To prepare for GDPR, Zapier has undertaken many phases of research and implemented a number of changes.
As with any new regulation, Zapier has worked closely with legal and other professional counsel to understand our role under GDPR.
Policy, TOS updates and new DPAs
Internal data audit
Zapier has reviewed all the data we collect, as well as the reasons for why we collect it, as well as which Zapier employees have access to it. We've documented and shared as much of this data publicly as possible. For example, you will see enumeration of collected data in Zapier's Data Processing Addendum.
Zapier has worked through our list of vendors to ensure they are adhering to GDPR and have signed all relevant Data Processing Addendums with regards to that.
Improved data tooling
Zapier has launched some tooling extend your ability to download your data from Zapier, as well as delete it from Zapier. Much of this tooling exists today (for example, you can export your Task History) but we'll be adding even more upgrades here as we've found it to be a great product feature even beyond compliance.
You can export and delete your data in Zapier in your data management settings.
Zapier has documented and shared any pertinent changes with customers and partners. This includes emails and on the site itself, here and in the updates blog.
Ongoing process changes
This includes revamping processes for how Zapier does customer support, builds product, reports on data, and works with applicants as we grow our team. Much of this will be in the form of internal documentation, training and processes as required by GDPR.