Last revised: October 17 2023
Deel Inc., a Delaware corporation with its principal offices at 425 1st San Francisco, CA 94105 United States, ("Deel", "us", "we", or "our") operates the www.deel.com website (the “Site”) and provides international payroll and related services (the "Services"), which is available through the Site.
Deel has developed a global privacy program under which we offer the same high standards of privacy protection regardless of where you are in the world. When we refer to Deel, we mean the Deel entity with which you have an agreement, if applicable.
This Privacy Policy informs you of how information about you is collected, used, and disclosed by us.
This Privacy Policy forms part of our Deel Platform Terms of Service. Unless otherwise defined in this Privacy Policy, capitalized terms used in this Privacy Policy have the same meanings as in our Terms of Service.
This Privacy Policy applies to the following individuals:
By using our Site and/or our Services as well as engaging with Deel in any way, you agree to the collection and use of your information in accordance with this Privacy Policy.
Deel collects and stores certain information about you. This information can be used on its own or in combination with other information to identify you ("Personal Information"). Below is a list of types of Personal Information that we may collect and use about you.
Swipe to explore table
Categories of Personal Information
Description
Contact
Information we use to contact you including physical addresses, e-mail addresses, and phone numbers
Identification
Information we use to identify you including full name, government ID, passport, DoB, and selfie
Financial
Information about an individual's financial account including bank account details, payment card details
Transactional
Information about the transactions you carry out and the payments to and from your accounts with us including amounts and dates
Contractual
Information about the products or services we provide to you
Locational
Information we get about where you are, including country and IP address. This may come from your mobile phone or the place where you connect a computer to the internet. It may also include locations where you used your card.
Usage
Information about the usage of our Services and Site including metadata
Technical
Information on the devices and technology you use including IP address, login data, browser type and version, timezone, operating system, browser type
Communications
Information from communications between us including any personal data you may share with us in your messages, communication metadata
Professional
Information about professional career and educational background including current and old job positions, degrees, qualifications
Public and third-party records
Information about you that is in public records and information about you that is publicly available on the internet. We also collect information about you which we receive from other companies, such as (without limitation) credit reference or fraud protection agencies (see below for more information).
Consents
Any permissions, consents or preferences that you give us
Deel Community Platform Content
The Deel Community allows you to post or transmit comments, computer files, messages, and other materials. This content may include personal data
Other Information
Any other information you choose to provide to us through all available channels, participating in user/customer surveys or otherwise visiting and interacting with our Site and/or Services.
For the avoidance of doubt, Personal Information shall not include any personal information which is anonymised, after which the identifiable data is destroyed. Deel may also collect and use non-Personal Information to analyze the effectiveness of our Services and to improve our Services. We may collect non-Personal Information through the Services, the Site and through cookies.
We may collect personal information about you or your businesses from any of these sources:
Please refer to our Cookie policy for more information.
Below is a list of the ways that we may use your Personal Information together with the legal basis of processing, where applicable under data protection law.
Swipe to explore table
What we use your personal information for
Our reasons
Serving you
Improving our business
Marketing and events-related communications
Managing our operations
Crime prevention and managing risks
Business management
In cases where we need to process personal data for the performance of the contract with you or as required by law and you refuse to provide your information, we may not be able to perform the contract with you and consequently, we may not be able to provide certain services to you.
We may contact you with newsletters and other marketing information that may be of interest to you. You may opt out of receiving any, or all, of these marketing communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us. Please note that we may still send you transactional or administrative messages related to the Service even after you have opted out of receiving marketing communications.
We will only share your information with the third parties listed below for the purposes described above in the “Information Use” Section unless otherwise noted at the point of collection:
We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, consistent with applicable law. This retention period allows us to comply with our legal obligations, resolve disputes, enforce our agreements and study customer data as part of our own research. We will not retain your data for longer than is necessary to fulfill the purpose for which it is being processed.
To determine the appropriate retention period, we take into consideration the amount, nature, and sensitivity of the personal data, as well as the purposes for which we process it. We also assess whether we can achieve those purposes through other means. For the data retention period related to the Services provided to you, please refer to the Data Processing Addendum.
The security of your Personal Information is important to us. We implement suitable measures to safeguard the information you entrust to us, preventing its loss, misuse, unauthorized access or disclosure, alteration, and destruction, addressing threats from both external and internal sources. Furthermore, we restrict access to your personal data to individuals such as employees, agents, contractors, and other third parties, but only those who require such access for legitimate business purposes. These authorized individuals will process your personal data solely based on our explicit instructions and are bound by a confidentiality obligation.
If you have selected a password or other login credentials that grant access to the Deel platform, it is your responsibility to take all reasonable measures to maintain the confidentiality of this information. You should not share your password or login credentials with any other individual.
Please be aware that no method of transmission over the internet, or method of electronic storage is 100% secure and we are unable to guarantee the absolute security of the Personal Information we have collected from you. Therefore, you are also a key stakeholder in making sure that your Personal Information is protected. If you become aware of any breach of security or privacy, please contact us immediately at dpo@deel.com.
Information collected while you use the Site and/or Service, including your Personal Information, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
If you are located outside the United States and choose to provide information to us, please note that we will transfer the information, including your Personal Information, to the United States and process it there. In order to provide adequate protection for the data transfer, we have in place contractual arrangements with our subsidiaries, affiliates and business partners in respect of such transfers. By utilizing our Sites and/or services, you authorize the international transfer of your data, to the United States, where we are based, and to other locations where we and/or our service providers operate. Note that the Deel Platform is maintained and owned by Deel Inc., a United States entity, however Deel stores all Deel Platform data in Ireland (EU) only.
Our Site may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third-party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over, and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
We do not knowingly collect Personal Information from children under the age of 18. Our Site and Services are not addressed to minors. If you are a parent or guardian and you learn that your children have provided us with Personal Information, please contact us. If we become aware that we have collected Personal Information from a child under the age of 18 without verifiable parental consent, we will take steps to remove that information from our servers.
Under applicable privacy regulation, you may have some or all of the following rights in respect of your Personal Information:
In addition to the above, you have the right to lodge a complaint with a supervisory authority for data protection.
To exercise these rights you may contact us either by emailing dpo@deel.com or addressing it to the Head of Data Privacy Manager Service, Bouaziz & Partners, 45 Quai de la Seine, 75019, Paris, France.
We may ask you for additional data to confirm your identity and for security purposes, before disclosing the information requested to you. If you would like to submit a request on behalf of another individual, you may do so by providing proof of authorization by the individual to submit such a request on their behalf. We reserve the right to charge a fee where permitted by law. We may also decline to process requests that jeopardize the privacy of others, are excessive, or would cause us to take any action that is not permissible under applicable laws. Additionally, as permitted by applicable laws, we may need to retain certain Personal Information for a limited period of time for record-keeping, accounting and fraud prevention purposes. Please note also that you may be able to exercise some of these rights without our intervention. For example, if you are a registered Deel platform user, you can access and update your personal data.
This Privacy Policy is effective as of the “LAST REVISED” date specified at the top of this Privacy Policy and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.
We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically. Your continued use of the Service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.
If you have questions or concerns regarding privacy using our Service, please contact us at: dpo@deel.com.
Deel is a global company and as such, our approach to privacy compliance is a global one. No matter where you are located, whether in the United States, the European Economic Area (EEA), the United Kingdom (UK), Latin America, or the Asia-Pacific region, we remain committed to abiding by all applicable data protection laws. Below you'll find region-specific privacy terms that might apply to you in addition to the general terms of this Privacy Policy, depending on the country where you're based.
This section applies to the processing of Personal Information about US residents using our Site and/or Services and addresses the specific requirements under the California Consumer Privacy Act 2018 (CCPA), Colorado Privacy Act, Connecticut Data Privacy Act, Utah Consumer Privacy Act, and Virginia Consumer Data Protection Act.
Categories, Sources and Recipients of Personal Information
You can find the types of Personal Information we have collected about you in the past 12 months in the section "Information Collection" of our privacy policy, You may also learn about the sources of your Personal Information i.e where we get your information from in the section "Sources of your Personal Information" of our privacy policy.
We have also shared your Personal Information to the third parties identified in the section " Information Sharing with Third Parties" for business purposes as identified in the section "Information Use" of our privacy policy in the past 12 months. The categories of data that we have shared with third parties are the following:
Sale of Personal Information We do not offer an opt-out from the sale of Personal Information because we do not sell Personal Information as defined by the CCPA (and have not done so in the last 12 months). We also do not sell any Personal Information of consumers under the age of 16.
Sensitive Personal Information The categories of Personal Information used by Deel as described in the section "Information Collection" of our privacy policy include "Sensitive Personal Information" as defined under the California Privacy Rights Act. Deel does not use or disclose sensitive Personal Information for any purpose other than to provide you with our Services, as permitted by the California Privacy Rights Act.
Your CCPA rights California residents have the following rights:
You can submit your requests by following the steps outlined in the section "Your Rights" in our privacy policy.
Colorado, Connecticut, Utah, Virginia
The Virginia Consumer Data Protection Act, the Colorado Privacy Act, the Connecticut Data Privacy Act and the Utah Consumer Privacy Act, provide consumers with specific rights regarding their Personal Information. If you are a resident of one of these states, this section describes your rights under these laws.
The categories of Personal Information we process, our purposes for processing your Personal Information, the categories of Personal Information that we share with third parties, and the categories of third parties with whom we share it are detailed above in our Privacy Policy.
Your Virginia, Colorado, Connecticut and Utah Rights
You can submit your requests by following the steps outlined in the section "Your Rights" in our Privacy Policy.
Your Right to Appeal
If we decline to take action regarding a request that you have submitted, we will inform you of our reason for declining to take action and provide instructions for how to appeal the decision. In the event that we do not respond to a request that you make pursuant to one of the privacy rights set forth in this section, you have the right to appeal our refusal to take action within a reasonable period of time after you receive our decision. Within 60 days (45 for residents of Colorado) of our receipt of an appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied you may contact your state attorney general’s office to submit a complaint.
EEA/UK/Switzerland
This section applies to residents of the EEA, Switzerland and the UK, using our Site and/or Services and addresses the specific requirements under the General Data Protection Regulation (GDPR), the UK GDPR and the Swiss Federal Data Protection Act (FADP).
Legal Basis
If you are a resident in the EEA, UK and Switzerland, we collect and process information about you only where we have a legal basis for doing so under applicable laws. For information about the legal bases we rely on when processing your Personal Information under GDPR, please refer to the section "Information Use" of our Privacy Policy.
Data Transfers
When transferring data from the European Union, the European Economic Area, the UK, and Switzerland, Deel relies upon the Standard Contractual Clauses as included in our Data Processing Addendum. Deel also complies with the EU-U.S. Data Privacy Framework (the “EU-U.S. DPS”), the UK Extension to the EU-U.S. DPF (the “UK Extension”), and the Swiss-U.S. Data Privacy Framework (the “Swiss-U.S. DPS”), as set forth by the U.S. Department of Commerce.
Deel has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Deel has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
Deel is responsible for the processing of personal data it receives, under each DPF, and subsequently transfers to a third party acting as an agent on its behalf. Deel complies with the DPF Principles for all onward transfers of personal data we receive from the European Union, the UK and Switzerland in reliance on the EU-U.S. DPF Principles, the UK Extension and/or the Swiss-U.S. DPF Principles, including the onward transfer liability provisions. In particular, where we have received your personal information in the United States in reliance upon the EU-U.S. DPF Principles, the UK Extension and/or the Swiss-U.S. DPF Principles and we subsequently transfer that information to a third party acting as an agent, and such third party agent processes your personal information in a manner inconsistent with those Principles, we will remain responsible unless we can prove we are not responsible for the event giving rise to the damage.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Deel commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU and UK individuals and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact Deel at dpo@deel.com.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Deel commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.
With respect to personal data processed pursuant to the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), Deel is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Deel may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Under certain conditions that are fully described on the Data Privacy Framework website at, https://www.dataprivacyframework.gov/s/article/How-to-Submit-a-Complaint-Relating-to-a-Participating-Organization-s-Compliance-with-the-DPF-Principles-dpf, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
Your GDPR rights
If you are a resident of EEA, UK and Switzerland, you have the rights set forth in the “Your Rights” section of our Privacy Policy.
Your PIPL rights
If you are a resident of the People’s Republic of China ("PRC"), you have, in addition to the rights set forth in the “Your Rights” section of our Privacy Policy, the right to access, correct, and delete the Personal Information of the deceased close relative of yours under the Personal Information Protection Law ("PIPL").
Legal Basis
If you are a resident of the Republic of China, we collect and process information about you only where we have legal bases for doing so under applicable laws. For information about the legal bases we rely on when processing your Personal Information under PIPL, please refer to the section "Information Use" of our Privacy Policy.
Transfer of information outside of China
Deel will transfer your personal information to the United States as mentioned in the "International Transfer" section of our Privacy Policy. Deel may also transfer your Personal Information to third parties located outside of the territory of China if this is necessary to fulfill our purposes as outlined in the "Information Use" section. Before we transfer your Personal Information outside the territory of China, we will make sure that all requirements under the laws and regulations of China on cross-border transfer of Personal Information are met and will require overseas recipients to protect your Personal Information at the levels not lower than those required by applicable laws and regulations of China.
This section applies to individuals who are located in Brazil, according to the "Lei Geral de Proteção de Dados" (LGPD).
Legal Basis
If you are a resident of Brazil, we collect and process information about you only where we have legal bases for doing so under applicable laws. For information about the legal bases we rely on when processing your Personal Information under LGPD, please refer to the section "Information Use" of our Privacy Policy.
Your Brazilian privacy rights
We assure you that you will never be discriminated against by exercising your rights. If you are a resident of Brazil, you have, in addition to the rights set forth in the “Your Rights” section of our Privacy Policy, the right to anonymization, and to access information from public and private entities with whom we have shared your Personal Information.
If you reside in a location outside of the EEA, the UK, Switzerland, the United States, China, or Brazil, please be aware that we prioritize your privacy. Certain regions have distinct privacy requirements that necessitate specific provisions in our Privacy Notice. We are committed to staying compliant with applicable data protection laws and will update this Privacy Policy as necessary to incorporate any required provisions.
Solutions
© Copyright 2024. All Rights Reserved.