Workday collects personal information from individuals who interact with its website, products, and marketing activities and states it is committed to being transparent about those practices. The full scope of data collected is described in the complete statement.
This analysis describes what Workday's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Understanding what categories of personal information Workday collects directly from website visitors and prospective customers is important for individuals who have provided contact details, attended webinars, or downloaded Workday content.
Interpretive note: The document was truncated before the operative data collection clauses were visible; this provision is characterized based on the statement's introduction and metadata description rather than from the full policy text.
Personal information such as contact details, behavioral data from website visits, and event registration information may be collected and used for marketing and product purposes. The full categories and retention periods are detailed in the complete statement, which was not fully visible in the provided document.
Cross-platform context
See how other platforms handle Personal Information Collection and Use and similar clauses.
Compare across platforms →Monitoring
Workday has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"That is why we are committed to transparency about how we collect, use, and share that information.— Excerpt from Workday's Workday Privacy Statement
(1) REGULATORY LANDSCAPE: Data collection practices must comply with GDPR Articles 5, 6, and 13 for EU/UK individuals, requiring lawful basis disclosure, purpose limitation, and data minimization. CCPA and CPRA require disclosure of specific categories of personal information collected and the purposes for which it is used, with the right to opt out of sale or sharing for targeted advertising. (2) GOVERNANCE EXPOSURE: Medium. Enterprise marketing databases frequently contain personal information of procurement and IT contacts at target organizations. The lawful basis for processing this data, particularly for profiling and targeted outreach, requires evaluation under GDPR's legitimate interests or consent frameworks. (3) JURISDICTION FLAGS: EU and UK contacts require specific notice and, where applicable, consent for marketing communications under ePrivacy Directive and UK PECR requirements. California residents have opt-out rights regarding sharing of personal information for cross-context behavioral advertising under CPRA. (4) CONTRACT AND VENDOR IMPLICATIONS: Organizations that purchase Workday services should assess whether employee or contact data provided during the procurement process is subject to Workday's marketing data practices or is treated as confidential under the service agreement. (5) COMPLIANCE CONSIDERATIONS: The full data inventory, retention schedules, and sub-processor disclosures in the complete statement should be reviewed to ensure consistency with enterprise customer data governance requirements and applicable law.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Understanding what categories of personal information Workday collects directly from website visitors and prospective customers is important for individuals who have provided contact details, attended webinars, or downloaded Workday content.
Personal information such as contact details, behavioral data from website visits, and event registration information may be collected and used for marketing and product purposes. The full categories and retention periods are detailed in the complete statement, which was not fully visible in the provided document.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Workday.