As with any new regulation, Zapier has worked closely with legal and other professional counsel to understand our role under GDPR.
Policy, TOS updates and new DPAs
Internal data audit
Zapier has reviewed all the data we collect, as well as the reasons for why we collect it, as well as which Zapier employees have access to it. We've documented and shared as much of this data publicly as possible. For example, you will see enumeration of collected data in Zapier's Data Processing Addendum.
Zapier has worked through our list of vendors to ensure they are adhering to GDPR and have signed all relevant Data Processing Addendums with regards to that.
Improved data tooling
You can export and delete your data in Zapier in your data management settings.
Zapier has documented and shared any pertinent changes with customers and partners. This includes emails and on the site itself, here and in the updates blog.
Ongoing process changes
This includes revamping processes for how Zapier does customer support, builds products, reports on data, and works with applicants as we grow our team. Much of this will be in the form of internal documentation, training and processes as required by GDPR.