Last updated: March 27, 2026
PayrollXL (“we,” “us,” “our”)
Address: 5 Smith Circle, Lakeville, MA 02347, United States
This Privacy Policy describes how we collect, use, disclose, and protect personal information when you use our websites, applications, and payroll-related services (collectively, the “Services”).
By using the Services, you agree to this Privacy Policy. If you do not agree, please do not use the Services.
This policy is provided for general information and is not legal advice. Consult qualified counsel for your specific situation.
This policy applies to visitors to our websites; users who register for or use the Services; and individuals whose information is submitted through the Services in connection with payroll and employment (for example, employees whose data is entered by an employer or authorized user).
We provide the Services in the United States. This policy is intended for U.S. users and organizations.
For personal information we collect and use to operate PayrollXL and provide the Services to our customers, we act as a data controller (we determine how and why that information is processed in accordance with this policy and our agreements with customers).
Where we process personal information on behalf of a customer (for example, an employer) strictly under their instructions, our customer agreement and any data processing terms may also apply.
Depending on how you use the Services, this may include:
When you use the Services, we may automatically collect:
We capture and process IP addresses when users log in to the Services. We use this information for security, fraud prevention, authentication, troubleshooting, audit logging, and compliance with our policies and applicable law.
We may receive information from your employer or organization that authorizes your access; payment processors (for billing); and other service providers that assist us in operating the Services.
We do not use your personal information for targeted advertising, and we do not “sell” personal information in the sense often used in U.S. state privacy laws (see Section 10).
We use personal information to provide, operate, maintain, and improve the Services; create and manage accounts; authenticate users and protect account security; process payroll, benefits, and related functions as directed by authorized users; process payments and billing (through Stripe, as applicable); host and run the Services (using Digital Ocean and other infrastructure); detect, prevent, and investigate fraud, abuse, and security incidents; communicate with you about the Services; comply with legal obligations and enforce our terms and policies; and analyze usage in aggregated or de-identified form where permitted.
We use trusted service providers who process information on our behalf under contractual obligations, including:
We may use additional providers for email delivery, security monitoring, backups, or support. We share only what they need to perform their services.
If you use the Services through an employer or other organization, we may share information with that organization as needed to provide the Services.
We may disclose information if we believe in good faith that disclosure is necessary to comply with law, regulation, or legal process; respond to lawful requests from public authorities; or protect our rights, privacy, safety, or property, or that of our users or others.
If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, personal information may be transferred as part of that transaction, subject to appropriate confidentiality and notice as required by law.
Payments may be processed by Stripe. Payment card and certain payment details are handled according to Stripe’s terms and privacy policy. We do not store full payment card numbers on our servers when Stripe handles that data.
We may use cookies and similar technologies for essential operation, security, preferences, and limited analytics. We do not use cookies for targeted advertising across third-party websites.
You can control cookies through your browser settings; some features may not work if cookies are disabled.
We retain personal information for as long as necessary to provide the Services and operate PayrollXL; meet legal, tax, and payroll recordkeeping requirements (which may require longer retention for certain payroll and tax records); resolve disputes; and enforce our agreements. Retention periods can vary by data type and legal obligation.
We implement reasonable administrative, technical, and organizational safeguards designed to protect personal information appropriate to the sensitivity of payroll and financial data. No method of transmission or storage is completely secure.
Depending on where you live, you may have rights under U.S. state privacy laws (such as the California Consumer Privacy Act / California Privacy Rights Act, and similar laws in other states) to know what personal information we collect and how we use it; request access to or deletion of certain personal information; correct inaccurate personal information; and opt out of certain types of sharing.
We do not “sell” personal information and we do not use it for cross-context behavioral advertising as those terms are commonly defined in U.S. state laws.
To exercise rights, contact us using the email in Section 12. We will verify your request as required by law. If we process data on behalf of an organization, we may route certain requests through that organization where appropriate.
The Services are not directed to children under 16. We do not knowingly collect personal information from children. If you believe we have, contact us and we will take appropriate steps.
We may update this Privacy Policy from time to time. We will post the updated version and revise the “Last updated” date. If changes are material, we will provide additional notice as appropriate.
For privacy questions or requests, contact us by email at:
PayrollXL
5 Smith Circle
Lakeville, MA 02347
United States