Ceridian's Service Provider Privacy Statement

This Privacy Statement was updated on June 10, 2021.


Ceridian HCM Holding, Inc., and all of its affiliates and subsidiaries (herein “Ceridian”) provide human capital management products and related services to organizations to help them manage their workforce. As such, Ceridian processes data about those organizations’ prospective, current and past employees (herein “Employees” or “Individuals”) on behalf of those organizations and as per their instructions. This Privacy Statement (“Statement”) describes our general practices relating to the processing of data about these organizations’ Employees (“Personal Information”). If you are an Individual whose prospective, current or past employer (herein “Employer”) uses a Ceridian application such as Dayforce or Powerpay, and your Employer has asked you to submit Personal Information as part of that service, you should review your Employer’s own privacy statement to understand that Employer’s privacy practices.

Personal Information Processing

In connection with products such as Dayforce and Powerpay, Ceridian will provide your Employer the ability to collect, store, use, transfer, share and disclose your Personal Information in support of a prospective, current or past employment relationship between you and your Employer. When Ceridian processes your data in this manner, it acts as a processor for your Employer, who is the controller. In its capacity as a processor, Ceridian only processes your Personal Information as per the instructions of the controller, for their benefit, and on their behalf. Therefore, Ceridian’s customers- your Employer(s)- are responsible for providing you with a notice of what Personal Information they collect, use and disclose, for what purposes they do so, and with whom it is shared. They are also responsible for obtaining appropriate consent where required or identifying other legal basis upon which they may rely to process your Personal Information.

Ceridian relies on its customers and its customers’ Employees to supply Ceridian with accurate, complete and up-to-date Personal Information where relevant to Ceridian’s delivery of the services. Individuals are asked to review their records on a regular basis and make the appropriate updates or notify their Employer of errors promptly. Ceridian may share Personal Information with service providers to help us provide your Employer with a product or a service, and to other third parties (e.g. banks, government tax agencies, benefit providers) at the instructions of your Employer. In addition, Ceridian may disclose Personal Information to law enforcement or other government authorities if required by law. In the event that Ceridian sells or divests assets or any portion thereof, Ceridian may disclose Personal Information to the company involved in the business transaction in support of the sale, or divestiture, and where applicable, in support of integration activities. It is Ceridian’s practice to require appropriate protection for Personal Information in these types of transactions.

Ceridian processes Personal Information that your Employer may collect through the service from or about you, or that your Employer may provide through the service. For example:

Ceridian may process time and attendance-related information on behalf of your Employer collected by timekeeping devices that leverage biometrics such as your fingerprint. Refer to Ceridian’s Biometric Statement to learn more about our related privacy practices.

Cross Border Transfers

To run our business, we may store and process your Personal Information in any country where Ceridian and authorized third parties operate. When we transfer your Personal Information in this manner across country borders, we implement adequate measures for its protection, and for compliance with applicable laws.

Ceridian utilizes the adequacy determinations made by the European Commission to transfer Personal Information to countries with data protection that is adequate to the EU. Ceridian also utilizes Standard Contractual Clauses (SCCs) for the transfer of Personal Information from the EU and Switzerland to other countries.


Ceridian has implemented policies and procedures to protect Personal Information. Ceridian uses recognized industry standard security safeguards appropriate to the sensitivity of the Personal Information. Ceridian reviews its security policies and procedures on a regular basis and updates them as needed to maintain their relevance. Ceridian provides reasonable security controls for customers to configure in order to protect their Personal Information from and against risks, such as loss or theft, as well as unauthorized access, collection, use, disclosure, copying, modification, disposal and destruction.

How to Contact Ceridian

For privacy-related questions, comments or concerns, contact Ceridian at:

Chief Privacy Officer
Ceridian HCM, Inc.
3311 E. Old Shakopee Road
Bloomington, MN 55425
Telephone: 1-888-975-7674
Email: privacy@ceridian.com

Changes to this Privacy Statement

Ceridian may update this Statement periodically to reflect changes to our privacy practices. We will provide notice online when we make any material changes to this Statement.