Types of Data collected
Among the types of Personal Data that this Application collects, by itself or through third parties, there are: Cookies; Usage Data; device information; purchase history; unique device identifiers for advertising (Google Advertiser ID or IDFA, for example); various types of Data; first name; last name; date of birth; phone number; physical address; email address; password; company name; country; state; ZIP/Postal code; city; profile picture; billing address; house number; language; Email; geographic position; Data communicated while using the service; gender; precise location.
Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection.
Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Application.
Unless specified otherwise, all Data requested by this Application is mandatory and failure to provide this Data may make it impossible for this Application to provide its services. In cases where this Application specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences to the availability or the functioning of the Service.
Users who are uncertain about which Personal Data is mandatory are welcome to contact the Owner.
Any use of Cookies – or of other tracking tools — by this Application or by the owners of third-party services used by this Application serves the purpose of providing the Service required by the User, in addition to any other purposes described in the present document and in the Cookie Policy.
Users are responsible for any third-party Personal Data obtained, published or shared through this Application.
Mode and place of processing the Data
Methods of processing
The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Application (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time.
Place
The Data is processed at the Owner’s operating offices and in any other places where the parties involved in the processing are located.
Depending on the User’s location, data transfers may involve transferring the User’s Data to a country other than their own. To find out more about the place of processing of such transferred Data, Users can check the section containing details about the processing of Personal Data.
Retention time
Unless specified otherwise in this document, Personal Data shall be processed and stored for as long as required by the purpose they have been collected for and may be retained for longer due to applicable legal obligation or based on the Users’ consent.
The purposes of processing
The Data concerning the User is collected to allow the Owner to provide its Service, comply with its legal obligations, respond to enforcement requests, protect its rights and interests (or those of its Users or third parties), detect any malicious or fraudulent activity, as well as the following: Access to third-party accounts, Analytics, Remarketing and behavioral targeting, Handling payments, Backup saving and management, Hosting and backend infrastructure, Advertising, Data transfer outside the EU, Registration and authentication provided directly by this Application, User database management, Interaction with external social networks and platforms, Location-based interactions, Displaying content from external platforms, Tag Management, Managing contacts and sending messages, Infrastructure monitoring, Contacting the User, Managing landing and invitation pages, Managing support and contact requests, Interaction with support and feedback platforms, Commercial affiliation, Content commenting, Registration and authentication, Interaction with live chat platforms, Platform services and hosting, Heat mapping and session recording, Managing data collection and online surveys and Interaction with data collection platforms and other third parties.
For specific information about the Personal Data used for each purpose, the User may refer to the section “Detailed information on the processing of Personal Data”.
Detailed information on the processing of Personal Data
Personal Data is collected for the following purposes and using the following services:
- Access to third-party accountsThis type of service allows this Application to access Data from your account on a third-party service and perform actions with it.
These services are not activated automatically, but require explicit authorization by the User.Stripe account access (Stripe Inc)This service allows this Application to connect with the User’s account on Stripe, provided by Stripe, Inc.Personal Data processed: various types of Data as specified in the privacy policy of the service.Place of processing: United States – Privacy Policy.Twitter account access (X Corp.)This service allows this Application to connect with the User’s account on the Twitter social network, provided by Twitter, Inc.Personal Data processed: various types of Data as specified in the privacy policy of the service.Place of processing: United States – Privacy Policy. - AdvertisingThis type of service allows User Data to be utilized for advertising communication purposes. These communications are displayed in the form of banners and other advertisements on this Application, possibly based on User interests.
This does not mean that all Personal Data are used for this purpose. Information and conditions of use are shown below.
Some of the services listed below may use Trackers to identify Users or they may use the behavioral retargeting technique, i.e. displaying ads tailored to the User’s interests and behavior, including those detected outside this Application. For more information, please check the privacy policies of the relevant services.
Services of this kind usually offer the possibility to opt out of such tracking. In addition to any opt-out feature offered by any of the services below, Users may learn more on how to generally opt out of interest-based advertising within the dedicated section “How to opt-out of interest-based advertising” in this document.Microsoft Advertising (Microsoft Corporation)Microsoft Advertising is an advertising service provided by Microsoft Corporation.Personal Data processed: Cookies; Usage Data.Place of processing: United States – Privacy Policy – Opt Out.Meta ads conversion tracking (Meta pixel) (Meta Platforms, Inc.)Meta ads conversion tracking (Meta pixel) is an analytics service provided by Meta Platforms, Inc. that connects data from the Meta Audience Network with actions performed on this Application. The Meta pixel tracks conversions that can be attributed to ads on Facebook, Instagram and Meta Audience Network.Personal Data processed: Trackers; Usage Data.Place of processing: United States – Privacy Policy – Opt out.Google Ads conversion tracking (Google LLC)Google Ads conversion tracking is an analytics service provided by Google LLC that connects data from the Google Ads advertising network with actions performed on this Application.Personal Data processed: Trackers; Usage Data.Place of processing: United States – Privacy Policy.LinkedIn conversion tracking (LinkedIn Insight Tag) (LinkedIn Corporation)LinkedIn conversion tracking (LinkedIn Insight Tag) is an analytics and behavioral targeting service provided by LinkedIn Corporation that connects data from the LinkedIn advertising network with actions performed on this Application. The LinkedIn Insight Tag tracks conversions that can be attributed to LinkedIn ads and enables to target groups of Users on the base of their past use of this Application. Users may opt out of behavioral targeting features through their device settings, their LinkedIn account settings or by visiting the AdChoices opt-out page.Personal Data processed: device information; Trackers; Usage Data.Place of processing: United States – Privacy Policy.X Ads conversion tracking (X Corp.)X Ads conversion tracking is an analytics service provided by X Corp. that connects data from the X advertising network with actions performed on this Application.Personal Data processed: Trackers; Usage Data.Place of processing: United States – Privacy Policy.Outbrain (Outbrain Inc.)Outbrain is an advertising service provided by Outbrain Inc.Personal Data processed: Cookies; various types of Data as specified in the privacy policy of the service.Place of processing: United States – Privacy Policy – Opt Out.Taboola (Taboola Inc.)Taboola is an advertising service provided by Taboola Inc.Personal Data processed: Cookies; Usage Data.Place of processing: United States – Privacy Policy – Opt Out.Meta Audience Network (Meta Platforms, Inc.)Meta Audience Network is an advertising service provided by Meta Platforms, Inc. In order to understand Facebook’s use of Data, consult Facebook’s data policy. This Application may use identifiers for mobile devices (including Android Advertising ID or Advertising Identifier for iOS, respectively) and technologies similar to cookies to run the Meta Audience Network service. One of the ways Audience Network shows ads is by using the User’s ad preferences. The User can control this in the Facebook ad settings. Users may opt-out of certain Audience Network targeting through applicable device settings, such as the device advertising settings for mobile phones or by following the instructions in other Audience Network related sections of this privacy policy, if available.Personal Data processed: Cookies; unique device identifiers for advertising (Google Advertiser ID or IDFA, for example); Usage Data.Place of processing: United States – Privacy Policy – Opt Out.Adform (Adform A/S)Adform is an advertising service provided by Adform A/S.Personal Data processed: Cookies; Usage Data.Place of processing: Denmark – Privacy Policy – Opt Out.adbility media (adbility media GmbH)adbility media is an advertising service provided by adbility media GmbH.Personal Data processed: Cookies; Usage Data.TikTok AdsUsers names, email and/or ip address, telephone numbers, and other personal information is collected when users create TikTok accounts or when the TikTok platform is accessed.360 E-Com (Euvic 360e-com Sp. z o.o.)360 E-Com is an advertising service provided by Euvic 360e-com Sp. z o.o.Personal Data processed: Tracker; Usage Data.Place of processing: Poland – Privacy Policy. - AnalyticsThe services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.Google Analytics (Google LLC)Google Analytics is a web analysis service provided by Google LLC (“Google”). Google utilizes the Data collected to track and examine the use of this Application, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.Personal Data processed: Cookies; Usage Data.Place of processing: United States – Privacy Policy – Opt Out.Analytics collected directly (this Application)This Application uses an internal analytics system that does not involve third parties.Personal Data processed: Cookies; Usage Data.Google Analytics Advertising Reporting Features (Google LLC)Google Analytics on this Application has Advertising Reporting Features activated, which collects additional information from the DoubleClick cookie (web activity) and from device advertising IDs (app activity). It allows the Owner to analyze specific behavior and interests Data (traffic Data and Users’ ads interaction Data) and, if enabled, demographic Data (information about the age and gender). Users can opt out of Google’s use of cookies by visiting Google’s Ads Settings.Personal Data processed: Tracker; unique device identifiers for advertising (Google Advertiser ID or IDFA, for example); various types of Data as specified in the privacy policy of the service.Place of processing: United States – Privacy Policy – Opt Out.HubSpot Analytics (HubSpot, Inc.)HubSpot Analytics is an analytics service provided by HubSpot, Inc.Personal Data processed: Cookies; Usage Data.Place of processing: United States – Privacy Policy – Opt Out .Yandex Metrica (YANDEX, LLC)Yandex Metrica is an analytics and heat mapping service provided by YANDEX, LLC.
Yandex Metrica is used to display the areas of this Application that Users interact with most frequently. This shows where the points of interest are.Personal Data processed: Cookies; Usage Data.Place of processing: Russian Federation – Privacy Policy.Facebook Analytics for Apps (Meta Platforms, Inc.)Facebook Analytics for Apps is an analytics service provided by Meta Platforms, Inc.Personal Data processed: Tracker; Usage Data; various types of Data as specified in the privacy policy of the service.Place of processing: United States – Privacy Policy.Matomo (this Application)Matomo is an analytics software used by this Application to analyze data directly without the help of third parties.Personal Data processed: Cookies; Usage Data. - Backup saving and managementThis type of service allows the Owner to save and manage backups of this Application on external servers managed by the service provider itself. The backups may include the source code and content as well as the data that the User provides to this Application.Amazon Glacier (Amazon)Amazon Glacier is a service to save and manage backups provided by Amazon Web Services Inc.Personal Data processed: various types of Data as specified in the privacy policy of the service.Place of processing: United States – Privacy Policy.Backup on Google Drive (Google LLC)Google Drive is a service to save and manage backups provided by Google LLC.Personal Data processed: various types of Data as specified in the privacy policy of the service.Place of processing: United States – Privacy Policy.
- Commercial affiliationThis type of service allows this Application to display advertisements for third-party products or services. Ads can be displayed either as advertising links or as banners using various kinds of graphics.
Clicks on the icon or banner posted on the Application are tracked by the third-party services listed below, and are shared with this Application.
For details of which data are collected, please refer to the privacy policy of each service.CJ Affiliate (Commission Junction LLC (part of Publicis Groupe))CJ Affiliate is a commercial affiliation service provided by Commission Junction LLC (part of Publicis Groupe).Personal Data processed: purchase history; Trackers; Usage Data.Place of processing: United States – Privacy Policy. - Contacting the UserMailing list or newsletter (this Application)By registering on the mailing list or for the newsletter, the User’s email address will be added to the contact list of those who may receive email messages containing information of commercial or promotional nature concerning this Application. Your email address might also be added to this list as a result of signing up to this Application or after making a purchase.Personal Data processed: email address; first name.Phone contact (this Application)Users that provided their phone number might be contacted for commercial or promotional purposes related to this Application, as well as for fulfilling support requests.Personal Data processed: phone number.
- Content commentingContent commenting services allow Users to make and publish their comments on the contents of this Application.
Depending on the settings chosen by the Owner, Users may also leave anonymous comments. If there is an email address among the Personal Data provided by the User, it may be used to send notifications of comments on the same content. Users are responsible for the content of their own comments.
If a content commenting service provided by third parties is installed, it may still collect web traffic data for the pages where the comment service is installed, even when Users do not use the content commenting service.Facebook Comments (Meta Platforms, Inc.)Facebook Comments is a content commenting service provided by Meta Platforms, Inc. enabling the User to leave comments and share them on the Facebook platform.Personal Data processed: Cookies; Usage Data.Place of processing: United States – Privacy Policy. - Displaying content from external platformsThis type of service allows you to view content hosted on external platforms directly from the pages of this Application and interact with them.
This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it.Google Fonts (Google LLC)Google Fonts is a typeface visualization service provided by Google LLC that allows this Application to incorporate content of this kind on its pages.Personal Data processed: Tracker; Usage Data.Place of processing: United States – Privacy Policy.YouTube video widget (Google LLC)YouTube is a video content visualization service provided by Google LLC that allows this Application to incorporate content of this kind on its pages.Personal Data processed: Cookies; Usage Data.Place of processing: United States – Privacy Policy. - Handling paymentsPayment processing services enable this Application to process payments by credit card, bank transfer or other means. To ensure greater security, this Application shares only the information necessary to execute the transaction with the financial intermediaries handling the transaction.
Some of these services may also enable the sending of timed messages to the User, such as emails containing invoices or notifications concerning the payment.Adyen (Adyen B.V.)Adyen is a payment service provided by Adyen B.V.Personal Data processed: various types of Data as specified in the privacy policy of the service.Place of processing: Netherlands – Privacy Policy.PayPal (PayPal Inc.)PayPal is a payment service provided by PayPal Inc., which allows Users to make online payments.Personal Data processed: various types of Data as specified in the privacy policy of the service.Place of processing: See the PayPal privacy policy – Privacy Policy.Stripe (Stripe Inc)Stripe is a payment service provided by Stripe Inc.Personal Data processed: various types of Data as specified in the privacy policy of the service.Place of processing: United States – Privacy Policy. - Heat mapping and session recordingHeat mapping services are used to display the areas of a page where Users most frequently move the mouse or click. This shows where the points of interest are. These services make it possible to monitor and analyze web traffic and keep track of User behavior.
Some of these services may record sessions and make them available for later visual playback.Hotjar Heat Maps & Recordings (Hotjar Ltd.)Hotjar is a session recording and heat mapping service provided by Hotjar Ltd.
Hotjar honors generic „Do Not Track” headers. This means the browser can tell its script not to collect any of the User’s data. This is a setting that is available in all major browsers. Find Hotjar’s opt-out information here.Personal Data processed: Cookies; Usage Data; various types of Data as specified in the privacy policy of the service.Place of processing: Malta – Privacy Policy – Opt Out. - Hosting and backend infrastructureThis type of service has the purpose of hosting Data and files that enable this Application to run and be distributed as well as to provide a ready-made infrastructure to run specific features or parts of this Application. Some of these services work through geographically distributed servers, making it difficult to determine the actual location where the Personal Data are stored.Amazon Web Services (AWS) (Amazon Web Services, Inc.)Amazon Web Services (AWS) is a hosting and backend service provided by Amazon Web Services, Inc.Personal Data processed: various types of Data as specified in the privacy policy of the service.Place of processing: Ireland – Privacy Policy.
- Infrastructure monitoringThis type of service allows this Application to monitor the use and behavior of its components so its performance, operation, maintenance and troubleshooting can be improved.
Which Personal Data are processed depends on the characteristics and mode of implementation of these services, whose function is to filter the activities of this Application.Logentries (RevelOps, Inc.)Logentries is a monitoring service provided by RevelOps, Inc.Personal Data processed: Usage Data; various types of Data as specified in the privacy policy of the service.Place of processing: United States – Privacy Policy.New Relic (New Relic)New Relic is a monitoring service provided by New Relic Inc.
The way New Relic is integrated means that it filters all traffic of this Application, i.e., communication between the Application and the User’s browser or device, while also allowing analytical data on this Application to be collected.Personal Data processed: Cookies; Usage Data; various types of Data as specified in the privacy policy of the service.Place of processing: United States – Privacy Policy.Uptime Robot (Buzpark Bilisim Tarim Urunleri Sanayi Tic. Ltd. Sti.)Uptime Robot is a monitoring service provided by Buzpark Bilisim Tarim Urunleri Sanayi Tic. Ltd. Sti.Personal Data processed: various types of Data as specified in the privacy policy of the service.Place of processing: Turkey – Privacy Policy.Web Performance (Web Performance, Inc.)Web Performance is a monitoring service provided by Web Performance, Inc.Web Performance is a monitoring service provided by Web Performance, Inc.Personal Data processed: Cookies; Usage Data.Place of processing: United States – Privacy Policy. - Interaction with data collection platforms and other third partiesThis type of service allows Users to interact with data collection platforms or other services directly from the pages of this Application for the purpose of saving and reusing data.
If one of these services is installed, it may collect browsing and Usage Data in the pages where it is installed, even if the Users do not actively use the service.Sleeknote (Netlify, Inc.)Sleeknote is a popup management service provided by Netlify, Inc. Users may opt out of such collection and use of Data by following the instructions provided by the Network Advertising Initiative (http://optout.networkadvertising.org/?c=1) and AdChoices (https://optout.aboutads.info/?c=2&lang=EN) or through applicable device settings, such as the device advertising settings for mobile devices or ads settings in general.Personal Data processed: Data communicated while using the service; device information; email address; first name; gender; language; last name; phone number; physical address; precise location; Trackers; Usage Data.Place of processing: Denmark – Privacy Policy. - Interaction with external social networks and platformsThis type of service allows interaction with social networks or other external platforms directly from the pages of this Application.
The interaction and information obtained through this Application are always subject to the User’s privacy settings for each social network.
This type of service might still collect traffic data for the pages where the service is installed, even when Users do not use it.
It is recommended to log out from the respective services in order to make sure that the processed data on this Application isn’t being connected back to the User’s profile.Facebook Like button and social widgets (Meta Platforms, Inc.)The Facebook Like button and social widgets are services allowing interaction with the Facebook social network provided by Meta Platforms, Inc.Personal Data processed: Cookies; Usage Data.Place of processing: United States – Privacy Policy.PayPal button and widgets (PayPal Inc.)The PayPal button and widgets are services allowing interaction with the PayPal platform provided by PayPal Inc.Personal Data processed: Cookies; Usage Data.Place of processing: See the PayPal privacy policy – Privacy Policy.Twitter Tweet button and social widgets (X Corp.)The Twitter Tweet button and social widgets are services allowing interaction with the Twitter social network provided by Twitter, Inc.Personal Data processed: Cookies; Usage Data.Place of processing: United States – Privacy Policy.LinkedIn button and social widgets (LinkedIn Corporation)The LinkedIn button and social widgets are services allowing interaction with the LinkedIn social network provided by LinkedIn Corporation.Personal Data processed: Cookies; Usage Data.Place of processing: United States – Privacy Policy. - Interaction with live chat platformsThis type of service allows Users to interact with third-party live chat platforms directly from the pages of this Application, in order to contact and be contacted by this Application‘s support service.
If one of these services is installed, it may collect browsing and Usage Data in the pages where it is installed, even if the Users do not actively use the service. Moreover, live chat conversations may be logged.Facebook Messenger Customer Chat (Meta Platforms, Inc.)The Facebook Messenger Customer Chat is a service for interacting with the Facebook Messenger live chat platform provided by Meta Platforms, Inc.Personal Data processed: Data communicated while using the service; Tracker; Usage Data.Place of processing: United States – Privacy Policy.Olark Widget (Habla, Inc.)The Olark Widget is a service for interacting with the Olark live chat platform provided by Habla, Inc.Personal Data processed: Cookies; Data communicated while using the service; Usage Data.Place of processing: United States – Privacy Policy. - Interaction with support and feedback platformsThis type of service allows Users to interact with third-party support and feedback platforms directly from the pages of this Application.
If one of these services is installed, it may collect browsing and Usage Data in the pages where it is installed, even if the Users do not actively use the service.Zendesk Widget (Zendesk, Inc.)The Zendesk Widget is a service for interacting with the Zendesk support and feedback platform provided by Zendesk Inc.Personal Data processed: Cookies; Usage Data.Place of processing: United States – Privacy Policy.Elevio Widget (Elevio Pty. Ltd.)The Elevio Widget is a service for interacting with the Elevio support and feedback platform provided by Elevio Pty. Ltd.Personal Data processed: Data communicated while using the service; Tracker; Usage Data.Place of processing: Australia – Privacy Policy.Dixa widgetLive chat support
The Dixa Widget is a service for interacting with the Dixa support and feedback platform provided by Dixa ApS.
Personal Data processed: Data communicated while using the service; Tracker; Usage Data.
Place of processing: European Union – https://www.dixa.com/legal/privacy/ - Location-based interactionsGeolocation (this Application)This Application may collect, use, and share User location Data in order to provide location-based services.
Most browsers and devices provide tools to opt out from this feature by default. If explicit authorization has been provided, the User’s location data may be tracked by this Application.Personal Data processed: geographic position. - Managing contacts and sending messagesThis type of service makes it possible to manage a database of email contacts, phone contacts or any other contact information to communicate with the User.
These services may also collect data concerning the date and time when the message was viewed by the User, as well as when the User interacted with it, such as by clicking on links included in the message.HubSpot Email (HubSpot, Inc.)HubSpot Email is an email address management and message sending service provided by HubSpot, Inc.Personal Data processed: email address; Usage Data.Place of processing: United States – Privacy Policy.Mailchimp (Intuit Inc.)Mailchimp is an email address management and message sending service provided by Intuit Inc.Personal Data processed: email address.Place of processing: United States – Privacy Policy.Mandrill (The Rocket Science Group LLC)Mandrill is an email address management and message sending service provided by The Rocket Science Group, LLC.Personal Data processed: email address; Usage Data.Place of processing: United States – Privacy Policy.Rapidmail (rapidmail GmbH)Rapidmail is an email address management and message sending service provided by rapidmail GmbH.Personal Data processed: email address.Place of processing: Germany – Privacy Policy.ZapierPlain-English Privacy Policy
Welcome to Zapier! Here on the left you’ll find our plain-english privacy policy and the corresponding legal policy on the right.
We last updated this policy on January 22, 2018.
Onward!
Legal Privacy Policy
Date of Last Revision: January 22, 2018
Welcome to the web site (the “Site”) of Zapier, Inc. ( “Zapier”, “we”, “us” and/or “our”). This Site is operated by Zapier and has been created to provide information about our company and its content and data linking platform and related services (together with the Site, the “Service(s)”) to our Service visitors (“you”, “your”). This Privacy Policy sets forth Zapier’s policy with respect to information including personally identifiable data (“Personal Data”) and other information that is collected from visitors to the Site and Services.
PrivacyTrust Privacy Shield Certification: Click to Verify
Third-Party Service Integration
To use Zapier, we need to store credentials for third-party services (Gmail, Basecamp, etc). We store credentials encrypted in our database. They are only used to access data you tell us to. We log certain non-identifiable information to provide support and fix problems.
Our Service allows you to integrate and create commands for various online third-party services (“Third-Party Services”). In order to take advantage of this feature, you may need to authenticate, register for or log into Third-Party Services through the Service or on the websites of their respective providers. When you enable linking between or log in to Third-Party Services through the Service, we will collect relevant information necessary to enable the Service to access that Third-Party Service and your data and content contained within that Third-Party Service (“Login Credentials”). We store your Login Credentials long enough to enable linking to the Third-Party Service.
When you enable the Service to link content and data between Third-Party Services, the Third-Party Services will provide us with access to certain information that you may have provided to the Third-Party Services, and we will use, store and disclose such information in accordance with this Privacy Policy and the rules you set to govern the linking. However, please remember that the manner in which Third-Party Services use, store and disclose your information is governed by the policies of such Third-Party Services, and Zapier shall have no liability or responsibility for the privacy practices or other actions of any Third-Party Services that may be enabled within the Service.
We may retain certain personally non-identifiable information related to the data or content linked between Third-Party Services (for example, date sent, link configuration, names of the Third-Party Services), for the purpose of improving our Services and as described below in the “Non-Identifiable Data” section.
Third-Party Payment Processor
We use a third party payment processor, Stripe, for all payments. Zapier does not store credit card details and instead relies on Stripe for this.
We use a third party payment processor to process payments made to us. In connection with the processing of such payments, we do not retain any personally identifiable information or any financial information such as credit card numbers. Rather, all such information is provided directly to our third party processor, Stripe, whose use of your personal information is governed by their privacy policy, which may be viewed at https://stripe.com/us/privacy.
Information We Collect
We ask for certain information like your name, email address, timezone, and account credentials to use Zapier. We use this information to run Zapier and other things mentioned in this Privacy policy (like logging and analytics).
For your convenience, we use cookies so you don’t have to log in every time you visit our website.
When you interact with us through the Services, we may collect Personal Data and other information from you, as further described below:
Personal Data That You Provide Through the Services: We collect Personal Data from you when you voluntarily provide such information, such as when you contact us with inquiries, respond to one of our surveys, register for access to the Zapier Services or use certain Zapier Services. Wherever Zapier collects Personal Data we make an effort to provide a link to this Privacy Policy. You can choose at any time to opt out by contacting support at contact@zapier.com, you can also contact us to opt out of your information being used for purposes other than it was originally collected.
By voluntarily providing us with Personal Data, you are consenting to our use of it in accordance with this Privacy Policy. If you provide Personal Data to the Services, you acknowledge and agree that such Personal Data may be transferred from your current location to the offices and servers of Zapier and the authorized third parties referred to herein located in the United States. The Personal Information that you provide can be accessed at any time through your account or you can contact our customer support at contact@zapier.com if you need help accessing your account.
Cookies: In operating the Services, we may use a technology called “cookies.” A cookie is a piece of information that the computer that hosts our Services gives to your browser when you access the Services. Our cookies help provide additional functionality to the Services and help us analyze Services usage more accurately. For instance, our Services may set a cookie on your browser that allows you to access the Services without needing to remember and then enter a password more than once during a visit to the Services. In all cases in which we use cookies, we will not collect Personal Data except with your permission. On most web browsers, you will find a “help” section on the toolbar. Please refer to this section for information on how to receive notification when you are receiving a new cookie and how to turn cookies off. We recommend that you leave cookies turned on because they allow you to take advantage of some of the Services’s features. Aggregated Personal Data: In an ongoing effort to better understand and serve the users of the Zapier Services, Zapier often conducts research on its customer demographics, interests and behavior based on the Personal Data and other information provided to us. This research may be compiled and analyzed on an aggregate basis, and Zapier may share this aggregate data with its affiliates, agents and business partners. This aggregate information does not identify you personally. Zapier may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.
We will keep any information that you provide to us until such time as you delete your account with the Zapier Service.
Our Use of Your Personal Data and Other Information
Zapier won’t sell or rent your personal information to a third party. Primarily, we use personal data to run Zapier. We may use personal data to provide you with predictions about other services you might be interested in on Zapier. If we intend to use your personal data in a way we have not mentioned, we will let you know when we collect that information.
Sometimes we aggregate user data anonymously to understand our customer base better.
Zapier will not sell or rent to any third party any of the personal information or data that you provide to us. Zapier uses the Personal Data you provide in a manner that is consistent with this Privacy Policy. If you provide Personal Data for a certain reason, we may use the Personal Data in connection with the reason for which it was provided. For instance, if you contact us by email, we will use the Personal Data you provide to answer your question or resolve your problem. Also, if you provide Personal Data in order to obtain access to the Zapier Services, we will use your Personal Data to provide you with access to such services and to monitor your use of such services. Zapier and its subsidiaries and affiliates (the “Zapier Related Companies”) may also use your Personal Data and other personally non-identifiable information collected through the Services to help us improve the content and functionality of the Services, to better understand our users and to improve the Zapier Services. Zapier and its affiliates may use this information to contact you in the future to tell you about services we believe will be of interest to you. If we do so, each communication we send you will contain instructions permitting you to “opt-out” of receiving future communications. In addition, if at any time you wish not to receive any future communications or you wish to have your name deleted from our mailing lists, please contact us as indicated below.
If Zapier intends on using any Personal Data in any manner that is not consistent with this Privacy Policy, you will be informed of such anticipated use prior to or at the time at which the Personal Data is collected.
Our Disclosure of Your Personal Data and Other Information
We don’t sell your personal data. If we work with partners or contractors, they may have limited access to your personal data but only so much to do their job.
If we sell the company, personal data may be included in the transfer.
You can visit the Services without providing any Personal Data. If you choose not to provide any Personal Data, you may not be able to use certain Zapier Services.
Zapier is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your Personal Data with certain third parties without further notice to you, as set forth below:
Business Transfers: As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets. In cases of onward transfer of personal information to third parties of data of EU and Swiss individuals received pursuant to the EU-U.S. and Swiss-U.S. Privacy Shield, Zapier remains liable. Related Companies: We may also share your Personal Data with our Related Companies for purposes consistent with this Privacy Policy. Agents, Consultants and Related Third Parties: Zapier, like many businesses, sometimes hires other companies to perform certain business-related functions. Examples of such functions include mailing information, maintaining databases and processing payments. When we employ another company to perform a function of this nature, we only provide them with the information that they need to perform their specific function. Legal Requirements: Zapier may disclose your Personal Data if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend the rights or property of Zapier, (iii) act in urgent circumstances to protect the personal safety of users of the Services or the public, or (iv) protect against legal liability.
EU-U.S. & Swiss-U.S. Privacy Shield
Zapier is EU-U.S. & Swiss-U.S. Privacy Shield compliant.
Zapier complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Zapier has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. Zapier is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.
In compliance with the Privacy Shield Principles, Zapier commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Zapier at: contact@zapier.com.
Zapier has further committed to refer unresolved Privacy Shield complaints to PrivacyTrust, an alternative dispute resolution provider located in the United Kingdom. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact Communications House, 26 York Street, London, W1U 6PZ for more information or to file a complaint. The services of Communications House are provided at no cost to you.
Finally, as a last resort and in limited situations, EU and Swiss individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.
In cases of onward transfer of personal information to third parties of data of EU and Swiss individuals received pursuant to the EU-U.S. and Swiss-U.S. Privacy Shield, Zapier remains liable.
Exclusions
This privacy policy only applies to private information we collect. If you post information in a public place, like our support forums, this is public information and can be shared and reproduced. Similarly, if you join a Zapier team account, certain of your personal information may be available to the team account holder and other team members.
This Privacy Policy does not apply to any Personal Data collected by Zapier other than Personal Data collected through the Services. This Privacy Policy shall not apply to any unsolicited information you provide to Zapier through the Services or through any other means. This includes, but is not limited to, information posted to any public areas of the Services, such as bulletin boards (collectively, “Public Areas”), any ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and Zapier shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.
If you are invited to join a Zapier team account, and you accept the invitation, you are agreeing that certain of your information will be shared with the team account holder and other team members. In particular, the team account holder will have access to your name, email address, avatar (if any) and task usage, and other team members will have access to your name, email address and avatar (if any). Any information you share via a team account, including Zaps you create or Third-Party Services you link to, will be available to all team members of the team account you have joined. You are solely responsible for any information you share via a team account, which is posted at your own risk.
Children
You must be 13 years old to use Zapier.
Zapier does not knowingly collect Personal Data from children under the age of 13. If you are under the age of 13, please do not submit any Personal Data through the Services. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Data on the Services without their permission. If you have reason to believe that a child under the age of 13 has provided Personal Data to Zapier through the Services, please contact us, and we will endeavor to delete that information from our databases.
Links to Other Web Sites
We link to a lot of third-party websites. Our privacy policy only governs our own website.
This Privacy Policy applies only to the Services. The Services may contain links to other web sites not operated or controlled by Zapier (the “Third-Party Sites”). The policies and procedures we described here do not apply to the Third-Party Sites. The links from the Services do not imply that Zapier endorses or has reviewed the Third-Party Sites. We suggest contacting those sites directly for information on their privacy policies.
Security
We take many steps to ensure your private information and account credentials are safe, including encryption and requiring two-factor authentication for our staff. To this end, if you find a security problem, contact us and we will fix it immediately. Keep in mind, emails and communications with us are not encrypted.
Zapier takes reasonable steps to protect the Personal Data provided via the Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. In particular, email sent to or from the Services may not be secure. Therefore, you should take special care in deciding what information you send to us via email. Please keep this in mind when disclosing any Personal Data to Zapier via the Internet.
Changes to Zapier’s Privacy Policy
If anything changes, we will let you know at least 14 days ahead of time via this website or an email.
The Services and our business may change from time to time. As a result, at times it may be necessary for Zapier to make changes to this Privacy Policy. Zapier reserves the right to update or modify this Privacy Policy at any time and from time to time. If we do this, we will post the changes to this Privacy Policy on this page and will indicate at the top of this page the date these terms were last revised. We will also notify you, either through the Service user interface, in an email notification or through other reasonable means. Please review this policy periodically, and especially before you provide any Personal Data. Any such changes will become effective no earlier than fourteen (14) days after they are posted, except that changes addressing new functions of the Service or changes made for legal reasons will be effective immediately. This Privacy Policy was last updated on the date indicated above. Your continued use of the Service after the date any such changes become effective constitutes your acceptance of the new Privacy Policy.
Other Terms
We also have a set of terms and conditions.
Your access to and use of the Services is subject to the Terms of Service at https://zapier.com/terms/
Contacting Zapier
Got questions? We want to hear from you! Contact us at contact@zapier.com.
To keep your Personal Data accurate, current, and complete, please contact us as specified below. We will take reasonable steps to update or correct Personal Data in our possession that you have previously submitted via the Services. Please also feel free to contact us if you have any questions about Zapier’s Privacy Policy or the information practices of the Services.
All disputes arising out of or relating to these Terms of Service will be submitted to the exclusive jurisdiction of a court of competent jurisdiction located in Wilmington, Delaware, and each party irrevocably consents to such personal jurisdiction and waives all objections to this venue.
You may contact us as follows: contact@zapier.com. - Managing data collection and online surveysThis type of service allows this Application to manage the creation, deployment, administration, distribution and analysis of online forms and surveys in order to collect, save and reuse Data from any responding Users.
The Personal Data collected depend on the information asked and provided by the Users in the corresponding online form.These services may be integrated with a wide range of third-party services to enable the Owner to take subsequent steps with the Data processed – e.g. managing contacts, sending messages, analytics, advertising and payment processing.Typeform (TYPEFORM S.L)Typeform is a form builder and data collection platform provided by TYPEFORM S.L.Personal Data processed: email address; first name; last name.Place of processing: Spain – Privacy Policy. - Managing landing and invitation pagesThis type of service helps with building and managing landing and invitation pages, i.e., pages for presenting a product or service, where you may add your contact information such as an email address.
Managing these pages means that these services will handle the Personal Data collected through the pages, including Usage Data.Unbounce (Unbounce Marketing Solutions Inc.)Unbounce is a landing page management service provided by Unbounce Marketing Solutions Inc., that allows this Application to collect the email addresses of Users interested in its service.
Unbounce allows the Owner to track and analyze the User response concerning web traffic or behavior regarding changes to the structure, text or any other component of the created landing pages.Personal Data processed: Cookies; email address; Usage Data.Place of processing: Canada – Privacy Policy. - Managing support and contact requestsThis type of service allows this Application to manage support and contact requests received via email or by other means, such as the contact form.
The Personal Data processed depend on the information provided by the User in the messages and the means used for communication (e.g. email address).Zendesk (Zendesk, Inc.)Zendesk is a support and contact request management service provided by Zendesk Inc.Personal Data processed: various types of Data as specified in the privacy policy of the service.Place of processing: United States – Privacy Policy. - Platform services and hostingThese services have the purpose of hosting and running key components of this Application, therefore allowing the provision of this Application from within a unified platform. Such platforms provide a wide range of tools to the Owner – e.g. analytics, user registration, commenting, database management, e-commerce, payment processing – that imply the collection and handling of Personal Data.
Some of these services work through geographically distributed servers, making it difficult to determine the actual location where the Personal Data are stored.Zoomhttps://zoom.us/gdpr
Privacy Policy
Updated: March 19th, 2019
Zoom Video Communications, Inc. (“Zoom”) is committed to protecting your privacy and ensuring you have a positive experience on our website and in using our products and services (collectively, “Products”). This policy covers the Zoom website zoom.us, mobile applications, and desktop clients and is applicable worldwide.
This policy outlines our handling practices and how we collect and use the Personal Data you provide during your online and offline interactions with us. As used in this Privacy Policy, “Personal Data” means any information that can be used to individually identify a person, and may include, but is not limited to, name, email address, postal or other physical address, credit or debit card number, title, and other personally identifiable information.
If you reside in the European Union (“EU”), United Kingdom, Lichtenstein, Norway, Iceland or Switzerland, you may have additional rights with respect to your Personal Data, as further outlined below. These rights may include rights under the EU’s General Data Protection Regulation (“GDPR”), if you are a resident of the EU, United Kingdom, Lichtenstein, Norway or Iceland.
Zoom Video Communications, Inc. will be the Controller of your Personal Data that is provided, collected and/or processed pursuant to this Privacy Policy in order to, for example, respond to requests for information or service, conclude a business transaction, provision the service, or otherwise for Zoom’s business purposes. Zoom will be a Processor of data that is entered into the service when a Customer uses the Services (see “User-Generated Information”, below.). If you have any questions about whether any of foregoing applies to you, please contact us using the information set forth in the “Contact Us” section below.
This policy may be updated from time to time for reasons such as operational practices or regulatory changes, so we recommend that you review our Privacy Policy when returning to our website. If we propose to make any material changes, we will notify you by means of a notice on this page prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
Collection of your Personal Data
We may collect, either as Controller or Processor, the following categories of Personal Data about you when you use or otherwise interact with our Service:
Name
Title
Email address
Home/work/mobile telephone number
Postal or other physical address
Credit/debit card information
Facebook profile information (when you use Facebook to log-in to our Products or to create an account for our Products)
IP addresses and other information collected passively, as further detailed in the “Passive Collection” section below
Device identifiers, as further described in the “Mobile Application” section below
Our servers automatically record certain information when you use the Service, including your IP address, operating system type and version, client version, IP addresses along the network path, and the MAC address of your internet connection (“Host Information”)
We also automatically record information about your usage of the Service, including actions taken, date and time, frequency, duration, quantity, quality, network connectivity, and performance information related to logins, clicks, messages, contacts, content shared, calls, use of video and screen sharing, meetings, cloud recording, and other feature usage information (“Usage Information”)
Other information you upload, provide, or create while using the Service (“User-Generated Information”), as further detailed in the “User Generated Information” section below
User-Generated Information
We collect and retain, generally as a Processor and in order to provide the Services, Personal Data and other information you upload, provide, or create while using the Service (“User-Generated Information”), including information related to:
Meetings: Meeting title, invitation content, participants, meeting link, date, time and duration. We collect activity recorded in the meeting (such as joining or leaving), including activity related to third-party integrations, together with the date, time, person engaged in the activity, and other participants in the meeting with the date, time, duration, and quality ratings that you provide. We route audio and video call content and screen sharing content between call participants, but we do not retain or store the content unless cloud recording is used.
Messages: Message content, sender and recipients, date, time, and read receipts. Content shared: Files and file names, sizes, and types
Whiteboards: Whiteboard content, snapshots, and background images
Status: Status information, for example about whether and when you are active, out of office, or have turned on Busy. You can choose whether or not to share status information with other users.
All messages and content you share in a meeting, including Personal Data about you or others, will be available to all other participants in that meeting.
If you share a meeting link with another user who is not already in the meeting, when that user tries to join the meeting he or she will be able to see the list of other users in the meeting, as well as other invitees joining the meeting.
Passive Collection
Zoom and our third-party service providers automatically collect some information about you when you use our Products, using methods such as cookies and tracking technologies (further described below). Information automatically collected includes Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the website and/or Products.
In addition, when you use some of our Products, network information is transmitted back to us such as Product usage information. This information is transmitted back to us, so we can determine how users are interacting with our Products, to assist us with improving our Products, and to correct any problems that may occur.
Mobile Application
When you download and use our Products, we automatically collect information on the type of device you use, operating system version, and the device identifier (or “UDID”). We send you push notifications from time-to-time in order to update you about any events or promotions that we may be running. If you no longer wish to receive these types of communications, you can turn them off at the device level. To ensure you receive proper notifications, we will need to collect certain information about your device such as operating system and user identification information.
Processing of your Personal Data
We will use your Personal Data only in accordance with our Privacy Policy. If you do not wish us to continue using your Personal Data in this manner, you can request that your account be deactivated by contacting us as specified in the “Contact Us” section.
We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity (i.e. processing that is necessary for the performance of a contract with you, such as your user agreement with us that allows us to provide you with the Products) and our “legitimate interests” or the legitimate interest of others (e.g. our users),
We process Personal Data when you use our website, desktop client and mobile applications to use or sign-up to use our Service for purposes such as:
Account configuration
Account maintenance
Enabling meetings and webinars between users and third-party participants
Hosting and storing personal data from meetings and webinars (only to provide the Service)
Personalizing, improving or operating our Service and business
Fulfilling requests you make related to the Service
Protecting, investigating and deterring against fraudulent, harmful, unauthorized or illegal activity
Providing reports based on information collected from use of our Service
Processing your orders and deliver the Service that you have ordered
Providing support and assistance for our Service
Providing the ability to create personal profile areas and view protected content
Providing the ability to contact you and provide you with shipping and billing information
Providing customer feedback and support
Complying with our contractual and legal obligations, resolving disputes with users, enforcing our agreements
We process Personal Data when you visit our website to:
To keep you up to date on the latest Product announcements, software updates, software upgrades, system enhancements, special offers, and other information
To provide customer feedback and support (zoom.us/support)
To provide and administer opt-in contests, sweepstakes or other marketing or promotional activities on the Zoom.us or affiliate websites
Providing you with information and offers from us or third parties
To the extent you choose to participate, to conduct questionnaires and surveys in order to provide better products and services to our customers and end users
To support recruitment inquiries (zoom.us/careers)
To personalize marketing communications and website content based on your preferences, such as in response to your request for specific information on products and services that may be of interest
To contact individuals that you refer to us and identify you as the source of the referral, in accordance with the “Referral” section below
Referrals
If you choose to use our referral service to tell a friend about our products, you represent that you have their consent to provide us your friend’s name and email address. We will automatically send your friend a one-time email inviting him or her to visit the website. Unless we are authorized by your friend, we will only use your friend’s name and email address for the purposes of sending this one-time email and maintaining an activity log of our referral program.
Choice
You can choose whether to provide Personal Data to Zoom, but note that you may be unable to access certain options, offers, and services if they require Personal Data that you have not provided. You can sign-up, and therefore consent, to receive email or newsletter communications from us. If you would like to discontinue receiving these communications, you can update your preferences by using the “Unsubscribe” link found in such emails or by contacting us using the information in the “Contact Us” section of this policy.
Data Subject Rights
You have certain rights with respect to your Personal Data as set forth below. Please note that in some circumstances, we may not be able to fully comply with your requests, or we may ask you to provide us with additional information in connection with your request, which may be Personal Data, for example, if we need to verify your identity or the nature of your request. In such situations, however, we will still respond to let you know of our decision.
To make any of the following requests, contact us using the contact details referred to in the “Contact Us” section of this policy.
Access: You can request more information about the Personal Data we hold about you. You can also request a copy of the Personal Data.
Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can also correct some of this information directly by logging into your service account. Please contact us as soon as possible upon noticing any such inaccuracy or incompleteness.
Objection: You can contact us to let us know that you object to the collection or use of your Personal Data for certain purposes.
Erasure: You can request that we erase some or all of your Personal Data from our systems. Data subjects who want their data deleted can do so by deactivating their account. Deactivation will delete all account usage and related information. If you are not a Zoom customer and would like your data deleted, please contact the data Controller directly about deleting information.
Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
Portability: You have the right to ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another entity where technically feasible.
Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Products.
Right to File Complaint: You have the right to lodge a complaint about Zoom’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.
Under certain circumstances we will not be able to fulfill your request, such as if it interferes with our regulatory obligations, affects legal matters, we cannot verify your identity, or it involves disproportionate cost or effort, but in any event we will respond to your request within a reasonable timeframe and provide you an explanation. In order to make such a request of us, please contact our Privacy Team at privacy@zoom.us.
Data Retention
How long we retain your Personal Data depends on the type of data and the purpose for which we process the data. We will retain your Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Notice unless a longer retention period is required or permitted by law.
Cookies and Tracking Technologies
Zoom and our partners use cookies or similar technologies to analyze trends, administer the website, track users’ movements around the website, and gather information about our user base, such as location information based on IP addresses. Users can control the use of cookies at the individual browser level. For more information regarding cookies or similar technologies, please review our Cookie Policy.
Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities over time and across different websites. Our Products do not support Do Not Track requests at this time, which means that we collect information about your online activity both while you are using the Products and after you leave our properties.
Interest-Based Advertisements
We partner with third parties to either display advertising on our website or to manage our advertising on other sites. Some of our third-party partners use technologies such as cookies and other technologies to gather information about your activities on this website, our affiliates’ websites, and unaffiliated websites in order to provide you advertising based upon your browsing activities and interests. With respect to our interest-based ads, we adhere to self-regulatory principles for online behavioral advertising issued by the Digital Advertising Alliance (“DAA”) and the European Interactive Digital Advertising Alliance (“EDAA”) (collectively, the “OBA Principles”). More information about the OBA Principles can be found at https://digitaladvertisingalliance.org/principles and https://www.edaa.eu/european-principles/. If you wish to not have information about your online activities over time and across different websites used for the purpose of serving you interest-based ads, you can opt-out by clicking here and here (or if located in the EU click here). Please note that (1) this does not opt you out of being served ads, and even if you opt out of interest-based ads, you will continue to receive generic ads and (2) we store your opt-out preference for interest-based ads in a cookie on your device, and therefore you may have to opt out again if you delete your cookies.
Geolocation
We collect information about where you are located when you are using our Products. We use this information for purposes such as optimizing your connection to our data center, supporting compliance, and suggesting customizations to your experience with our Products (e.g. your language preference).
Sharing your Personal Data
We do not sell or rent your Personal Data to third parties for any purposes, including marketing.
We share Personal Data within Zoom and its affiliated companies, and with third party service providers for purposes of data processing or storage.
We also share Personal Data with business partners, service vendors and/or authorized third-party agents or contractors in order to provide requested Products or transactions, including processing orders, processing credit card transactions, hosting websites, hosting event and seminar registration and providing customer support. We provide these third parties with Personal to complete/utilize the requested Product or transaction.
In some cases, we may choose to buy or sell assets. In these types of transactions, user information is typically one of the transferred business assets. Moreover, if we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Data as set forth in this policy. As required by law, we may respond to subpoenas, court orders, or similar legal process by disclosing your Personal Data and other related information, if necessary. We also may use Personal Data and other related information to establish or exercise our legal rights or defend against legal claims.
We collect and possibly share Personal Data and any other additional information available to us in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Zoom’s terms of service, or as otherwise required by law.
While navigating Zoom’s website or Products, you may be directed to content or functionality that is hosted by a third-party. When information is collected on behalf of Zoom exclusively, Zoom’s Privacy Policy will be referenced and will govern how your information is used. For other, non-Zoom sites or services, the site/service owner’s privacy policy will be referenced. You should review such third party’s privacy and security policies prior to use.
Security of your Personal Data
Zoom is committed to protecting the Personal Data you share with us. We utilize a combination of industry-standard security technologies, procedures, and organizational measures to help protect your Personal Data from unauthorized access, use or disclosure. When we transfer credit card information over the Internet, we protect it using Transport Layer Security (TLS) encryption technology.
We recommend you take every precaution in protecting your Personal Data when you are on the Internet. For example, change your passwords often, use a combination of upper and lower-case letters, numbers, and symbols when creating passwords, and make sure you use a secure browser. If you have any questions about the security of your Personal Data, you can contact us at privacy@zoom.us.
Linked websites and third-party services
Our websites and services may provide links to other third-party websites and services which are outside our control and not covered by this policy. We encourage you to review the privacy policies posted on these (and all) sites you visit or services you use.
Newsgroups/forums
If you participate in a Zoom discussion forum or chat room, you should be aware that the information you provide there will be made broadly available to others, potentially inside or outside Zoom, who have access to that discussion forum or chat room. Also, please recognize that individual forums and chat rooms may have additional rules and conditions. Each participant’s opinion on a forum or chat room is his or her own and should not be considered as reflecting the opinion of Zoom.
Meeting Recordings
If you use a feature of the Products that allows for Recordings (defined below), we collect information from you that you provide in connection with such use and through such Recordings, to the extent you provide it to us. This information may include Personal Data, if you provide us with Personal Data.
For hosts — By installing or using Zoom Rooms software or any other Zoom software, tool or feature that allows for meeting or Webinar recording (each, a “Recording”), you acknowledge and agree that you and your company are responsible for (i) clearly notifying all individuals (whether or not they are Zoom users) who are present in a meeting or Webinar (whether in-person or remotely) (each, an “Attendee”) for which you make a Recording that such meeting or Webinar might be recorded, and (ii) obtaining any consent necessary for such a recording as required by applicable laws, rules and regulations, including without limitation data privacy laws. By making a Recording of any meeting or Webinar using any Zoom Products, you and your company represent and warrant that (a) you have received legally sufficient consent from all Attendees for such recording prior to starting a Recording, (b) you will only make, use, store and otherwise process such Recording in accordance with all applicable laws, rules and regulations, including data protection laws and (c) you will store and otherwise restrict access to such Recordings using appropriate technical and organizational safeguards. Any person and/or entity who makes a Recording of a meeting or webinar shall be the data controller of that Recording, and Zoom will be the data processor with respect to the Recording.
For attendees – Please be advised that for any meetings or Webinars you attend, Recordings can be enabled by a meeting or webinar host. By signing up for Zoom’s services or otherwise using them in any way, including without limitation by attending any Zoom meeting or webinar, you expressly acknowledge that Zoom may, if instructed by a meeting host, make and store Recordings for Zoom meetings or webinars, and may make such recordings available to hosts and other Attendees at the direction of the host. A visual notification will be sent to Attendees who connect to a meeting or webinar via the Zoom web-based platform, and an audio notification will be sent to Attendees who dial-in by telephone only. A host may also send an audio notification to Attendees who are logged into the web platform, provided that you may not receive such notifications if you disable them in your account settings, so please check before each meeting or webinar if you want to receive the notifications. If you do not want to be recorded, you can choose to leave the meeting or webinar.
Transfer and Storage of Personal Data
Our Products are hosted and operated in the United States (“U.S.”) through Zoom and its service providers. We may transfer your Personal Data to the U.S., to any Zoom affiliate worldwide, or to third parties acting on our behalf for the purposes of processing or storage. By using any of our Products or providing any Personal Data for any of the purposes stated above, you consent to the transfer and storage of your Personal Data, whether provided by you or obtained through a third party, to the U.S. as set forth herein, including the hosting of such Personal Data on U.S. servers.
EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield
Zoom participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield. Zoom is committed to subjecting all Personal Data received from EU member countries, Switzerland, and the United Kingdom, in reliance on the Privacy Shield Frameworks, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List, https://www.privacyshield.gov/list.
Zoom is responsible for the processing of Personal Data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Zoom complies with the Privacy Shield Principles for all onward transfers of Personal Data from the EU, Switzerland, and the United Kingdom including the onward transfer liability provisions.
With respect to Personal Data received or transferred pursuant to the Privacy Shield Frameworks, Zoom is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Zoom may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you can invoke binding arbitration when other dispute resolution procedures have been exhausted.
Standard Contractual Clauses
In certain cases, Zoom will transfer Personal Data from the EU in accordance with the European Commission-approved Standard Contractual Clauses, a copy of which can be obtained at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32010D0087.
Contact Us
To address your individual rights or if you have any privacy-related questions or comments related to this privacy policy, please send an email to privacy@zoom.us . You can also contact us by writing to this address:
Zoom Video Communications, Inc.
Attention: Data Privacy Officer
55 Almaden Blvd, Suite 600
San Jose, CA 95113
If you reside in the EU, United Kingdom, Lichtenstein, Norway or Iceland, you can also contact our Data Protection Officer.
California Privacy Rights: Under California Civil Code sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of personal customer information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request the address above. - Registration and authenticationBy registering or authenticating, Users allow this Application to identify them and give them access to dedicated services.
Depending on what is described below, third parties may provide registration and authentication services. In this case, this Application will be able to access some Data, stored by these third-party services, for registration or identification purposes.
Some of the services listed below may also collect Personal Data for targeting and profiling purposes; to find out more, please refer to the description of each service.Linkedin OAuth (LinkedIn Corporation)Linkedin Oauth is a registration and authentication service provided by Linkedin Corporation and is connected to the Linkedin social network.Personal Data processed: Trackers; Usage Data; various types of Data as specified in the privacy policy of the service.Place of processing: United States – Privacy Policy.XING OAuth (XING AG)XING OAuth is a registration and authentication service provided by XING AG and is connected to the XING social network.Personal Data processed: various types of Data as specified in the privacy policy of the service.Place of processing: Germany – Privacy Policy.Facebook Authentication (Meta Platforms, Inc.)Facebook Authentication is a registration and authentication service provided by Meta Platforms, Inc. and is connected to the Facebook social network.Personal Data processed: Tracker; various types of Data as specified in the privacy policy of the service.Place of processing: United States – Privacy Policy.Adherence to the Google API Services User Data Policy and Limited Use Requirements (this Application)This Application‘s use or transfer to other apps of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.Personal Data processed: various types of Data as specified in the privacy policy of the service. - Registration and authentication provided directly by this ApplicationBy registering or authenticating, Users allow this Application to identify them and give them access to dedicated services. The Personal Data is collected and stored for registration or identification purposes only. The Data collected are only those necessary for the provision of the service requested by the Users.Direct registration (this Application)The User registers by filling out the registration form and providing the Personal Data directly to this Application.Personal Data processed: billing address; city; company name; country; date of birth; email address; first name; house number; language; last name; password; phone number; physical address; profile picture; state; various types of Data; ZIP/Postal code.
- Remarketing and behavioral targetingThis type of service allows this Application and its partners to inform, optimize and serve advertising based on past use of this Application by the User.
This activity is facilitated by tracking Usage Data and by using Trackers to collect information which is then transferred to the partners that manage the remarketing and behavioral targeting activity.
Some services offer a remarketing option based on email address lists.
Services of this kind usually offer the possibility to opt out of such tracking. In addition to any opt-out feature offered by any of the services below, Users may learn more on how to generally opt out of interest-based advertising within the dedicated section “How to opt-out of interest-based advertising” in this document.AdRoll (NextRoll, Inc.)AdRoll is an advertising service provided by NextRoll, Inc. AdRoll can serve targeted advertising on any device connected to the User, by processing their email address using a security technique called hashing.
AdRoll may also automatically collect certain types of data to serve personalized recommendations to the User, as stated in its privacy policy.Personal Data processed: device information; purchase history; Tracker; unique device identifiers for advertising (Google Advertiser ID or IDFA, for example); Usage Data; various types of Data.Place of processing: United States – Privacy Policy – Opt Out.Google Ads Remarketing (Google LLC)Google Ads Remarketing is a remarketing and behavioral targeting service provided by Google LLC that connects the activity of this Application with the Google Ads advertising network and the DoubleClick Cookie. In order to understand Google’s use of Data, consult Google’s partner policy. Users can opt out of Google’s use of Trackers for ads personalization by visiting Google’s Ads Settings.Personal Data processed: Cookies; Usage Data.Place of processing: United States – Privacy Policy – Opt Out.Facebook Remarketing (Meta Platforms, Inc.)Facebook Remarketing is a remarketing and behavioral targeting service provided by Meta Platforms, Inc. that connects the activity of this Application with the Facebook advertising network.Personal Data processed: Cookies; Usage Data.Place of processing: United States – Privacy Policy – Opt Out.Twitter Remarketing (X Corp.)Twitter Remarketing is a remarketing and behavioral targeting service provided by Twitter, Inc. that connects the activity of this Application with the Twitter advertising network.Personal Data processed: Cookies; Usage Data.Place of processing: United States – Privacy Policy.LinkedIn Website Retargeting (LinkedIn Corporation)LinkedIn Website Retargeting is a remarketing and behavioral targeting service provided by LinkedIn Corporation that connects the activity of this Application with the LinkedIn advertising network.Personal Data processed: Cookies; Usage Data.Place of processing: United States – Privacy Policy – Opt Out.Facebook Custom Audience (Meta Platforms, Inc.)Facebook Custom Audience is a remarketing and behavioral targeting service provided by Meta Platforms, Inc. that connects the activity of this Application with the Facebook advertising network. Users can opt out of Facebook’s use of Trackers for ads personalization by visiting this opt-out page.Personal Data processed: Cookies; email address.Place of processing: United States – Privacy Policy – Opt Out. - Tag ManagementThis type of service helps the Owner to manage the tags or scripts needed on this Application in a centralized fashion.
This results in the Users’ Data flowing through these services, potentially resulting in the retention of this Data.Google Tag ManagerGoogle Tag Manager is a tag management service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing.Personal Data processed: Usage Data.Place of processing: United States – Privacy Policy; Ireland – Privacy Policy. - User database managementThis type of service allows the Owner to build user profiles by starting from an email address, a personal name, or other information that the User provides to this Application, as well as to track User activities through analytics features. This Personal Data may also be matched with publicly available information about the User (such as social networks’ profiles) and used to build private profiles that the Owner can display and use for improving this Application.
Some of these services may also enable the sending of timed messages to the User, such as emails based on specific actions performed on this Application.Drip (Drip Global, Inc.)Drip is a User database management service provided by Drip Global, Inc. Drip leverages the User’s email address, which it can combine with Data that is gathered from this Application and other sources (if any, indicated within this privacy policy), to enable this Application to set up automations and communicate with Users in a personalized context and timing.Personal Data processed: Email; Tracker; Usage Data.Place of processing: United States – Privacy Policy.HubSpot CRM (HubSpot, Inc.)HubSpot CRM is a User database management service provided by HubSpot, Inc.Personal Data processed: email address; phone number; various types of Data as specified in the privacy policy of the service.Place of processing: United States – Privacy Policy.HubSpot Lead Management (HubSpot, Inc.)HubSpot Lead Management is a User database management service provided by HubSpot, Inc.Personal Data processed: various types of Data as specified in the privacy policy of the service.Place of processing: United States – Privacy Policy.ActiveCampaign (ActiveCampaign, Inc.)ActiveCampaign is a User database management service provided by ActiveCampaign, Inc.Personal Data processed: Cookies; email address; various types of Data as specified in the privacy policy of the service.Place of processing: United States – Privacy Policy.
Information on opting out of interest-based advertising
In addition to any opt-out feature provided by any of the services listed in this document, Users may learn more on how to generally opt out of interest-based advertising within the dedicated section of the Cookie Policy.
Cookie Policy
This Application uses Trackers. To learn more, Users may consult the Cookie Policy.
Further Information for Users
Legal basis of processing
The Owner may process Personal Data relating to Users if one of the following applies:
- Users have given their consent for one or more specific purposes.
- provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof;
- processing is necessary for compliance with a legal obligation to which the Owner is subject;
- processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Owner;
- processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.
In any case, the Owner will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
Further information about retention time
Unless specified otherwise in this document, Personal Data shall be processed and stored for as long as required by the purpose they have been collected for and may be retained for longer due to applicable legal obligation or based on the Users’ consent.
Therefore:
- Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
- Personal Data collected for the purposes of the Owner’s legitimate interests shall be retained as long as needed to fulfill such purposes. Users may find specific information regarding the legitimate interests pursued by the Owner within the relevant sections of this document or by contacting the Owner.
The Owner may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to fulfil a legal obligation or upon order of an authority.
Once the retention period expires, Personal Data shall be deleted. Therefore, the right of access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
The rights of Users based on the General Data Protection Regulation (GDPR)
Users may exercise certain rights regarding their Data processed by the Owner.
In particular, Users have the right to do the following, to the extent permitted by law:
- Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
- Object to processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent.
- Access their Data. Users have the right to learn if Data is being processed by the Owner, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
- Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
- Restrict the processing of their Data. Users have the right to restrict the processing of their Data. In this case, the Owner will not process their Data for any purpose other than storing it.
- Have their Personal Data deleted or otherwise removed. Users have the right to obtain the erasure of their Data from the Owner.
- Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance.
- Lodge a complaint. Users have the right to bring a claim before their competent data protection authority.
Users are also entitled to learn about the legal basis for Data transfers abroad including to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by the Owner to safeguard their Data.
Details about the right to object to processing
Where Personal Data is processed for a public interest, in the exercise of an official authority vested in the Owner or for the purposes of the legitimate interests pursued by the Owner, Users may object to such processing by providing a ground related to their particular situation to justify the objection.
Users must know that, however, should their Personal Data be processed for direct marketing purposes, they can object to that processing at any time, free of charge and without providing any justification. Where the User objects to processing for direct marketing purposes, the Personal Data will no longer be processed for such purposes. To learn whether the Owner is processing Personal Data for direct marketing purposes, Users may refer to the relevant sections of this document.
How to exercise these rights
Any requests to exercise User rights can be directed to the Owner through the contact details provided in this document. Such requests are free of charge and will be answered by the Owner as early as possible and always within one month, providing Users with the information required by law. Any rectification or erasure of Personal Data or restriction of processing will be communicated by the Owner to each recipient, if any, to whom the Personal Data has been disclosed unless this proves impossible or involves disproportionate effort. At the Users’ request, the Owner will inform them about those recipients.
Transfer of Personal Data outside of the European Union
Data transfer abroad based on standard contractual clauses
If this is the legal basis, the transfer of Personal Data from the EU to third countries is carried out by the Owner according to “standard contractual clauses” provided by the European Commission.
This means that Data recipients have committed to process Personal Data in compliance with the data protection standards set forth by EU data protection legislation. For further information, Users are requested to contact the Owner through the contact details provided in the present document.
Data transfer to countries that guarantee European standards
If this is the legal basis, the transfer of Personal Data from the EU to third countries is carried out according to an adequacy decision of the European Commission.
The European Commission adopts adequacy decisions for specific countries whenever it considers that country to possess and provide Personal Data protection standards comparable to those set forth by EU data protection legislation. Users can find an updated list of all adequacy decisions issued on the European Commission’s website.
Additional information about Data collection and processing
Legal action
The User’s Personal Data may be used for legal purposes by the Owner in Court or in the stages leading to possible legal action arising from improper use of this Application or the related Services.
The User declares to be aware that the Owner may be required to reveal personal data upon request of public authorities.
Additional information about User’s Personal Data
In addition to the information contained in this privacy policy, this Application may provide the User with additional and contextual information concerning particular Services or the collection and processing of Personal Data upon request.
System logs and maintenance
For operation and maintenance purposes, this Application and any third-party services may collect files that record interaction with this Application (System logs) or use other Personal Data (such as the IP Address) for this purpose.
Information not contained in this policy
More details concerning the collection or processing of Personal Data may be requested from the Owner at any time. Please see the contact information at the beginning of this document.
Changes to this privacy policy
The Owner reserves the right to make changes to this privacy policy at any time by notifying its Users on this page and possibly within this Application and/or – as far as technically and legally feasible – sending a notice to Users via any contact information available to the Owner. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom.
Should the changes affect processing activities performed on the basis of the User’s consent, the Owner shall collect new consent from the User, where required.
Definitions and legal references
Personal Data (or Data)
Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.
Usage Data
Information collected automatically through this Application (or third-party services employed in this Application), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Application, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.
User
The individual using this Application who, unless otherwise specified, coincides with the Data Subject.
Data Subject
The natural person to whom the Personal Data refers.
Data Processor (or Processor)
The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.
Data Controller (or Owner)
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Application. The Data Controller, unless otherwise specified, is the Owner of this Application.
This Application
The means by which the Personal Data of the User is collected and processed.
Service
The service provided by this Application as described in the relative terms (if available) and on this site/application.
European Union (or EU)
Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.
Cookie
Cookies are Trackers consisting of small sets of data stored in the User’s browser.
Tracker
Tracker indicates any technology – e.g Cookies, unique identifiers, web beacons, embedded scripts, e-tags and fingerprinting – that enables the tracking of Users, for example by accessing or storing information on the User’s device.
Provides access to the User’s primary email address.
Legal information
This privacy policy relates solely to this Application, if not stated otherwise within this document.
Last update: May 9, 2024