Data Privacy#

We take the security of your data seriously. You can read the nitty gritty details at our privacy policy. Below are a few bullet points to help with common questions.

High Level#

  • Credentials that you use to connect your Accounts to Zapier are protected with bank-level encryption.

  • The only action that Zapier takes on your Accounts are those necessary to run the Zaps you create.

  • The raw requests Zapier makes to other services on your behalf are stored for 7 days for troubleshooting purposes, then purged on a rolling basis.

  • Your user-facing Task History is stored for a longer period of time so that you can monitor Zapier activity and replay failures.

Technical Details#

  • Zapier login credentials are one-way PBKDF2 hashes with a workload of about 10000 iterations.

  • Account access credentials (like API keys for Mailchimp, tokens for Salesforce, and passwords for developer apps like SAManage) held by Zapier are encrypted with AES and stored in a database. Of course, Zapier has the decryption keys on hand so we can use the credentials but they are stored and maintained separately.

  • All debug logs censor Account credentials (API keys, tokens, etc.) so they are not viewable in raw request logs.

  • Raw low-level request logs are stored for 7 days and user-facing Task History is stored rolling for the previous three months.

  • We always use https or SSL where possible (both via https://zapier.com and external API services).

If you have any questions on how Zapier stores or handles your information, feel free to email us at contact@zapier.com.

↑ Was this documentation useful? Yes No (Suggest Edits)
Get Help