Workplace Terms of Service


YOU WARRANT AND REPRESENT THAT YOU ARE ENTERING INTO THESE WORKPLACE ONLINE TERMS ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, AND THAT YOU HAVE FULL AUTHORITY TO BIND SUCH ENTITY TO THIS AGREEMENT. SUBSEQUENT REFERENCES TO “YOU”, “YOUR” OR “CUSTOMER” MEAN SUCH ENTITY.
If the address you provide within your Workplace account settings or otherwise provide to us in writing is in the U.S. or Canada, this Agreement is an agreement between you and Meta Platforms, Inc. Otherwise, this Agreement is an agreement between you and Meta Platforms Ireland Ltd. References to “Meta”, “us”, “we”, or “our” mean either Meta Platforms, Inc. or Meta Platforms Ireland Ltd., as appropriate.
The following terms shall apply to your use of Workplace.
Certain capitalized terms are defined in Section 13 (Definitions) and others are defined contextually in this Agreement.
  1. Use of Workplace
    1. Your Usage Rights. During the Term, you have a non-exclusive, non-transferable, non-sublicensable right to access and use Workplace in accordance with this Agreement. Use of Workplace is limited to the Users (including, where applicable, those of your Affiliates) for whom you enable accounts, and you are responsible for all Users and their compliance with this Agreement and their access to, and use of, Workplace. For clarity, Workplace is provided as a service to you, not to Users individually. You acknowledge that the features and functionality of Workplace may vary, and may change over time.
    2. Accounts. Your registration and admin account information must be accurate, complete and kept up-to-date. User accounts are for individual Users and cannot be shared or transferred. You must keep all login credentials confidential and agree to notify Meta immediately if you discover any unauthorized use of your accounts or login credentials.
    3. Restrictions. You will not (and will not permit anyone else to): (a) use Workplace on behalf of any third party or rent, lease, provide access to or sublicense Workplace to any third party, except Users as permitted herein; (b) reverse engineer, decompile, disassemble, or otherwise seek to obtain the source code to Workplace, except to the extent expressly permitted by applicable law (and then only upon advance notice to Meta); (c) copy, modify or create derivative works of Workplace; (d) remove, modify or obscure any proprietary or other notices contained within Workplace; or (e) publicly disseminate technical information regarding the performance of Workplace.
    4. Content Moderation. We may remove, block or restrict content that is in breach of this Agreement. In addition, if Users breach this Agreement, we may in certain cases restrict or disable a User’s account. To learn more about how Meta moderates content within Workplace, please review the Acceptable Use Policy.
    5. Setup. During the set up of your Workplace instance, you will appoint one or more User(s) as the system administrator(s) of your Workplace community who is responsible for managing your Workplace instance. You must ensure you have at least one active system administrator for your Workplace instance at all times.
    6. Workplace API. During the Term, Meta may make available one or more Workplace API(s) to you, in order for you to develop and use services and applications that complement your use of Workplace. Any use of the Workplace API(s) by you, your Users, or any third party on your behalf shall be governed by the applicable provisions of the Workplace Platform Terms, currently available at workplace.com/legal/WorkplacePlatformPolicy, as amended by Meta from time to time (“Workplace Platform Terms”).
    7. Support. We will provide Workplace support to you via the direct support tab in the Workplace admin panel (“Direct Support Channel”). You may submit a support request to resolve a question, or report an issue, concerning Workplace, by raising a ticket through the Direct Support Channel (“Support Ticket”). We will provide an initial response to each Support Ticket within 24 hours from the time at which you receive email confirmation that your Support Ticket has been validly raised through the Direct Support Channel.
  2. Your Data and Obligations
    1. Your Data. Under this Agreement:
      1. you retain all right, title and interest (including intellectual property rights) in and to Your Data;
      2. during the Term, you grant Meta a non-exclusive, worldwide, royalty-free, fully-paid right to use Your Data solely to provide Workplace (and related support) to you, pursuant to this Agreement; and
      3. you acknowledge that Meta is the data processor and that you are the data controller of Your Data, and by entering into this Agreement you instruct Meta to process Your Data on your behalf, only for the purposes specified in (and in accordance with) this Agreement (including the Data Processing Addendum).
    2. Your Obligations. You agree (a) that you are solely responsible for the accuracy and content of Your Data; (b) to obtain all necessary rights and consents required by Laws from your Users and any applicable third party to allow the collection and use of Your Data as contemplated in this Agreement; and (c) that your use of Workplace, including Your Data and its use hereunder, will not violate any Laws or third party rights, including intellectual property, privacy or publicity rights. If any of Your Data is submitted or used in violation of this Section 2, you agree to promptly remove it from Workplace. You are solely responsible for any decision to share Your Data among Users or with any third parties, and Meta is not responsible for use, access, alteration, distribution or deletion of Your Data by those to whom you or your Users make it available.
    3. Prohibited Data. You agree not to submit to Workplace any information or data that violates the terms of this Agreement or is subject to safeguarding and/or limitations on distribution pursuant to applicable laws and/or regulation (“Prohibited Information”). With regard to health information, you acknowledge that Meta is not a Business Associate or subcontractor (as those terms are defined in the Health Insurance Portability and Accountability Act (“HIPAA”)) and that Workplace is not HIPAA compliant. Meta will have no liability under this Agreement for Prohibited Information, notwithstanding anything to the contrary herein.
    4. Indemnification. You will defend, indemnify and hold harmless Meta (and its Affiliates and their respective directors, officers, employees, agents, and representatives) from and against all claims (from third parties and/or Users), costs, damages, liabilities and expenses (including reasonable attorneys’ fees) arising out of or in connection with your breach or alleged breach of this Section 2 or otherwise related to Your Data, Your Policies or use of Workplace in violation of this Agreement. Meta may participate in the defense and settlement of any such claim with its own counsel and at its own expense. You shall not settle any claim without Meta’s prior written consent if the settlement requires Meta to take any action, refrain from taking any action, or admit any liability.
    5. Backups and Data Deletion. Meta does not provide an archiving service, and you are solely responsible for creating backups of Your Data. You may delete Your Data consisting of User content at any time during the term through the system administrator functionality of Workplace.
    6. Aggregate Data. Under this Agreement, we may also generate aggregated statistical and analytical data derived from your use of Workplace (“Aggregate Data”), but such Aggregate Data will not include Your Data or any personal data.
  3. Data Security
    1. Security of Your Data. We will use appropriate technical, organizational and security measures designed to protect Your Data in our possession against unauthorized access, alteration, disclosure or destruction, as further described in the Data Security Addendum.
    2. Legal Disclosures and Third Party Requests. You are generally responsible for responding to third party requests regarding Your Data, such as from regulators, Users, or a law enforcement agency (“Third Party Requests”), but you understand that, in response to a Third Party Request, Meta may disclose Your Data to comply with its legal requirements. In such circumstances, we will, to the extent allowed by law and by the terms of the Third Party Request, use reasonable efforts to (a) notify you of our receipt of a Third Party Request and ask the third party to contact you and (b) comply with your reasonable requests regarding your efforts to oppose a Third Party Request at your expense. You will first seek to obtain the information required to respond to the Third Party Request on your own, and will contact us only if you cannot reasonably obtain such information.
  4. Payment
    1. Fees. You agree to pay Meta the standard rates for Workplace (currently available here: https://www.workplace.com/pricing) for your use of Workplace, subject to any free trial period as described in Section 4.f (Free Trial), unless otherwise agreed in a signed written document. All fees under this Agreement will be paid in USD, unless otherwise specified in-product, or unless otherwise agreed in a signed written document. All fees will be settled in full in accordance with your payment method pursuant to Section 4.b. Any late payments shall be subject to a service charge equal to 1.5% per month of the amount due or the maximum amount allowed by law, whichever is less.
    2. Payment Method. When you enter into this Agreement you agree to settle fees under one of two categories of payment: (i) payment card customer (whether paying directly, or through a third party payment platform), or (ii) invoiced customer, as determined in Meta’s discretion. Payment card customers may (in Meta’s sole discretion) become invoiced customers (and vice versa) based on factors such as the number of Users and creditworthiness, but Meta retains the right to re-classify you as a payment card customer or an invoiced customer at any time.
      1. Payment Card Customers. Payment card customers will have their designated payment card charged for their usage of Workplace.
      2. Invoiced Customers. Invoiced customers will be extended a credit line by Meta and will be issued invoices on a monthly basis, unless otherwise agreed in a signed written document. If categorised as an invoiced customer, you will pay all fees due under this Agreement, in full and cleared funds as directed by us, within 30 days of the invoice date.
      3. You agree for us to obtain your business credit report from a credit bureau on acceptance of this Agreement, or anytime thereafter.
    3. Taxes. All fees are stated exclusive of any applicable goods and services tax, value-added tax, sales and use tax, surtax and similar taxes or duties under applicable laws, other than taxes based on the income of Meta. You will pay all amounts due under this Agreement in full without any set-off, counterclaim, deduction or withholding. In the event any payment that you make under this Agreement is subject to a deduction or withholding, you shall obtain prior written approval from Meta and be responsible for making the appropriate payment to the appropriate taxing authorities and financially responsible for interest, penalties, fines, or similar liabilities resulting from your failure to timely remit such taxes to the proper governmental authority or agency. You acknowledge and accept that you are accessing and using Workplace at the address you have provided within your Workplace account settings or otherwise provided to us in writing and we will charge you applicable taxes based on the location of such address. In the event of a tax audit or tax dispute with relevant taxing authorities arising out of this Agreement or if there are statutory or regulatory changes which impact the tax obligations of the Parties, the Parties agree to cooperate and use reasonable efforts to conclude the matter with minimal adverse tax consequences. For instance, if a relevant taxing authority asserts that Meta should have collected applicable taxes from you, and you paid such taxes directly to the taxing authority, you agree to provide us proof that such taxes were paid (to the satisfaction of such taxing authority) within thirty (30) days of Meta’s written request thereof. You agree to indemnify us for any underpayment or non-payment of any taxes that are not specifically excluded in this Agreement, including any penalty and interest.
    4. Suspension. Without affecting our other rights under this Agreement, if you do not pay any fees by the due date, then we may suspend all or part of the Workplace services (including access to paid for services) until payment has been made in full.
    5. Workplace for Good Free Access. Notwithstanding Section 4.a, if you apply for free access under the Workplace for Good programme and Meta determines that you qualify in accordance with Meta’s policies (currently referenced at https://work.workplace.com/help/work/142977843114744) we will provide Workplace to you free of charge in accordance with such policies on a going forward basis. If as a result of a change in our policies you no longer qualify for free access, then Meta will provide you with three (3) months’ prior notice of this and after such notice, Section 4.a will apply.
    6. Free Trial. Meta may in its sole discretion offer you a free trial of Workplace for a fixed period, the duration of which shall be determined at Meta's sole discretion and communicated to you via the admin panel of your Workplace instance. At the end of such free trial Section 4.a (Fees) will apply.
  5. Confidentiality
    1. Obligations. Each party agrees that all business, technical and financial information it obtains (as “Receiving Party”) from the disclosing party in connection with this Agreement (“Disclosing Party”) constitutes the confidential property of the Disclosing Party (“Confidential Information”), provided that it is identified as either confidential or proprietary at the time of disclosure or should be reasonably known by the Receiving Party to be confidential or proprietary due to the nature of the information disclosed and the circumstances surrounding the disclosure. Except as expressly authorized herein, the Receiving Party will: (1) hold in confidence and not disclose any Confidential Information to third parties: and (2) not use Confidential Information for any purpose other than fulfilling its obligations and exercising its rights under this Agreement. The Receiving Party may disclose Confidential Information to its employees, agents, contractors and other representatives having a legitimate need to know (including, for Meta, those of its Affiliates and the subcontractors referenced in Section 12.j), provided that they are bound to confidentiality obligations no less protective of the Disclosing Party's Confidential Information as provided in this Section 5 and that the Receiving Party remains responsible for compliance by any such person with the terms of this Section 5.
    2. Exceptions. The Receiving Party’s confidentiality obligations will not apply to information that the Receiving Party can document: (a) was rightfully in its possession or known to it prior to receipt of the Confidential Information; (b) is or has become public knowledge through no fault of the Receiving Party; (c) is rightfully obtained by the Receiving Party from a third party without breach of any confidentiality obligation; or (d) is independently developed by employees of the Receiving Party who had no access to such information. The Receiving Party may make disclosures to the extent required by Laws or court order, provided that (unless prohibited by Laws) the Receiving Party notifies the Disclosing Party in advance and cooperates in any effort to obtain confidential treatment.
    3. Injunctive Relief. The Receiving Party acknowledges that use of or disclosure of Confidential Information in violation of this Section 5 could cause substantial harm for which damages alone would not be a sufficient remedy, and therefore that upon any such threatened or actual use or disclosure by the Receiving Party the Disclosing Party will be entitled to seek appropriate equitable relief in addition to whatever other remedies it might have at law.
  6. Intellectual Property Rights
    1. Meta Ownership. This is an agreement for access to and use of Workplace, and no ownership rights are conveyed to Customer. Meta and its licensors retain all right, title and interest (including all intellectual property rights) in and to Workplace, Aggregate Data, any and all related and underlying technology, and any derivative works, modifications or improvements to any of the foregoing created by or on behalf of Meta, including based on your Feedback (defined below). No rights are granted to you except as expressly set forth in this Agreement.
    2. Feedback. If you submit comments, questions, suggestions, use cases or other feedback relating to your use of Workplace or its API or our other products or services (“Feedback”), we may freely use or exploit such Feedback in connection with any of our products or services or those of our Affiliates, without obligation or compensation to you.
  7. Disclaimer
    META EXPRESSLY DISCLAIMS ANY AND ALL WARRANTIES AND REPRESENTATIONS OF ANY KIND, EXPRESS, IMPLIED OR STATUTORY, INCLUDING ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE OR NON-INFRINGEMENT. WE DO NOT GUARANTEE THAT WORKPLACE WILL BE UNINTERRUPTED OR ERROR-FREE. WE MAY PERMIT THIRD PARTIES TO DEVELOP AND MAKE AVAILABLE SERVICES AND APPLICATIONS THAT COMPLEMENT YOUR USE OF WORKPLACE OR WE MAY PERMIT WORKPLACE TO OTHERWISE INTEGRATE WITH OTHER SERVICES AND APPLICATIONS. META IS NOT RESPONSIBLE FOR ANY SERVICES OR APPLICATIONS THAT YOU CHOOSE TO USE IN CONNECTION WITH WORKPLACE. YOUR USE OF SUCH SERVICES OR APPLICATIONS IS SUBJECT TO SEPARATE TERMS AND POLICIES AND YOU ACKNOWLEDGE AND AGREE THAT ANY USE IS AT YOUR OWN RISK.
  8. Limitations of Liability
    1. EXCEPT FOR EXCLUDED CLAIMS (DEFINED BELOW):
      1. NEITHER PARTY WILL BE LIABLE FOR ANY LOSS OF USE, LOST OR INACCURATE DATA, INTERRUPTION OF BUSINESS, COSTS OF DELAY OR ANY INDIRECT, OR CONSEQUENTIAL DAMAGES OF ANY KIND (INCLUDING LOST PROFITS), REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, EVEN IF INFORMED OF THE POSSIBILITY OF SUCH DAMAGES IN ADVANCE; AND
      2. NEITHER PARTY'S ENTIRE LIABILITY TO THE OTHER WILL EXCEED THE AMOUNT ACTUALLY PAID OR PAYABLE BY CUSTOMER TO META DURING THE PRIOR TWELVE (12) MONTHS UNDER THIS AGREEMENT OR, IF NO FEES ARE PAID OR PAYABLE DURING SUCH PERIOD, TEN THOUSAND DOLLARS ($10,000).
    2. For the purposes of this Section 8, “Excluded Claims” means: (a) Customer's liability arising under Section 2 (Your Data and Obligations); and (b) a party's breach of its obligations in Section 5 (Confidentiality) but excluding claims relating to Your Data.
    3. The limitations in this Section 8 will survive and apply even if any limited remedy specified in this Agreement is found to have failed of its essential purpose, and the parties agree that neither party is limiting or excluding their liability for anything that cannot be limited or excluded by law. You acknowledge and agree that our provision of Workplace is based upon the assumption that our liability is limited as provided in this Agreement.
  9. Term and Termination
    1. Term. This Agreement will commence on the date on which you first access your Workplace instance and continue until terminated as permitted herein (the “Term”).
    2. Termination for Convenience. Without prejudice to any termination rights that you may have under the Data Processing Addendum, you may terminate this Agreement at any time, for no reason or any reason, upon thirty (30) days’ advance notice to Meta by your admin electing to delete your Workplace instance within the product. Meta may also terminate this Agreement at any time, for no reason or any reason, upon thirty (30) days’ advance notice to you.
    3. Meta Termination and Suspension. Meta reserves the right to terminate this Agreement with reasonable notice to you or immediately suspend your access to Workplace if you breach this Agreement or if we deem such action necessary to prevent harm to the security, stability, availability or integrity of Workplace.
    4. Deletion of Your Data. Meta will delete Your Data promptly after any termination of this Agreement, but you understand that deleted content may persist in backup copies for a reasonable period of time whilst deletion is carried out. As set forth in Section 2.e, you are solely responsible for creating any back-ups of Your Data for your own purposes.
    5. Effect of Termination. Upon any termination of this Agreement: (a) you and your Users must immediately cease using Workplace; (b) at the Disclosing Party’s request, and subject to Section 9.d, the Receiving Party will promptly return or delete any of the Disclosing Party’s Confidential Information in its possession; (c) you will promptly pay Meta any unpaid fees incurred prior to termination; (d) if Meta terminates this Agreement without cause in accordance with Section 9.b, Meta will refund to you a pro rata amount of any pre-paid fees (where applicable); and (e) the following Sections will survive: 1.c (Restrictions), 2 (Your Data and Obligations) (other than Meta’s license to Your Data in Section 2.a), 3.b (Legal Disclosures and Third Party Requests), 4 (Payment) through 13 (Definitions). Except as may be specified in this Agreement, either party’s exercise of any remedy, including termination, is without prejudice to any other remedies it may have under this Agreement, by law or otherwise.
  10. Other Meta Accounts
    1. Personal Accounts. For the avoidance of doubt, User accounts are distinct from any personal Facebook account that Users may create on the consumer Facebook service (“Personal FB Accounts”). Personal FB Accounts are not subject to this Agreement, but rather are subject to Meta’s terms for those services, each between Meta and the relevant user.
    2. Workplace and Ads. We will not show third-party advertising to your Users on Workplace and we will not use Your Data to provide or target advertising to your Users or to personalize your Users’ experience on their Personal FB Accounts. Meta may, however, make in-product announcements or inform system administrators about features, integrations or functionality related to Workplace.
  11. Beta Features
    1. Beta Testing. Meta may, from time to time, make available beta or pre-release features (each, a “Beta Feature”) for the purposes of testing and obtaining Feedback.
    2. Possibility of Errors. You acknowledge that by accepting to use the Beta Features, that such Beta Features are:
      1. in a testing phase, remain under development and may contain errors, including technical errors that may interfere with functionality; and
      2. may not perform as intended or as effectively as other features.
    3. Beta Feature Changes. Meta may (at its sole discretion) impose limits on, suspend, disable, terminate, remove, replace, change, upgrade, update or roll back any Beta Feature (or part of a Beta Feature), without notice to you.
    4. As-Is. IN ADDITION TO ALL THE DISCLAIMERS MADE IN SECTION 7 (DISCLAIMER) ABOVE, WHICH, FOR CLARITY, ARE ALSO APPLICABLE TO BETA FEATURES, ALL BETA FEATURES MADE AVAILABLE TO YOU ARE PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS. META HAS NO OBLIGATION TO PROVIDE ANY TECHNICAL SUPPORT RELATED TO BETA FEATURES. META HAS NO EXPRESS OR IMPLIED OBLIGATION TO YOU TO MAKE ANY BETA FEATURE AVAILABLE TO YOU. YOU ACKNOWLEDGE AND AGREE THAT YOUR USE OF ANY BETA FEATURE IS DONE ENTIRELY AT YOUR OWN RISK AND TO MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, META HAS NO LIABILITY TO YOU IN CONNECTION WITH ANY BETA FEATURE.
  12. General
    1. Changes. Meta may change terms of this Agreement and policies referenced in or incorporated by this Agreement at any time, including but not limited to the Data Processing Addendum (to comply with applicable data protection law), the Data Security Addendum, and the Acceptable Use Policy, by providing you with notice by email, through Workplace or by other reasonable means (each, a “Change”). By continuing to use Workplace thirty (30) days after notice of a Change, you shall be deemed to have consented to such Change.
    2. Governing Law. Without prejudice to Section 12.p, this Agreement and your and your Users’ use of Workplace as well as any claim that might arise between you and us, are governed by, and must be construed in accordance with, the laws of the United States and the State of California, as applicable, without giving effect to their principles of conflicts of law. Any claim or cause of action arising out of or relating to this Agreement or Workplace must be commenced exclusively in the U.S. District Court for the Northern District of California or a state court located in San Mateo County, and each party hereby consents to the personal jurisdiction of such courts.
    3. Entire Agreement. This Agreement is the entire agreement between the parties regarding your access to and use of Workplace and supersedes any prior representations or agreements relating to Workplace. Headings are for convenience only, and terms such as “including” are to be construed without limitation. All URLs noted in this Agreement include any successor URLs applicable to the same subject matter. This Agreement is written in English (US), which will control over conflicts in any translated version.
    4. Waiver and Severability. Failure to enforce a provision will not be deemed a waiver; waivers must be in writing signed by the party claimed to have waived. Any terms or conditions in any Customer purchase order or business form will not modify this Agreement and are hereby expressly rejected, and any such document will be for administrative purposes only. If any provision of this Agreement is adjudged by a court of competent jurisdiction to be unenforceable, invalid or otherwise contrary to law, such provision will be interpreted so as to best accomplish its intended objectives and the remaining provisions of this Agreement will remain in full force and effect.
    5. Publicity. Any press release or marketing campaign about the parties’ relationship requires the prior written approval of both parties. Notwithstanding the foregoing: (a) within your own company, you may publicize or promote use of Workplace during the Term (e.g., to encourage User adoption), subject to Meta’s brand usage guidelines provided from time to time, and (b) Meta may reference your name and status as a Workplace customer.
    6. Assignment. Neither party may assign this Agreement or its rights or obligations under this Agreement without the prior written consent of the other party, except that Meta may assign this Agreement without consent to any of its Affiliates or in connection with a merger, reorganization, acquisition, or other transfer of all or substantially all of its assets or voting securities. Subject to the foregoing, this Agreement will bind and inure to the benefit of each party’s permitted successors and assigns. Non-permitted assignments are void and will create no obligations on Meta.
    7. Independent Contractor. The parties are independent contractors. No agency, partnership, joint venture, or employment is created as a result of this Agreement and neither party has authority to bind the other.
    8. No Third Party Beneficiaries. This Agreement benefits Meta and Customer and there are no intended third party beneficiaries, including any Users.
    9. Notices. Where you are terminating this Agreement pursuant to Section 9.b you must notify Meta by your system administrator electing to delete your Workplace instance within the product. Any other notice under this Agreement by you must be in writing, which must be sent to Meta at the following address (as applicable): in the case of Meta Platforms Ireland Limited, to Merrion Road, Dublin 4, D04X2K5, Ireland, Attn: Legal, Workplace and, in the case of Meta Platforms Inc, to 1 Meta Way, Menlo Park, CA 94025 USA, Attn: Legal, Workplace. Meta may send notices to the email address on your account. Meta may also provide operational notices regarding Workplace or other business-related notices through messages to system administrators and Users within Workplace or conspicuous posting within Workplace.
    10. Subcontractors. Meta may use subcontractors and permit them to exercise Meta’s rights under this Agreement, but Meta remains responsible for compliance of any such subcontractor with this Agreement.
    11. Force Majeure. Neither party will be liable to the other for any delay or failure to perform any obligation under this Agreement (except for a failure to pay fees) if the delay or failure is due to unforeseen events that occur after the signing of this Agreement and that are beyond the reasonable control of such party, such as a strike, blockade, war, act of terrorism, riot, natural disaster, failure or diminishment of power or telecommunications or data networks or services, or refusal of a license or authorisation by a government agency or entity.
    12. Third Party Websites. Workplace may contain links to third-party websites. This does not imply our endorsement of any website and we are not responsible for the actions, content, information, or data of third-party websites or actions or any link contained in them, or any changes or updates to them. Third-party websites may provide their own terms and conditions of use and privacy policies that apply to you and your Users and your use of such third-party websites is not governed by this Agreement.
    13. Export Controls and Trade Sanctions. In use of Workplace, Customer agrees to comply with all export and import laws and regulations of the United States and other applicable jurisdictions, as well as any applicable sanctions or trade restrictions. Without limiting the foregoing Customer represents and warrants that: (a) it is not listed on any U.S. government list of prohibited or restricted parties; (b) it is not subject to any UN, U.S., EU, or any other applicable economic sanctions or trade restrictions; and (c) it does not have operations or Users in a country subject to comprehensive U.S. trade sanctions.
    14. Conditions on Governmental Entity Use. If you are a Governmental Entity, you represent that: (i) no applicable law, policy, or principle restricts you from agreeing and performing, or accepting performance of, any term or condition of this Agreement, (ii) no applicable law, policy, or principle renders any term or condition of this Agreement unenforceable against you or any applicable Governmental Entity, (iii) you are authorized to, and have the legal capacity under applicable laws, policies, and principles to represent and bind any applicable Governmental Entity to this Agreement; and (iv) you enter into this Agreement based upon an impartial decision concerning the value of Workplace to you and your Users and no improper conduct or conflict of interest has influenced your decision to enter into this Agreement. Do not enter into this Agreement if you cannot make the representations in this Section 12.n. If a Governmental Entity enters into this Agreement in violation of this Section 12.n, Meta may elect to terminate this Agreement.
    15. Resellers. You may choose to access and use Workplace through a Reseller. In the event you access and use Workplace through a Reseller, you are solely responsible for: (i) any related rights and obligations in your applicable agreement with your Reseller, and (ii) as between you and Meta, any access by Reseller to your Workplace instance, Your Data, and any User accounts that you may create for your Reseller. In addition, in the event you access and use Workplace through a Reseller, you agree that the Reseller Customer Terms shall take precedence over any conflicting terms in this Agreement.
    16. Australian Small Businesses. If you are an Australian small business, this Agreement may be subject to the Australian Consumer Law and your rights under the Australian Consumer Law. If the Australian Consumer Law applies to you and your use of Workplace, the additional provisions within the Australia SMB Addendum form part of this Agreement and are incorporated herein by reference.
  13. Definitions
    In this Agreement, unless otherwise stated:
    "Acceptable Use Policy" means the rules for use of Workplace found at www.workplace.com/legal/FB_Work_AUP, as may be modified from time to time.
    "Affiliate" means an entity that directly or indirectly owns or controls, is owned or is controlled by or is under common ownership or control with a party, where “control” means the power to direct the management or affairs of an entity, and “ownership” means beneficial ownership of 50% (or, if the applicable jurisdiction does not allow majority ownership, the maximum amount permitted under such law) or more of the entity’s voting equity securities or equivalent voting interests. For purposes of this definition, a Governmental Entity is not an affiliate of another Governmental Entity unless it wholly controls such other Governmental Entity.
    "Agreement" means all the terms and conditions contained or referenced in these Workplace Terms of Service and its addendums, including (but not limited to) the Data Processing Addendum, Data Security Addendum, Acceptable Use Policy, MGPT, Reseller Customer Terms, Workplace Platform Terms and Australia SMB Addendum (and any terms referenced therein).
    "Australia SMB Addendum" means the terms found at https://www.workplace.com/legal/FB_Work_Australia, as may be updated from time to time.
    Data Processing Addendum” means the data processing addendum attached to, and forming part of, this Agreement, including any terms referenced therein.
    Data Security Addendum” means the data security addendum attached to, and forming part of, this Agreement.
    "Governmental Entity" means any country or jurisdiction in the world, including without limitation any state, local, municipal, regional, or other unit or political subdivision of government, any governmental organization, instrumentality, enterprise, or other entity established, owned or controlled by such a government, and any representative or agent of any of the foregoing.
    "Laws" means all applicable local, state, federal and international laws, regulations and conventions, including, without limitation, those related to data privacy and data transfer, international communications, the exportation of technical or personal data, and public procurement.
    "MGPT" means the Meta Global Processor Terms available at: https://www.facebook.com/legal/terms/Meta-Global-Processor-Terms.
    "Reseller" means a third party partner that has a valid agreement with Meta authorising them to resell and facilitate access to Workplace.
    "Reseller Customer Terms" means the terms found at https://www.workplace.com/legal/FB_Work_ResellerCustomerTerms, as may be updated from time to time, and forming part of this Agreement, and being the additional terms between the parties which are applicable to you, if you access and use Workplace through a Reseller.
    "Users" means any of your or your Affiliates’ employees, contractors or other individuals that you permit to access Workplace.
    "Workplace" means the Workplace service that we make available to you under this Agreement, and any subsequent versions thereof, including any websites, apps, online services, tools, Beta Features, and content that we may provide to you under this Agreement, as may be modified from time to time.
    "Workplace Subprocessors" means the named entities identified by Meta at https://www.workplace.com/subprocessors, (or a successor location) as may be updated from time to time.
    "Your Data" means (a) any contact information or network or account registration data that you or your Users submit to Workplace; (b) any content or data that you or your Users publish, post, share, import or provide on Workplace; (c) information we collect when you or your Users contact or engage us for support regarding Workplace, including information about hardware, software, and other details gathered related to the support incident; and (d) any usage or functional information (e.g., IP addresses, browser and operating system types, and device identifiers) regarding how Users interact with Workplace.
    "Your Policies" means any of your applicable employee, systems, privacy, HR, complaint or other policies.







Data Processing Addendum

  1. Data Processing. To the extent Meta acts as a Processor of Applicable Personal Data, the parties shall comply with the MGPT as modified by Section 2 (Modifications to the MGPT) below. The MGPT forms part of this Data Processing Addendum, and is expressly incorporated herein by reference. For the avoidance of doubt, the modifications set out in Section 2 (Modifications to the MGPT) shall continue to apply notwithstanding any future updates to the MGPT. Capitalized terms used in this Data Processing Addendum, but not otherwise defined elsewhere in this Agreement, shall have the meanings set out in the MGPT.
  2. Modifications to the MGPT. Notwithstanding anything to the contrary in the MGPT, for the purposes of Meta’s Processing activities under this Agreement, the MGPT is modified as set out below and the following modifications supersede any conflicting language in the MGPT:
    1. The Meta entity that you contract with under this Agreement shall be your Processor for all of your Applicable Personal Data.
    2. Section 2.1.d of the General Terms is deleted and replaced in its entirety with the following: “Company understands and agrees that Company may delete and download its Applicable Personal Data at any time through the tools provided within Workplace during the Term, after which, Meta will delete all Applicable Personal Data as described in Section 9 of the Applicable Terms.
  3. Conflicts. Notwithstanding Section 1.3 (Conflicts) of the General Terms in the MGPT, to the extent there is a conflict or inconsistency between the terms of the MGPT and this Agreement, the terms of this Agreement shall prevail (unless such term(s) contradict a requirement under Law, in which case such requirement(s) under the Law shall prevail).
  4. Processing Description. In conducting its activities as Processor under this Agreement in relation to any Applicable Personal Data within Your Data, Meta confirms that:
    1. the duration, subject matter, nature and purpose of the Processing shall be as specified in this Agreement;
    2. the types of Personal Data Processed shall include those specified in the definition of 'Your Data';
    3. the categories of Data Subjects include your representatives, Users and any other individuals identified or identifiable by Your Data;
    4. your obligations and rights as Controller in relation to any Applicable Personal data within Your Data are as set out in this Agreement and the MGPT; and
    5. the frequency of the data transfers are on a continuous basis for the duration of the Agreement, unless otherwise expressly provided in the Agreement.
  5. Sub-processors. You acknowledge and agree that in connection with the provision of Workplace, Meta has contracted with the Workplace Subprocessors to act as its Sub-processors of Applicable Personal Data.









Data Security Addendum

  1. Background and Purpose
    This document describes the minimum security requirements applicable to Meta’s provision of Workplace to you.
  2. Information Security Management System
    Meta has established and will maintain an Information Security Management System (ISMS) designed to implement industry-standard information security practices applicable to its provision of Workplace. Meta’s ISMS is designed to protect against unauthorized access, disclosure, use, loss or alteration of Your Data.
  3. Risk Management Process
    Security of information and information processing facilities, including IT infrastructure and physical facilities, shall be based upon risk assessment. Risk assessment of Workplace will be done on a regular basis.
  4. Organization of Information Security
    Meta has a designated Security officer with overall responsibility for security in the organization. Meta has designated personnel responsible for oversight of security of your Workplace instance.
  5. Physical and Environmental Security
    Meta’s security measures shall include controls designed to provide reasonable assurance that access to physical processing facilities is limited to authorized persons and that environmental controls are established to detect, prevent and control destruction due to environmental hazard. The controls include:
    The controls include:
    • Logging and auditing of all physical access to the data processing facility by employees and contractors;
    • Camera surveillance systems at critical entry points to the data processing facility;
    • Systems that monitor and control the temperature and humidity for the computer equipment; and
    • Power supply and backup generators.
    Meta shall implement industry-standard procedures for secured deletion and disposal of data on electronic media, subject to the Agreement.
  6. Segregation
    Meta will establish technical mechanisms designed to ensure that Your Data is logically segregated from other customers’ data and that Your Data is only available to authorized users.
  7. Personnel
    1. Training
      Meta shall ensure that all employees with access to Your Data undergo security training.
    2. Screening and Background Checks
      Meta shall:
      • Have a process for verifying the identity of the personnel working with your instance of Workplace.
      • Have a process for performing background checks on personnel working with your instance of Workplace in accordance with Meta standards.
      Meta shall provide personal ID cards with picture and written name to all personnel working with your instance of Workplace. ID cards shall be required for entry to all Meta facilities.
    3. Personnel Security Breach
      Meta will establish sanctions for unauthorized or impermissible access to Your Data by Meta personnel, including punishments up to and including termination.
  8. Security Testing
    Meta shall perform regular security and vulnerability testing to assess whether key controls are implemented properly and are effective.
  9. Access Control
    1. User Password Management
      Meta shall have an established process for User Password Management, designed to ensure passwords are personal and inaccessible for unauthorized persons, including at minimum:
      • Password provisioning, including verifying the identity of the user prior to a new, replacement or temporary password.
      • Encrypting all passwords when stored in computer systems or in transit over the network.
      • Altering all default passwords from vendors.
      • Strong passwords relative to their intended use.
      • User awareness.
    2. User Access Management
      Meta will implement a process for changing and / or revoking access rights and user IDs, without undue delay. Meta shall have procedures for reporting and revoking compromised access credentials (passwords, tokens etc.) 24/7. Meta shall implement appropriate security logs including userid and timestamp. Clock shall be synchronized with NTP.
      The following minimum events shall be logged:
      • Authorization Changes;
      • Failed and successful authentication and access attempts; and
      • Read and write operations.
  10. Communications Security
    1. Network Security
      Meta shall employ technology that is consistent with industry standards for network segregation.
      Remote network access shall require encrypted communication by use of secured protocols, and use of multi-factor authentication.
    2. Protection of Data in Transit
      Meta will enforce use of appropriate protocols designed to protect the confidentiality of data in transit over public networks.
  11. Operational Security
    Meta will institute and maintain a vulnerability management program for Workplace that includes definition of roles and responsibilities, dedicated ownership of vulnerability monitoring, vulnerability risk assessment and patch deployment.
  12. Security Incident Management
    Meta shall establish and maintain a security incident response plan for monitoring, detecting and handling possible security incidents affecting your instance of Workplace. The security incident response plan at least shall include definition of roles and responsibility, communication and post mortem reviews, including root cause analysis and remediation plans.
    Meta will monitor Workplace for any security breaches and malicious activity. The monitoring process and detection techniques shall be designed to enable detection of security incidents affecting your instance of Workplace according to relevant threats and ongoing threat intelligence.
  13. Business Continuity
    Meta shall maintain a business continuity plan for responding to emergency or other critical situations that could damage your instance of Workplace. Meta shall formally review its business continuity plan at least once a year.
Effective Date: 1 March 2024