All apps

Is BambooHR safe with your data?

C
BambooHR icon

BambooHR

BambooHR LLC

50/100

Partial disclosure · high confidence

BambooHR earns a C (50/100) because it discloses its data practices only in part.

#97

of 211 apps ranked

50

score · HR & recruiting avg 55

-5

vs category average

Grade scaleA · 70–100B · 60–69C · 48–59D · 35–47F · 0–34

BambooHR discloses user access and portability rights, post-closure data download windows, retention periods, and basic security measures, but is silent on AI training use and lacks detailed vendor lists or breach timelines.

What BambooHR's privacy policy and terms of service say about your data

D2.1-D2.4 (Data Rights)

You have the right to view, request copies, delete, transfer, and update your Personal Information

D5.3 (Data Categories)

We collect your name, title, business phone number and email address...resume...photograph, signature, social security number...health insurance information

D3.2 (Post-Closure Access)

You will continue to have the ability to download Customer Data for 30 days after the effective date of expiration or termination

D1.1-D1.3 (Training Silence)

[SILENT: no disclosure of whether inputs are used to train models or any AI training practices]

What the policy is silent or vague on

  • Not stated: keeping user inputs out of model training
  • Not stated: a way to opt out of training
  • Not stated: whether training use differs by plan
  • Not stated: shorter retention for AI conversation logs

BambooHR privacy rating

Training-data use0 of 4 disclosed
Keeps user inputs out of model training, or makes training opt-inSilent
Names a way to opt out of or into trainingSilent
Says whether training use differs by plan or tierSilent
Lets the user keep ownership of generated outputsPartial
Data-subject rights4 of 5 disclosed
Grants a right to access your dataDisclosed
Grants a right to delete your dataDisclosed
Offers data portability in a usable formatDisclosed
Grants a right to correct your dataDisclosed
Grants a way to object to or opt out of processingPartial
Retention and deletion0 of 4 disclosed
States a retention period for your dataPartial
States a deletion timeline after closure or requestPartial
Sets a shorter retention for AI conversation logsSilent
Commits to collecting only the data it needsSilent
Third-party sharing1 of 5 disclosed
Lists the categories of third parties it shares withDisclosed
References a sub-processor list or data processing agreementPartial
Does not sell or share data for advertising, or offers opt-outSilent
Names a safeguard for international data transfersPartial
States a standard for government and law-enforcement accessPartial
Transparency2 of 4 disclosed
Discloses that you are interacting with AISilent
Marks AI-generated or synthetic outputNot applicable
Enumerates the categories of data it collectsDisclosed
Maps processing purposes to legal basesPartial
Is versioned and dated, with change noticeDisclosed
Sensitive data and children2 of 3 disclosed
Discloses automated decisions and a human-review pathDisclosed
Limits the use of special-category dataPartial
Governs biometric data specificallyNot applicable
States protections for children's dataDisclosed
Security and accountability0 of 3 disclosed
Describes its security safeguardsPartial
Commits to breach notificationPartial
Names a certification or a privacy contactPartial
DisclosedPartialSilentAdverseNot applicable

Details

Category
HR & recruiting
Modalities
text
Processes biometrics
No
Policy last updated
2025-09-01
Region scored
Global / US-default
Last assessed
2026-07-08

Documents examined

Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.

Is BambooHR safe with your data? Grade C | AI App Trust & Transparency Index