What is GDPR?
The General Data Protection Regulation (GDPR) aims to provide customers granular-level control over their personal data. It requires organizations to obtain consent before collecting personal data, process the data in a secure and transparent manner, and store the data no longer than necessary. GDPR is applicable to all organizations that work with the data of European Union residents.
How is Zoho Flow GDPR compliant?
Zoho Flow collects only the required data, stores it securely, and provides transparency in data processing. You have complete control over when your data is erased from our systems.
Collection of personal data
Features such as two-factor authentication, role-based access, and the ability to limit access to your connections provide advanced data security.
We store data only when necessary. Your email address, API keys, and other sensitive data is encrypted in storage using the Advanced Encryption Standard (AES).
Records of processing
For each organization on Zoho Flow, an audit trail of processing activities is maintained. This lets you track when each activity happened and who performed it.
You can edit your organization details and connections any time you want. The flow details — like trigger and action configurations, name, and description — can also be modified.
You can delete a flow or connection that you create at any time. As an organization owner, you can choose to delete your Zoho Flow organization. If you are a part of another Flow organization, you may request to exit the organization.
We'll document and keep you posted on relevant changes as we implement them. If you have any questions, drop us a line at firstname.lastname@example.org.
Disclaimer: The information presented herein should not be taken as legal advice. We recommend that you seek legal advise on what you need to do to comply with the requirements of GDPR.