Our Commitment to Security

Because delivering best-in-class data to over 25k customers requires a safe and secure platform

Comprehensive certifications

Being a customer first organization requires a security first mind set. ZoomInfo is an ISO 27001 and ISO 27701 certified company, maintaining excellence in data privacy and security is our number one priority each and every day.

ZoomInfo is self-certified to the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks to further support its commitment to applying privacy protections to data transfers from the EU, UK, and/or Switzerland to the U.S.

ISO 27701

ISO 27701 is the international standard for Privacy Information Management.

ISO 27001

ISO 27001 is the international standard for Information Security. The Standard formally establishes requirements for an Information Security Management System (ISMS). It also includes requirements for the assessment and treatment of information security risks and the mandate to mitigate those risks accordingly. The ISMS standard’s best-practice methodology helps ZoomInfo manage its information security risks by addressing people and processes in addition to technology.


A SOC 2 audit report examines how a company implements internal controls to safeguard customer data and if those controls are operating effectively. The audit gives detailed information about a service organization's security and confidentiality based on their conformity with the AICPA's (American Institute of Certified Public Accountants) Trust Services Criteria.


A certification of compliance for nearly 50 GDPR Privacy Practices and Validation of requirements comprising the TrustArc GDPR Privacy Practices. This validation demonstrates that the processing of personal information conducted by ZoomInfo is performed in total compliance of the EU General Data Protection Regulation (GDPR). This includes data minimizations, data retention, international data, automation, and on-going privacy reviews.

IAPP Gold Member

The International Association of Privacy Professionals (IAPP) is the largest global information privacy community and resource, helping practitioners develop and advance their careers and organizations manage and protect their data. The IAPP is responsible for developing and launching the only globally recognized credentialing programs in information privacy while also leading privacy certifications for thousands of professionals around the world.


The Future of Privacy Forum (FPF) and FPF Education and Innovation Foundation are non-profit organizations serving as catalysts for privacy leadership and education, working to advance principled data practices in support of emerging technologies.


The Centre for Information Policy Leadership (CIPL) is a leading global privacy and data policy think tank based in Washington, DC, Brussels and London that works with industry leaders, regulatory authorities and policy makers around the world to help frame and advance data privacy policy, law and best practice.


Women in Security and Privacy (WISP) aims to help advance women to lead the future of data privacy and security through the strategic methods such as education, mentorship & networking, leadership, and supporting advancement of careers. WISP also plays a significant role in researching new ways to include more women in the security and privacy industry.


SAFECode is a global nonprofit organization that brings business leaders and technical experts together to exchange insights and ideas on creating, improving and promoting scalable and effective software security programs. SAFECode Members are expected to contribute information about their security processes and practices to the organization’s efforts to advance software assurance methods and positively impact the security and reliability of the technology ecosystem.

Privacy First icon

Privacy First

Privacy is core to our platform. ZoomInfo is setting the industry standard for the ethical handling of business-to-business data. We provide our customers with access to helpful tools that give them compliance assurance and control over their information.

Dedicated Privacy Team icon

Dedicated Privacy Team

Our team of legal and privacy professionals is tasked with expanding compliance with policies, providing notification to people in our database, processing opt-outs, supporting customers, and monitoring emerging legislation in states, congress, or internationally.

Transparency icon


We only collect the same information typically found on your business card. We send privacy notifications to every contact in our database detailing their rights to access, request, or correct their information, as well as opt-out entirely using our self-serve privacy center.

Integrity icon


Our privacy policy and practices have been certified under TrustArc’s Enterprise Privacy & Data Governance Practices. We are also certified under EU-U.S. and Swiss-U.S. Privacy Shield Frameworks and a registered Data Broker in California.

Knowledgeable Security Team

ZoomInfo has built a Information Security Management System (ISMS) that meets guidelines outlined in the ISO 27001 Standard. Continuous risk assessment is at the core of everything we do.

Members of our team hold certifications including Certified Information Systems Security Professional (CISSP), Certified Information Systems Management (CISM) and Certified Information Systems Auditor (CISA) and many have relevant military experience related to information security.

Our experienced information security team manages every layer of risk, including:

  • Compliance
  • Risk management
  • Cyber Security Operations Center (CSCO)
  • Security engineering
  • Offensive security

Incentivized Bug Bounty Program

The pursuit of security never stops. Part of ZoomInfo’s success has been a willingness to consider any and all possible avenues while sourcing potential bugs or threats to our systems. If you believe you have identified a security vulnerability, we encourage you to let us know.

Learn About Our Bug Bounty Program

Ready to own your market?

Free Trial