ZoomInfo ensures that its database and portfolio of products is 100% safe to use. As a security-first organization, ZoomInfo is committed to developing secure and compliant go-to-market solutions for our customers.
From a usage perspective, ZoomInfo has a sound technological infrastructure and is completely compliant with both GDPR (General Data Protection Regulation) and CCPA (California Consumer Privacy Act). ZoomInfo’s algorithms are designed to solely collect business contact information and no other personal information. Additionally, ZoomInfo has implemented privacy practices that go above and beyond those of its peers and what’s required by law.
How ZoomInfo proactively enables data privacy for individuals:
- Between our self-service Trust Center, available 24/7, and personalized notification emails with instructions for how to verify, claim, update or remove profiles, we make it easy for individuals to discover and manage their ZoomInfo profile
- We publish the date the notification email was sent to the contact on their ZoomInfo profile
- We make it easy for customers to see who has opted out of ZoomInfo
- We make it easy for customers to filter out individuals on the Do Not Call list
- We make it easy for customers to exclude their opt-out/unsubscribe lists from our platform
- Lastly, we don’t hide behind complicated terms of services
As a steward of data privacy, we strongly encourage you to visit ZoomInfo’s comprehensive Trust Center that supports awareness and education:
- Overview of changes in legislation, including CCPA and GDPR
- Guidelines to consider that help organizations stay compliant with privacy laws
- Helpful blogs, eBooks, and other content that spreads important knowledge related to data privacy
From a security perspective, ZoomInfo has also earned AICPA’s SOC2 attestation regarding the security, availability, and confidentiality controls around its services. ZoomInfo’s ISMS includes within it the Risk Management program formally based on the ISO 31000 Risk Management Framework.
How does ZoomInfo maintain a secure infrastructure?
Pillars of ZoomInfo’s ISMS
The core of ZoomInfo’s program is defined by its ISMS and serves to assess, manage, monitor, and minimize information security risks. The program includes:
- Context of the Organization
- Operation
- Leadership
- Performance evaluation
- Planning
- Improvement
- Support
Security Team
ZoomInfo’s information security team is composed of seasoned security veterans with experience managing all facets of information risk, including compliance, risk management, Cyber Security Operations Center (CSCO), security engineering, and offensive security. Members of the information security team hold certifications including Certified Information Systems Security Professional (CISSP), Certified Information Systems Management (CISM), and Certified Information Systems Auditor (CISA), and many also have relevant military experience related to information security.
All of ZoomInfo’s staff participates in continuing education and training throughout the year, ensuring they are implementing ever-evolving best practices.
Standard Operating Procedures and practices
ZoomInfo has developed a comprehensive playbook to ensure its processes, tools, checks and balances, and customer communication are best-in-class in regards to:
- Prevention
- Detection
- Response
- Remediation
To learn more about ZoomInfo’s commitment to security, please visit the ZoomInfo security page.