Data Privacy#

We take the security of your data seriously. You can read the nitty gritty details at our privacy policy. Below are a few bullet points to help with common questions.

High Level#

  • Credentials that you use to connect your Accounts to Zapier are protected with bank-level encryption.

  • The only action that Zapier takes on your Accounts are those necessary to run the Zaps you create.

  • The raw requests Zapier makes to other services on your behalf are stored for 7 days for troubleshooting purposes, then purged on a rolling basis.

  • Your user-facing Task History is stored for a longer period of time so that you can monitor Zapier activity and replay failures.

Technical Details#

  • Zapier login credentials are one-way PBKDF2 hashes with a workload of about 10000 iterations.

  • Account access credentials (like API keys for Mailchimp, tokens for Salesforce, and passwords for developer apps like SAManage) held by Zapier are encrypted with AES and stored in a database. Of course, Zapier has the decryption keys on hand so we can use the credentials but they are stored and maintained separately.

  • All debug logs censor Account credentials (API keys, tokens, etc.) so they are not viewable in raw request logs.

  • Raw low-level request logs are stored for 7 days and user-facing Task History is stored rolling for the previous three months.

  • We always use https or SSL where possible (both via and external API services).

If you have any questions on how Zapier stores or handles your information, feel free to email us at

↑ Was this documentation useful? Yes No (Suggest Edits)
Get Help