Security & Trust Center
Your trust is our priority—explore our security practices, compliance standards, and data protection measures.

Securing your data, building your trust.
At Zyte, we’re pioneers in ethical web scraping, setting the standard for compliant data collection. Protecting your data is our top priority. Our Security Trust Center is a central hub for security policies, certifications, and updates, ensuring your data is secure and compliant.

Safeguarding your data
We safeguard personal, financial, and confidential business information from unauthorized access, theft, or misuse.
Regulatory Compliance
We guarantee strong security measures, with industry standards and data protection laws such as GDPR, CCPA, and ISO 27001.
Security Framework
With strong security framework we reassure customers that their data is safe, enhancing brand reputation and customer loyalty.
Compliance & Certifications
We believe that trust is built on transparency, so we openly share our security policies, controls and certifications.
Our Security Policies
How we protect, manage, and safeguard your data against threats and vulnerabilities.
Our Security Controls
How we implement safeguards to protect, monitor, and maintain the integrity of your data.
ISO 27001 Certification
Validating our commitment to global information security standards.
Subprocessors
Understand how we work with third-party service providers to process your data.
Ethical & Compliant Web Scraping
Ethical web scraping is central to our mission, and we're setting the industry standard.
Responsible Disclosure Policy
Encouraging security researchers to discover vulnerabilities and recognise them in our Hall of Fame.
Frequently asked security questions
What certifications does Zyte have?
Zyte is committed to maintaining high standards of data security and compliance. Zyte is ISO 27001 certified and all of its hosting providers have achieved ISO 27001 certification, ensuring that the infrastructure supporting Zyte's services meets stringent information security standards. Zyte also comply with data protection regulations such as GDPR and CCPA, and has co-authored the FISD Alternative Data Standards, underscoring its leadership in responsible data extraction practices.
What customer data do you store?
Zyte collects and stores limited customre data such as names, email addresses, and payment details, as well as automatically gathered technical data like IP addresses and usage metrics. To safeguard this data, Zyte employs a comprehensive security framework, maintaining transparency through its Privacy Policy and Data Processing Agreement.
Where is customer data stored?
Zyte stores customer data on secure servers provided by ISO 27001 certified cloud hosting providers, ensuring compliance with stringent information security standards. These servers are located in highly secure data centers, with physical security measures in place to protect the data. Additionally, Zyte employs encryption protocols during data transmission and implements system monitoring for further safeguarding customer information.
To deliver specific functionalities, Zyte may utilize subprocessors. These subprocessors store and process data in accordance with strict security protocols. Zyte ensures that all subprocessors maintain comparable or superior security standards, including data encryption, access controls, and compliance with relevant regulations. Data transfer and storage involving subprocessors are governed by robust contractual agreements.
Is your data encrypted?
Zyte ensures that customer data is encrypted both during transmission and while at rest. Data transmitted between your systems and Zyte's services is protected using Transport Layer Security (TLS), safeguarding it from interception during transfer. Additionally, all user communications, digital assets, and personal information entered into the Zyte software application are encrypted, ensuring that even if unauthorized access to storage occurs, the data remains protected. These measures reflect Zyte's commitment to maintaining the confidentiality and integrity of customer data throughout its lifecycle.
Does Zyte process customer data in compliance with the GDPR?
Zyte is committed to GDPR compliance. We have implemented robust data protection measures and include a Data Processing Agreement to ensure compliance with GDPR requirements.
What happens to my data after account termination?
Upon termination of customer account, Zyte archives data, making it inaccessible. This data is retained for a period consistent with Zyte's data retention policy, allowing the option to reactivate the subscription and regain access by paying the applicable fees.
Can you provide a pen test report?
Zyte can provide penetration test reports to clients upon request. To ensure the confidentiality and security of sensitive information, access to these reports is typically granted after the execution of a Non-Disclosure Agreement (NDA). This practice aligns with industry standards, where sharing detailed security assessments is contingent upon legal agreements to protect both parties' interests. You can request a NDA from your sales contact.
Where can I find the list of data subprocessors?
You can find the list of Zyte's data subprocessors in Annex III of the Data Processing Agreement (DPA). This annex provides detailed information about the third-party service providers Zyte engages with to process personal data on behalf of their clients. Please note that Zyte may update this list as necessary to provide their services and will notify clients of any such changes
How can I report security issues?
To report security issues to Zyte email can be sent to bughunt@zyte.com. Zyte's security team aims to acknowledge reports within 24 hours and typically takes up to five days to validate the issue. Once verified, they will take necessary actions to resolve the vulnerability and notify the reporter upon completion. For more details, refer to Zyte’s Responsible Disclosure Policy.