The General Data Protection Regulation (GDPR), agreed upon by the European Parliament and Council in April 2016, will replace the Data Protection Directive 95/46/ec in Spring 2018 as the primary law regulating how companies protect EU citizens' personal data.
Bill.com is not established in the European Union, it does not offer goods and services there, and it does not monitor the behavior of individuals in the EU. Therefore, Bill.com is not subject to the EU General Data Protection Regulation (GDPR).
Nevertheless, Bill.com recognizes that it may have customers that are independently subject to the GDPR as data controllers under the regulation. Bill.com is willing to work with those customers to amend or update existing agreements to address Bill.com’s cooperation with the customers’ obligations as a data controller under the GDPR.
If you believe that you or your firm is a data controller under GDPR, please submit a request to our Legal Team via email at legal@hq.bill.com.