Protecting your data and respecting your privacy
We’re committed to your privacy and security, with world-class infrastructure and enterprise features to keep your Workplace safe.
Your Workplace, your data
With Workplace, you control your data while we keep it safe from unauthorized access or misuse.
As the data controller, you make the decisions about what can be done with your data, including whether to modify, delete or export it. The data your employees put into Workplace belongs to your organization, and can’t be accessed publicly.
We process your data to ensure you have the best possible experience with Workplace. We don’t use it to show ads, and we take strong measures to prevent any misuse of data by internal or external parties.
Workplace and Facebook are separate platforms with different accounts and profiles. Posts made on one aren’t visible on the other. Workplace benefits from Facebook's company-wide investments in security, infrastructure and technical innovation.
Security-conscious organizations trust Workplace with their data
“We’re now a more secure organization thanks to Workplace.“
Tools to keep people safe and information secure
Workplace uses enterprise-grade security features to keep your organization safe from harm.
We make it easy to get the right people onto your Workplace - while keeping everyone else out.
- Single Sign-On and automated provisioning
- Secure identities for emailless staff including two-factor authentication
- Enterprise device management
- Domain verification and claiming
Workplace is designed to stay up and running, no matter what, thanks to our globally distributed infrastructure.
- Physical security safeguards for our data centers and offices
- Mitigate against denial of service attacks or local disasters
- Advanced threat intelligence and automated detection using machine learning
- 24/7/365 monitoring by dedicated teams
We use enterprise-grade protection mechanisms to keep your content safe.
- Industry-standard secure transport protocols
- Integrated Video Rights Management
- Data Loss Protection integrations
- Malicious file and link detection
Our tools will help you manage your community and create a great work environment.
- Custom user terms of service
- Native content reporting and review
- Off-the-clock access controls for hourly staff
- Audit logs and API support for retention and eDiscovery
Globally recognized compliance certifications
Workplace meets the highest data safety standards.
FAQs on security, privacy and integrity
How does Workplace keep my information secure?
Workplace is hosted on Facebook's infrastructure, protected by a combination of advanced security systems, teams, policies and processes focused on customer privacy and safety. Physical access to our data centres is restricted to authorized individuals, and we own or directly lease all of our facilities so we have end-to-end control over the grounds, buildings, servers, operations and maintenance for each center. Workplace admins can leverage their security page to monitor unusual security events and view a company security health score. They can also use our APIs, and we have partnered with a variety of industry-standard compliance service providers for policy enforcement and to receive security alerts.
Who owns and controls the information my employees create?
For Workplace Essential, Advanced and Enterprise customers, the data your employees put into Workplace belongs to your organization. You control it. Your administrators can modify, delete or export it at any time via an API or the Admin Panel. To create a Workplace account, the only mandatory information a user needs to provide is their first and last name, their email address or an employee identifier.
Where is my data stored?
To protect your data and provide unprecedented performance and availability within our platform, data on Workplace is stored globally across Facebook's data centers located in the US and the EU.
What can Facebook do with my data?
Anything you upload to Workplace (your customer data) is governed by your enterprise agreement and is provided to Facebook solely to provide the Workplace service and appropriate support to you. Your users will not be targeted by advertising on Workplace and we don’t use your data to inform ads targeting on Facebook. We do generate aggregated statistical and analytical data derived from your use of Workplace. Workplace only shares this data with Facebook in instances where it directly benefits our broader Workplace service, such as security or troubleshooting. We take protecting your data very seriously and have access controls, monitoring and employee training regimes designed to prevent unauthorized access to data by Facebook staff.
Does Workplace share my data with third parties?
As a Workplace customer you control and authorise which integrations can query data via our APIs, including vetted vendors from our integrations directory or custom integrations you may develop. Facebook has a robust third-party management framework that includes vendor assessment, security testing and periodic or random review to ensure alignment with our commitments to protect your data. Where Facebook retains subcontractors (or ‘subprocessors’) for services that may require access to Workplace personal or customer data, this will only be done with a written agreement that imposes on the subprocessor the same data protection obligations as are imposed on Facebook under the Workplace enterprise agreement. A list of applicable subprocessors can be provided on request.