Empowering our global customers to thrive has always been at Workday’s core and in today's dynamic geopolitical and AI regulatory landscape, particularly in the European Union, we are focused on providing customers with the tools and assurances they need to confidently adapt to today’s uncertainty.
Empowering our global customers to thrive has always been at Workday’s core. We provide customers with best-in-class innovations to help them manage their people and their money, and in today's dynamic geopolitical and AI regulatory landscape, particularly in the European Union (EU), we are focused on providing customers with the tools to scale and grow, and the assurances they need to confidently adapt to change.
Europe is a strategic priority for Workday; since 2008, we've invested significantly, established a robust presence with over 4,400 employees, and supported more than 2,200 European-headquartered customers. Building on our long-standing commitment, we prioritise security, transparency, and customer control over data, helping customers to navigate current uncertainties with confidence.
Data residency is about more than just storage; it's about trust, control, and ensuring customer data is supported with the utmost care. We are committed to ensuring that core data for EU-headquartered customers resides within the region. We've established robust data hosting locations in European centres such as Belgium, Germany, and Ireland, with plans for further expansion. Although Workday is headquartered in the U.S., Workday applications hosted in EU locations are managed by Workday Europe. This region has its own dedicated board of directors, composed entirely of European nationals, and operates under European law, ensuring local oversight and adherence to EU-specific standards and regulations. All of these locations also adhere to strict physical and environmental security measures and compliance standards, providing a secure home for critical information.
We are committed to ensuring that core data for EU-headquartered customers resides within the region. We've established robust data hosting locations in European centres such as Belgium, Germany, and Ireland, with plans for further expansion.
We also recognise that AI innovation is integral to the evolving needs of our EU customers and an area of focus given the changing regulatory environment for AI. Well before any AI legislation was enacted, we established a responsible AI team within Workday and held ourselves accountable to a set of governing principles. With respect to data, we offer customers direct control in deciding how data is used for training and improvements, giving them flexibility to tailor their Workday implementation and personalise AI models like AI Agents – all directly within the EU.
We also empower customers with control over who can access their data and support their Workday experience. Through our EU Support Access Policy, they have the option to limit access to their core data to Workday employees based within Europe or in countries that the European Commission deems to provide an adequate level of data protection. This ensures their data remains supported by personnel who meet their specific requirements.
From the start, data privacy, security and compliance have been part of the DNA of Workday's products and services. We don't just meet regulatory requirements; we empower our customers with the tools and assurances needed to achieve their own compliance objectives. We deliver a robust, globally implemented security model featuring advanced encryption, granular access controls, continuous audit trails, and rigorous independent security assessments. Driven by a "privacy by design" philosophy, data protection is deeply integrated into our system's architecture and development. Workday is also configurable, meaning customers can apply security controls to meet their own level of protection based on the industry and region they’re in. Our proactive commitment to the GDPR is evident in our leadership in European data protection. We were instrumental in developing the EU Cloud Code of Conduct as part of the General Assembly and were the first to attest adherence, demonstrating our strong commitment to data protection and transparency. Our core enterprise products are certified to internationally recognised standards like ISO 27001, 27017, 27018, and 27701, reinforcing our robust privacy programme. We actively support government-to-government frameworks like the EU-US Data Privacy Framework, have approval of our Processor Binding Corporate Rules, and incorporate the European Commission's Standard Contractual Clauses into our customer contracts. This comprehensive approach ensures our customers' data is protected.
From the start, data privacy, security and compliance have been part of the DNA of Workday's products and services. We don't just meet regulatory requirements; we empower our customers with the tools and assurances needed to achieve their own compliance objectives.
Since our founding 20 years ago, Workday has never been compelled to turn over customer data in response to any law enforcement organisation or any government entity. We have published eight separate bi-annual Transparency Reports and each has said the same: that we have never once provided data in response to a government requestor. Those same Transparency Reports make clear our commitment to customers that should we ever get a government request for any customer’s data, we will redirect the agency to make the request directly to our customer, and in the unlikely event we aren’t successful, we’ll use all reasonable and lawful efforts to challenge the request. In the unlikely event that ongoing trade and tariff disputes were to escalate into unfortunate government orders seeking to curtail Workday’s lawful services in any European country, we are dedicated to pursuing every reasonable means to oppose those orders and ensure service continuity. We are also prepared to strongly defend our customers and their data against any unjustified or invasive governmental actions.
We don't just focus on our own compliance; we actively work with European regulators to foster a mutual understanding and to reinforce our commitment to building trustworthy technology for European users. We vigorously advocate for global policies that safeguard customer data privacy within practical regulatory frameworks. In addition, we have been actively engaging with the European Commission on the EU AI Act and other governments globally to ensure workable, risk-based approaches to AI governance that support the benefits of responsibly implemented AI and drive continued innovation.
Our proven track record includes supporting numerous clients in highly regulated EMEA industries such as financial services, oil and gas, and pharmaceuticals, all of whom rely on Workday to meet complex compliance needs while achieving their business goals.
Innovation has been a core value at Workday since day one, and we are rapidly expanding our investment in next-generation technologies. In Dublin, Ireland, our strategic innovation hub, 80% of our local workforce is dedicated to product research and development. This powerhouse is central to Workday's global innovation, driving the creation of transformative products like Workday Learning, Help, and Assistant. Our commitment extends beyond our internal work; we are deeply involved in nurturing the Irish innovation ecosystem through strategic academic partnerships and active policy engagement.
Our dedication to the EU market is unwavering, and we're investing strategically in solutions that address customers’ needs and meet the demands of the evolving data sovereignty conversation.
Beyond Dublin, Workday's Innovation Labs in Amsterdam, Paris, and Zurich are powerhouses focused on tackling the most critical business challenges, from supply chain optimisation to regulatory risk management.
We actively lead the way in helping customers navigate this quickly-changing landscape. Our dedication to the EU market is unwavering, and we're investing strategically in solutions that address customers’ needs and meet the demands of the evolving data sovereignty conversation.
More Reading
Enterprise data is growing faster than many governance strategies can keep up. For data leaders, implementing the right strategy—and the right technology to support it—can make all the difference.
Watch the highlights from the final day, including insights from the winners of the Workday Customer Awards and why Workday’s Rogerio Almeida thinks this was the biggest and best Rising EMEA ever!
Watch the highlights from day two, including this year’s Innovation Keynote and insights from forward thinker Mo Gawdat.