action to remedy any issues.

To exercise your data rights with respect to Personal Information Dayforce processes on behalf your employer or prospective employer, contact your employer or prospective employer directly.

How to Contact Dayforce and Dispute Resolution Mechanism

If you have any inquiries or complaints about our handling of your Personal Information please contact Dayforce at:

Chief Privacy Officer
Dayforce US, Inc. 
3311 E. Old Shakopee Road
Bloomington, MN 55425

Email: privacy@dayforce.com

If you have unresolved issues, you may contact your local privacy regulator. 

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Dayforce commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA), and the Swiss Federal Data Protection and Information Commissioner (FDPIC), regarding unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. In certain circumstances, you may invoke binding arbitration. To learn more visit https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2. The Federal Trade Commission has jurisdiction over Dayforce’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

 

Additional Information

• Dayforce’s Biometric Statement
• Dayforce's Japan Privacy Mark