Workplace is a tool that connects everyone in your company, even if they're working remotely. Use familiar features such as Groups, Chat, Rooms and live video broadcasting to get people talking and working together.
Workplace is a communications hub that connects everyone in your organization to help drive collaboration and business results. Workplace offers features such as groups, search, profiles, Workplace Chat, News Feed, auto-translation, Live Video and more. Workplace lets you create a Workplace account that is separate from your personal Facebook account.
Workplace is developed with security as a top priority. It directly benefits from all of Facebook’s investment in security, technology and infrastructure, while remaining a separate platform.
Visit the Customer Resource Center to find out more about Workplace data security and governance.
What is GDPR?
The General Data Protection Regulation (GDPR) is a new framework that will harmonize data protection rules across the European Union (EU). It goes into effect on May 25, 2018 and will govern how the Facebook Family of Companies is regulated. You can find out more about Facebook’s approach to GDPR here.
Many of the principles build upon the current data protection rules in place within the EU. But GDPR also places some new requirements on companies. GDPR will apply to any Workplace customer with users residing in the EU, even if the organization’s location is outside of the EU.
Workplace and GDPR Compliance
GDPR expands current data protection laws and also adds some new requirements. Most of GDPR’s requirements fall on data controllers. This is the organization or party that decides the "purposes" and "means" of any processing of personal data. Workplace customers act as data controllers and appoint Facebook as a data processor under the Workplace agreement.
Facebook and Workplace comply with all data protection laws that apply to us. Where applicable, we’ll adapt our existing practices to align with GDPR. We’re also dedicated to helping our Workplace customers meet their obligations.
Safeguards and Contractual Commitments
We understand that GDPR requires Workplace customers to engage data processors with appropriate safeguards to ensure an appropriate level of protection for personal data.
We’ve been working with our product, design and engineering teams to make sure our products will comply with the GDPR rules. This includes making sure our contractual commitments allow customers to demonstrate their compliance. We’ll be updating our agreements to provide the undertakings required from data processors under GDPR.
GDPR requires Workplace customers to engage data processors who can provide an appropriate level of security to meet the requirements set out in the new regulations. The safety of the personal data we process for our customers is of the utmost importance to us. We undergo regular security audits and Workplace is ISO 27001 certified.
We also invest in systems to make sure we can identify threats to data security when we process data for Workplace customers. In the unlikely event of a relevant incident, we’ll notify and assist customers.
Your Workplace Account
Your Workplace account is a place for you to connect and collaborate with your coworkers, join groups related to your team or projects, and get company news and updates.
Your Workplace account is only visible to people at your company and is separate from your personal account. What you share to your Workplace account can only be seen by people in your company.
Your Facebook Account
Your Facebook account is personal. It's for connecting with friends and family, and sharing moments from your life.
The things you share to your personal account will only be seen by people you have allowed, based on your privacy settings on Facebook.
Note: Your employer can't access your personal Facebook account if you're using Workplace, since the accounts are separate.
How can I learn more about the types of data displayed in the Apple App Privacy Details for Workplace?
When you install an app from the App Store, you may see some information that Apple now asks all app developers to provide about how the app handles data. Apple offers a small range of specific options to choose from when describing an app’s data use and collection practices, and these options are not specific to you or the settings and controls you may have used in each of our apps.
Below are a few examples of how the data types are used:
- Contact Information. The information you provide when you sign up for an account allows us to communicate with you and your system administrator regarding use of the service and allows you to connect, communicate and share content with your coworkers.
- Coarse Location. We use IP-derived location in order to provide and improve the operation of Workplace, such as by running performance analytics, and for safety and security.
- User Content. Camera or voice-enabled features are used during Workplace Chat calls, meetings and live broadcasts.
- Search History. When searching Workplace (for example, for people, posts or groups) we keep a record to personalize your experience using Workplace. You can access and delete those searches from within your search history.
- Identifiers. Account and device identifiers collected can be used to personalize your and your organisation’s experiences as part of providing the service.
- Usage Data & Diagnostics. Information about the features you use and the duration of your activities when you use Workplace may be used to improve the service for you and others.
I'm using Workplace and have a question about compliance with the EU-U.S. Privacy Shield or Swiss-U.S. Privacy Shield.
Facebook, Inc. participates in the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield for Workplace , as described in our Privacy Shield Notice and in our certification with the United States Department of Commerce. As part of our participation in the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield we will resolve disputes regarding personal data covered by our certification through TRUSTe. If you have any additional questions about our compliance with either Privacy Shield framework, you can contact us.
Workplace customers act as data controllers and appoint Facebook as a data processor under the Workplace Enterprise Agreement.
As the data controller, you make the decisions about what can be done with your data, including whether to modify, delete or export it. The data that your employees create on Workplace belongs to your organization and can't be accessed publicly.
The Workplace Online Terms provide customers with various contractual protections when it comes to the handling of customer data, including, in particular, those set out in the Data Processing Addendum and the Data Security Addendum of the Workplace Online Terms. For our EU clients, Workplace provides an additional addendum with standard contractual clauses (SCCs) to assist them, as data controllers, in ensuring compliance with their obligations under General Data Protection Regulation (GDPR).
No advertising on Workplace
We process your data to ensure that you have the best possible experience with Workplace. We don't use it to show ads, and we take strong measures to prevent any misuse of data by internal or external parties.
To protect your data and provide unprecedented performance and availability within our platform, data on Workplace is stored globally across Facebook's data centres located in the US and the EU.
Workplace is designed to stay up and running, no matter what, thanks to our globally distributed infrastructure:
- Physical security safeguards for our data centres and offices
- Mitigate against denial of service attacks or local disasters
- Advanced threat intelligence and automated detection using machine learning
- 24/7/365 monitoring by dedicated teams
Workplace and Facebook are separate platforms with different accounts and profiles. Posts made on one aren't visible on the other. Workplace benefits from Facebook's company-wide investments in security, infrastructure and technical innovation.