Bill.com System Security

Bill.com is committed to protecting the security and privacy of your information. We know that information regarding you and your company is extremely important and confidential.

Bill.com uses the industry's most advanced security and process controls to ensure that the security, confidentiality, and availability of your data is protected. Bill.com is a US-based corporation. All storage and processing of data are done in the US.

The Most Advanced Security and Process Controls

  • SSL encryption technology ensures privacy of communications between your browser and the Bill.com service
  • Firewalls prevent unauthorized electronic access to servers
  • Production servers are in high-security, locked facility with biometric access controls preventing unauthorized physical access to servers
  • All sensitive data is encrypted in our database
  • Offsite continuous backup enables Bill.com to recover from a potential disaster quickly
  • Bill.com undergoes an annual SSAE 16 SOC 1 Type II Audit by a leading national CPA Firm
  • Payments are FDIC-insured en route
  • Our employees may access your information only to help us provide you with our service
  • All employees undergo background checks and annual training on security and handling sensitive data
  • We will make any legally required disclosures of any breach of the security, confidentiality, or integrity of your information to you via email or conspicuous posting on this Site without unreasonable delay, insofar as consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system
  • When you sign up for Bill.com, you provide an email address and password to access our website. You can help protect your information by using a strong password, keeping your password secret, and by changing it from time-to-time

Data Retention

We will retain your information for as long as your account is active or as needed to provide you services. Please contact us if you wish to cancel your account or request that we no longer use your information to provide you services. We will maintain records in accordance with our privacy policy and terms of service. We have legal and regulatory requirements to maintain customer data after termination of our customer relationship.