Several months ago, we sought out some of the world’s top privacy experts and told them: Pick our policies apart and tell us what we can do better.
Being a privacy-first company means we are transparent about how we collect our professional contact data and uphold consumers’ rights to privacy. We go above and beyond to ensure that we exceed standards in data compliance, protection, and security.
TrustArc, a global provider of compliance solutions, spent months rigorously combing through our data privacy practices and procedures looking for weaknesses. It was a three-phased process that included ongoing monitoring and guidance to ensure that our policies are in line with one of the strictest privacy regulations in the world. As a result of that review, we recently attained the General Data Protection Regulation (GDPR) Practices Validation.
The validation is just the latest step we’ve taken In order to ensure that we stay up to date on the latest trends. Related efforts include:
- In March, we expanded our privacy team by hiring experts in technical, legal, and regulatory privacy, and combined that with our 300 person human research and verification team to ensure information accuracy.
- In October, we attained TrustArc’s TRUSTe Enterprise Privacy Certification Seal by demonstrating responsible data collection and processing practices for the data that populates our more than 120 million contact profiles.
GDPR Influences Corporate Data Protection Measures
These third-party validations from the industry authority on data privacy management provide an independent way to showcase GDPR compliance to ZoomInfo’s customers, partners, and consumers and solidify the company’s standing as a privacy-forward organization.
GDPR, or General Data Protection Regulation, constitutes the world’s strongest set of data protection rules, which sets strict guidelines for the collection and processing of personal data for people who live in the European Union. The regulations must be followed by all sites that attract European visitors and puts limits on what organizations can do with personal data.
With ZoomInfo’s expansion into the EU, the GDPR Practices Validation was an important step towards improving our transparency, ensuring individual privacy, and preventing the misuse of our EU customers’ information.
“About a year before the GDPR rolled out, we implemented a notice and choice program for all of the people in the European Union whose information we had collected,” says Henry Schuck, CEO at ZoomInfo. “We gave them notice that we had collected their information and gave them the opportunity to have that information updated, changed, or removed from our platform.”
These practices put ZoomInfo far ahead of any competitor in the space around data privacy.
“No one in our industry has a team of data privacy professionals and corporate counsels who are focused on this issue, not just for us, but for our customers,” says Schuck.
Amid Growing Privacy Laws, Companies Must Lead
While every business handles personal information to some degree – we’ve all given out our home address and phone number to have a new sofa delivered – ZoomInfo’s core business is built upon responsibly provisioning data to companies of all sizes.
Privacy laws are important for protecting our personal identities and keeping our possessions secure. But because every nation and state government drafts them separately, they can quickly become burdensome for businesses.
In the absence of a singular global regulation dictating the proper handling of personal information, it falls upon each business to ensure it fulfills obligations toward the safe management of this data.
We are proud to have been awarded the TrustArc GDPR Practices Validation after a rigorous verification process and analysis of our data privacy and collection practices. We’re confident in our privacy methods, and we take pride in providing the resources that lift our 20,000-plus customers to the forefront of privacy leadership within their industries.