Track 1 platform and get the weekly governance digest. No credit card required.
This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology
Gusto's Privacy Notice establishes how the company collects, processes, and shares personal information including Social Security numbers, bank account details, salary information, and health benefits data on behalf of employers that use Gusto's payroll and HR platform. The document authorizes disclosure of this information to third-party service providers, financial institutions, and government agencies as part of standard service operations. The document establishes that California residents and other qualifying users may submit requests to access, correct, or delete their personal data through privacy.gusto.com.
This document is Gusto's Privacy Notice governing the collection, use, and disclosure of personal information for individuals who interact with Gusto's HR, payroll, and benefits platform, operating under applicable U.S. federal and state privacy laws. The notice states that Gusto collects a broad range of personal data including Social Security numbers, bank account details, payroll and compensation information, health and benefits enrollment data, and government-issued identification, and the terms authorize sharing this data with third-party service providers, financial institutions, government agencies, and business partners for purposes including payroll processing, benefits administration, and product improvement. Notably, the policy covers both employer-customers ('Employers') and their employees ('Team Members'), creating a layered data relationship in which employees may have limited direct control over how their employer-submitted data is handled, and the document asserts broad use of de-identified and aggregated data for product and business analytics with no opt-out described for that use. The notice engages CCPA/CPRA for California residents (providing explicit rights to know, delete, correct, and opt out of sale or sharing), and the sensitive nature of payroll, financial, and health data implicates GLBA, HIPAA where applicable to benefits data, and FTC Act jurisdiction over data security and unfair practices; compliance obligations will vary materially by jurisdiction and the specific Gusto products a customer deploys. Employers using Gusto as a data processor for employee data should evaluate whether Gusto's data practices align with their own privacy program obligations, particularly regarding employee notice requirements and data retention.
Institutional analysis available with Compliance
Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Compliance.
Start Compliance free trial17 important changes detected
20 versions captured · Last updated: June 2026
Gusto updated its Privacy Policy on May 21, 2026 to change the email address listed for privacy inquiries and data requests from privacy@gusto.com to a masked email format displayed as …
View change record →The diff provided shows Gusto's Privacy Notice with minimal substantive changes. One sentence was modified, though the visible change in the diff context appears to be a character encoding issue …
View change record →Gusto's Privacy Notice was updated on May 19, 2026, with one sentence modified in the table of contents or related reference materials. The change appears to be a minor addition …
View change record →Gusto's privacy policy was updated on May 14, 2026 to correct a grammatical error in the list of purposes for which personal information is used. The text 'our partners��� programs' …
View change record →Gusto's privacy policy was updated on May 9, 2026 to add two new document references in its table of contents: 'Gusto Handbook & Policy Compliance Scanner Beta Terms' and 'Handbook …
View change record →Gusto updated contact email addresses in its privacy policy and related terms. The company replaced several branded email addresses (legal-opt-outs@gusto.com and support@gusto.com) with a generic inbox address ([email protected]). This …
View change record →Gusto updated its Background Checks Terms of Service on May 1, 2026, elevating it from Version 6.0 to Version 7.0 and changing the effective date to April 29, 2026. The …
View change record →Gusto added a new promotion offering 40 free licenses to Gumloop's AI-powered Firm Growth Agents tools to eligible Accountant Partners. The promotion runs from April 29, 2026 through June 29, …
View change record →Gusto updated its Developer Terms of Service on April 29, 2026, introducing a new version (2.0) with substantially expanded terms governing access to its API and developer tools. The document …
View change record →Gusto added a new service called Gusto Business Compliance (GBC) to its platform on April 26, 2026. The GBC Service helps employers with state and local tax registrations, filings, and …
View change record →Gusto added 408 sentences of new language to its Employer Terms of Service on April 25, 2026, including expanded definitions of key terms like 'Employer' and 'Member', clarification of who …
View change record →Gusto updated contact email addresses in its Privacy Policy on April 23, 2026. The policy now directs users to email legal-opt-outs@gusto.com for arbitration opt-outs and legal notices, and support@gusto.com for …
View change record →Gusto updated contact email addresses throughout its Privacy Policy on April 22, 2026. The document replaced multiple instances of 'legal-opt-outs@gusto.com' and 'support@gusto.com' with a generic masked email address '[email protected]'. …
View change record →Gusto updated contact email addresses in its privacy policy on April 19, 2026. Arbitration opt-out requests now go to legal-opt-outs@gusto.com instead of a previous address, and general inquiries now route …
View change record →Gusto updated its Data Processing Addendum on April 16, 2026, adding 60 sentences that clarify how the company handles employer data under data protection laws. The new language specifies the …
View change record →Monitoring
Gusto has updated this document before.
Monitor includes same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
Compliance Governance Intelligence
Need provision-level monitoring and regulatory mapping?
Compliance includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.
Start Compliance free trialCross-platform context
See how other platforms handle Behavioral Advertising and Third-Party Tracking Technologies and similar clauses.
Compare across platforms →Governance Monitoring
Structured alerts for policy changes, governance events, and provision updates across 318+ platforms.