Protecting your data and respecting your privacy
We're committed to your privacy and security, with world-class infrastructure and enterprise features to keep your Workplace safe.
Your Workplace, your data
With Workplace, you control your data while we keep it safe from unauthorised access or misuse.
As the data controller, you make the decisions about what can be done with your data, including whether to modify, delete or export it. The data that your employees put into Workplace belongs to your organisation, and can't be accessed publicly.
We process your data to ensure that you have the best possible experience with Workplace. We don't use it to show ads, and we take strong measures to prevent any misuse of data by internal or external parties.
Workplace and Facebook are separate platforms with different accounts and profiles. Posts made on one aren't visible on the other. Workplace benefits from Facebook's company-wide investments in security, infrastructure and technical innovation.
Security-conscious organisations trust Workplace with their data
"We're now a more secure organisation thanks to Workplace."
We make it easy to get the right people onto your Workplace – while keeping everyone else out.
- Single sign-on and automated provisioning
- Secure identities for email-less staff including two-factor authentication
- Enterprise device management
- Domain verification and claiming
Workplace is designed to stay up and running, no matter what, thanks to our globally distributed infrastructure.
- Physical security safeguards for our data centres and offices
- Mitigate against denial of service attacks or local disasters
- Advanced threat intelligence and automated detection using machine learning
- 24/7/365 monitoring by dedicated teams
We use enterprise-grade protection mechanisms to keep your content safe.
- Industry-standard secure transport protocols
- Integrated video rights management
- Data loss protection integrations
- Malicious file and link detection
Our tools will help you manage your community and create a great work environment.
- Custom user terms of service
- Native content reporting and review
- Off-the-clock access controls for hourly staff
- Audit logs and API support for retention and eDiscovery
FAQs on security, privacy and integrity
How does Workplace keep my information secure?
Workplace is hosted on Facebook's infrastructure, protected by a combination of advanced security systems, teams, policies and processes focused on customer privacy and safety. Physical access to our data centres is restricted to authorised individuals, and we own or directly lease all of our facilities so we have end-to-end control over the grounds, buildings, servers, operations and maintenance for each centre. Workplace admins can leverage their security page to monitor unusual security events and view a company security health score. They can also use our APIs, and we have partnered with a variety of industry-standard compliance service providers for policy enforcement and to receive security alerts.
Who owns and controls the information my employees create?
For Workplace customers, the data that your employees put into Workplace belongs to your organisation. You control it. Your administrators can modify, delete or export it at any time via an API or the Admin Panel. To create a Workplace account, the only mandatory information that a user needs to provide is their first and last name, their email address or an employee identifier.
Where is my data stored?
To protect your data and provide unprecedented performance and availability within our platform, data on Workplace is stored globally across Facebook's data centres located in the US and the EU.
What can Facebook do with my data?
Anything that you upload to Workplace (your customer data) is governed by your enterprise agreement and is provided to Facebook solely to provide the Workplace service and appropriate support to you. Your users will not be targeted by advertising on Workplace and we don't use your data to inform ads targeting on Facebook. We do generate aggregated statistical and analytical data derived from your use of Workplace. Workplace only shares this data with Facebook in instances where it directly benefits our broader Workplace service, such as security or troubleshooting. We take protecting your data very seriously and have access controls, monitoring and employee training regimes designed to prevent unauthorised access to data by Facebook staff.
Does Workplace share my data with third parties?
As a Workplace customer, you control and authorise which integrations can query data via our APIs, including vetted vendors from our integrations directory or custom integrations that you may develop. Facebook has a robust third-party management framework that includes vendor assessment, security testing and periodic or random review to ensure alignment with our commitments to protect your data. Where Facebook retains subcontractors (or "subprocessors") for services that may require access to Workplace personal or customer data, this will only be done with a written agreement that imposes on the subprocessor the same data protection obligations as are imposed on Facebook under the Workplace enterprise agreement. A list of applicable subprocessors can be provided on request.