On April 19, 2026, Gusto updated their privacy policy by adding two new documents to their terms library — 'EIN Application Service Supplemental Terms' and 'Gusto Powered Practices Contest Official Rules' — and standardizing contact email addresses throughout the document. Emails that previously appeared as obfuscated or formatted links (e.g., for legal opt-outs and support) have been cleaned up to display as plain text addresses: legal-opt-outs@gusto.com and support@gusto.com. These are largely administrative and formatting updates with no substantive change to user rights.
For businesses using Gusto, the addition of EIN Application Service Supplemental Terms may introduce new service-specific conditions worth reviewing. Contact email corrections ensure opt-out and support requests reach the right destination.
Gusto made administrative updates to its privacy policy on April 19, 2026, primarily adding two new service terms (EIN Application Service Supplemental Terms and Gusto Powered Practices Contest Official Rules) and cleaning up contact email addresses displayed throughout the document. No consumer rights, data practices, or financial terms were substantively altered. No immediate action is required from users.
Gusto's April 19, 2026 update to its privacy policy added two new supplemental terms documents (EIN Application Service and Gusto Powered Practices Contest) to its terms library and standardized contact email addresses (legal opt-out and support) across multiple document versions. The change does not alter data processing practices, retention periods, or user rights in a material way. No DPA amendments or regulatory notifications appear to be required. Compliance teams should log the update but no urgent action is needed.
Given the nature of this change — addition of two ancillary service terms and email address formatting corrections — direct regulatory exposure is minimal. However, the addition of EIN Application Service Supplemental Terms could engage IRS and Treasury Department rules around tax identification services, and potentially GLBA (15 U.S.C. §6801 et seq.) if financial data is processed in EIN applications. The email standardization touches on Cal. Civ. Code §1798.130(a)(1) (CCPA requirement for accessible consumer request contact methods) and Art. 13(1)(a) GDPR (controller contact details accuracy). If Gusto serves EU users, ensuring legal-opt-outs@gusto.com is properly staffed and accessible satisfies Art. 21(2) GDPR (right to object). No enforcement actions are directly triggered.
Compliance intelligence locked
Obligation analysis, escalation trigger, board language, and recommended action.
Watcher: regulatory citations + obligations. Professional: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-000557.
ConductAtlas Policy Archive Entity: Gusto | Document: Gusto Privacy Policy | Record: CA-C-000557 Captured: 2026-04-19 06:28:01 UTC URL: https://conductatlas.com/change/2026-04-19-gusto-gusto-privacy-policy-557/ Accessed: April 22, 2026
Gusto updated their Employer Data Processing Addendum from Version 2.0 to Version 3.0, effective April 14, 2026. The new version …
Netflix updated its Privacy Statement on April 18, 2026, disclosing voice recording collection and expanded household ad profiling for the …
TikTok's data collection extends to device sensors, clipboard content, geolocation, and cross-site tracking. Here is what their Privacy Pol…
Google's Privacy Policy covers Search, Gmail, YouTube, Maps, and every site running Google Analytics. Here is what it actually authorizes.
Subscribe to Watcher for $9.99/mo to get email alerts the moment Gusto updates their policies. Or try Professional free for 14 days.