What is GDPR?

The General Data Protection Regulation (GDPR) aims to provide customers granular-level control over their personal data. It requires organizations to obtain consent before collecting personal data, process the data in a secure and transparent manner, and store the data no longer than necessary. GDPR is applicable to all organizations that work with the data of European Union residents.

How is Zoho Flow GDPR compliant?

Zoho Flow collects only the required data, stores it securely, and provides transparency in data processing. You have complete control over when your data is erased from our systems.

Collection of personal data

Features such as two-factor authentication, role-based access, and the ability to limit access to your connections provide advanced data security.


We make sure that you are aware of each application's terms of service and privacy policy before connecting the third-party app account on Zoho Flow. We, the Zoho Flow team, can access your account to resolve issues or validate flows and connections only after you authorize us to do so. You can enable or disable this access at any time.

Data storage

We store data only when necessary. Your email address, API keys, and other sensitive data is encrypted in storage using the Advanced Encryption Standard (AES).

Records of processing

For each organization on Zoho Flow, an audit trail of processing activities is maintained. This lets you track when each activity happened and who performed it.

Data rectification

You can edit your organization details and connections any time you want. The flow details — like trigger and action configurations, name, and description — can also be modified.

Data erasure

You can delete a flow or connection that you create at any time. As an organization owner, you can choose to delete your Zoho Flow organization. If you are a part of another Flow organization, you may exit the organization anytime.


We'll document and keep you posted on relevant changes as we implement them. If you have any questions, drop us a line at support@zohoflow.com.

Disclaimer: The information presented herein should not be taken as legal advice. We recommend that you seek legal advise on what you need to do to comply with the requirements of GDPR.