Loading
Help

GDPR compliance at Zapier

Last updated:
Note

The content below is provided for informational purposes only. The information shared here is not meant to serve as legal advice. You should work closely with legal and other professional counsel to determine exactly how the GDPR may or may not apply to you. Read more about your role and Zapier's role in GDPR.

On May 25, 2018, the EU General Data Protection Regulation (GDPR) went into effect, bringing new global data protection rights for individuals in the European Union.

Zapier fully supports the privacy rights of our customers and our users and is fully GDPR-compliant. This article covers the changes that were made to comply with GDPR, as well as what you'll need to do as a user or partner of Zapier.


Changes completed at Zapier

Research
As with any new regulation, Zapier has worked closely with legal and other professional counsel to understand our role under GDPR.

Policy, TOS updates and new DPAs
Zapier's privacy policy and terms of services have been updated to reflect our new compliance with GDPR. The new Data Processing Addendum is available for signatures with partners and customers as well (though you likely do not need to sign this).

Internal data audit
Zapier has reviewed all the data we collect, as well as the reasons for why we collect it, as well as which Zapier employees have access to it. We've documented and shared as much of this data publicly as possible. For example, you will see enumeration of collected data in Zapier's Data Processing Addendum.

Vendor audit
Zapier has worked through our list of vendors to ensure they are adhering to GDPR and have signed all relevant Data Processing Addendums with regards to that.

Improved data tooling
You can export and delete your data in Zapier in your data management settings.

Communication
Zapier has documented and shared any pertinent changes with customers and partners. This includes emails and on the site itself, here and in the updates blog.

Ongoing process changes
This includes revamping processes for how Zapier does customer support, builds products, reports on data, and works with applicants as we grow our team. Much of this will be in the form of internal documentation, training and processes as required by GDPR.


Zapier's role in GDPR compliance

Zapier acts both as a Data Controller and as a Data Processor within the realm of GDPR compliance:

As a Data Controller, you're responsible for safeguarding the data of your customers as they interact directly with services integrated with Zapier.

As a Data Processor, Zapier is responsible for safeguarding the data of our partners' and customers' users as it flows through our system.


Customers' and partners' roles in GDPR compliance

As a Zapier customer or partner, you are a Data Controller and Zapier is acting as your Data Processor for your users. In this respect, you must take the following steps:

  • Ensure your Terms of Service and/or Privacy Policy are up to date.
  • If you have customers in the EU or need to be GDPR compliant, your agreement to our terms of service will be sufficient as it contains relevant addendum.
  • If you have customers in the EU or need to be GDPR compliant, you may additionally request to sign Zapier's Data Processing Addendum. This is valid for both customers and partners. Here is a sample of what Zapier's Data Processing Addendum looks like.
  • Perform your own research, modeling, vendor audit, and strategy steps at your company to ensure you understand GDPR as it applies to your business.
  • Be thinking about how you’ll handle consent. You should configure your Zaps and integrations to not trigger or work with users' data without proper consent.
  • Watch for updates from Zapier related to product functionality or privacy and TOS changes.

Zapier Subprocessor Information

In order to support delivery of Zapier Services, Zapier may engage with third parties or affiliates to carry out data processing activities that involve access to customer data (each, a “Subprocessor”). This section contains information about the identity, role, and location of each Subprocessor.

NameNature of ProcessingSecurity and Privacy InformationLocation
Amazon Web Services, Inc. (AWS)Third party hosting providerhttps://aws.amazon.com/security/https://aws.amazon.com/compliance/data-privacy-faq/?nc=sn&loc=4USA
DataDogApplication performance monitoring, infrastructure and network monitoring, and error capturinghttps://www.datadoghq.com/security/USA
FullStoryAnalytics to improve Zapier Serviceshttps://help.fullstory.com/hc/en-us/articles/360020624254-Security-OverviewUSA
Google CloudThird party hosting providerhttps://cloud.google.com/securityUSA
GraylogProduction logs for support services and log managementhttps://www.graylog.org/privacy-policyUSA
HelpScoutCustomer service platform used for technical support ticket managementhttps://www.helpscout.com/company/legal/security/https://www.helpscout.com/company/legal/gdpr/USA
HerokuDeployment and management of Zapier Serviceshttps://www.salesforce.com/company/privacy/USA
HubSpotMarketing automation platform. Email delivery services for communications to Zapier usershttps://www.hubspot.com/securityUSA
IterableMarketing automation platform. Email delivery services for communications to Zapier usershttps://iterable.com/trust/iterable-security-compliance/USA
LookerBusiness intelligence software used to analyze Zapier Services usagehttps://looker.com/product/securityUSA
ZendeskCustomer service platform used for technical support ticket managementhttps://www.zendesk.com/product/zendesk-security/USA

Zapier Affiliate Subprocessors

NameService(s) ProvidedLocation
Zapier Automation Inc.Zapier Services and SupportCanada
Zapier UK LtdZapier Services and SupportUK

Updates to Subprocessors

As our business grows and evolves, the subprocessors we engage with may change. If you would like to receive notifications of changes to our subprocessors, you may sign up to receive Subprocessor Notification emails here.


Need More Help?

Contact Support

Tell us about your problem, and we’ll find you a solution or you can email support.
Get Help

Hire an Expert

We have a directory of professionals across the globe who are ready to help.
Find a Zapier Expert

Zapier Community

Connect with other Zapier users and industry professionals to get help crafting the perfect workflow.
Check out the community