Our top priority is protecting & securing your data.
At Paylocity, we are committed to maintaining the highest level of security to safeguard client data. Using a combination of technology, compliance practices, and policies – we are able to foster a culture of security to monitor and protect your data 24 hours a day, 7 days a week.
To learn more about our information security controls and practices, click here.
- Paylocity’s infrastructure is hosted with primary and secondary data centers located and operated in the United States.
- Customer data is encrypted leveraging standard 256-bit AES encryption HTTPS (TLS), TLS over SMTP or via SFTP.
- All of your data is securely backed up in real-time to an offsite location in the U.S. to ensure your data is preserved and always available for retention if necessary.
For more details on business continuity and disaster recovery, click here.
Paylocity employs 24/7 threat monitoring solutions to detect any intrusion attempts. Additionally, we perform rigorous annual vulnerability testing and frequent penetration testing on our systems and applications to identify and correct potential risks.
Compliance & Audits
- Paylocity ensures full compliance with California SB 1386 and Massachusetts 201 CMR 17.00 privacy laws, as well as the applicable laws in all of the other states.
- Paylocity undergoes an annual SSAE-16 SOC I Type II audit by an independent third party audit firm.
To request our SSAE16 Report, please contact your Paylocity Sales Professional.
Paylocity participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. Paylocity is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles.
Personnel & Facilities
- All Paylocity employees undergo comprehensive background checks.
- All of our employees are required to complete annual security training.
- Paylocity headquarters is protected by a 24/7 security monitoring system with controlled access.