This Privacy Statement for Residents of Specified States (“Privacy Statement” or “Statement”) supplements the information contained in the ZoomInfo Privacy Policy. ZoomInfo has adopted this statement to comply with the state privacy laws adopted in numerous states, including the California Consumer Privacy Act, as amended (the “CCPA”) and other California privacy laws, the Colorado Privacy Act (“CPA”), the Connecticut Personal Data Privacy and Online Monitoring Act (“CTDPA”), the Oregon Consumer Data Privacy Act (“OCDPA”), the Texas Data Privacy and Security Act (“TDPSA”), the Utah Consumer Privacy Act (“UCPA”), and the Virginia Consumer Data Protection Act (“VCDPA”) (each individually a “State Privacy Law” and collectively, “State Privacy Laws”). This Statement is also intended to comply with the Delaware Personal Data Privacy Act (“DPDPA”), the Iowa Consumer Data Protection Act (“ICDPA”), the Montana Consumer Data Privacy Act (“MCDPA”), the Nebraska Data Privacy Act (“NDPA”), the New Hampshire Privacy Act (“NHPA”), and the New Jersey Data Privacy Act (“NJDPA”) when these laws come into effect. This Statement applies solely to “consumers” as that term is defined in each respective State Privacy Law. When used in this Privacy Statement or in the Privacy Policy, any terms defined in such State Privacy Laws have the meaning given to them by those laws with respect to such state’s consumers.
Limited Applicability of Certain State Laws
With the exception of the CCPA in California, many state privacy laws, including the CPA, CTDPA, DPDPA, ICDPA, MCDPA, NDPA, NHPA, NJDPA, OCDPA, TDPSA, UCPA, VCDPA, and similar legislation, do not apply to individuals where they are acting in a commercial or employment context. As a result, these laws may have limited applicability to ZoomInfo’s activities with respect to residents of the states where these laws are in effect. Where we refer to “Personal Information” throughout this Privacy Statement, we mean “Personal Data” or “Personal Information” as such terms are defined in the applicable State Privacy Law. This includes information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household and that is not deidentified, aggregated, or publicly available information, but only to the extent the Personal Information is not deemed excluded from the laws’ scope because of the Personal Information’s commercial or employment context or other applicable exclusions under the applicable State Privacy law. To the extent that the rights afforded under the CPA, CTDPA, DPDPA, ICDPA, MCDPA, NDPA, NHPA, NJDPA, OCDPA, TDPSA, UCPA, VCDPA, and similar legislation may apply to the Site, they are indicated throughout this Privacy Statement by way of an 🡪 Other State Laws heading.
Information ZoomInfo Collects
Details about the information ZoomInfo collects and how it is collected are available in the “How we Collect Information” section of the Privacy Policy. To the extent the CCPA requires that these details be reported with reference to specific categories, in the last twelve (12) months, we may have collected the following categories of Personal Information:
- Identifiers, such as name, Internet Protocol address, device or other ID, email address, including business and/or other email addresses (including “freemails” such as Gmail, Yahoo, Hotmail, etc.), job title and department, phone numbers (general or direct business numbers, faxes, and/or mobile numbers), business-related postal address, and social networking URLs.
- Personal Information Categories Listed in the California Customer Records Statute, such as name, business address, telephone numbers (general or direct business numbers, faxes, and/or mobile numbers), education, employment, employment history, and credit or debit card number.
- Commercial Information, such as products or services purchased.
- Biometric Information, such as voiceprints, which we collect from Chorus customers when we have received such customers’ consent. The collection and use of biometric information is governed by our Biometric Privacy Notice in addition to this Statement.
- Internet or Other Similar Network Activity, such as Internet Protocol address and information on a consumer’s interaction with a website, application, or advertisement.
- Geolocation Data, such as information about your physical location collected from geolocation features on your device, including your IP address.
- Professional or Employment-Related Information, such as email address, including business and/or other email addresses (including “freemails” such as Gmail, Yahoo, Hotmail, etc.), telephone numbers (general or direct business numbers, faxes, and/or mobile numbers), business-related physical address, current or past job history, and title.
- Inferences, which may be drawn from the information identified above to make predictions about your preferences and interests.
- Sensitive Information, such as your ZoomInfo account login and password (if you are a ZoomInfo customer or user) and the biometric information as described above. ZoomInfo only uses or discloses sensitive information as is reasonably necessary and proportionate for the purposes specified in the CCPA regulations.
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing prior notice.
Categories of Sources from which Personal Information is Collected
ZoomInfo collects personal information from the following categories of sources:
- Publicly available information
- First-hand research
- Submissions from ZoomInfo’s customers or freemium product users
- Third-party data vendors
- ZoomInfo’s affiliates
- Directly and indirectly from activity or submissions on ZoomInfo’s website
- Directly and indirectly from our customers or their representatives
- Directly from vendors and other contractual counterparties
- Through communications with prospective customers and other businesses and their representatives
- Any other sources described in our Privacy Policy under “How we Collect Information”
Purposes for Collection, Disclosure, Sharing, and Sale of Personal Information
ZoomInfo collects, discloses, shares, and sells personal information for the following business and commercial purposes:
- Provide, maintain, and improve the Site
- Verify, cleanse, update, and maintain Business Information and other information provided through the Site
- Provide and deliver the Services, process transactions, and send related information, including communications and invoices
- Send technical notices, updates, security alerts, and support and administrative messages
- Respond to comments, questions, and requests, and provide customer support
- Create ZoomInfo account(s) and identify users signing in to their account
- Communicate about products, services, offers, promotions, rewards, and events offered by ZoomInfo and others, and provide news and information
- Monitor and analyze trends, usage, and activities in connection with the Site
- Detect, investigate, and prevent fraud and other illegal activities
- Protect the rights and property of ZoomInfo, our customers, and others
- Personalize and improve the Site and Services, including by training LLMs or other Artificial Intelligence models
- Provide notice of important changes to the Site, including changes or updates to this Privacy Policy
- Facilitate contests, sweepstakes, and promotions, process entries, and deliver rewards
- Consider persons for possible employment with ZoomInfo, and communicate about employment opportunities or submitted employment applications
- Create aggregated statistical data, inferred non-personal data, or anonymized or pseudonymized data (rendered non-personal and non-identifiable), which we or our business partners or customers may use to provide and improve our respective services
- Comply with our contractual and legal obligations, resolve disputes with users, and enforce our agreements
- Carry out any other purpose described at the time the information was collected or as otherwise set forth in the CPRA
Third-Party Recipients
ZoomInfo may disclose personal information to the following third-party recipients for the business and commercial purposes identified above:
- ZoomInfo affiliates
- Service providers
- ZoomInfo customers
- ZoomInfo partners
Any other recipients described in our Privacy Policy under “How we Share Information”
Sale, Sharing, and Disclosure of Personal Information
We sell personal information collected for our database to our customers. This database may contain information about consumers’ business personas including name, employer, job title and department, email address, phone number, office address, social media or professional profile link, and work or educational history. This information is sold to ZoomInfo’s customers for the purpose of business-to-business sales, marketing, and recruiting and is provided subject to license agreements that limit its use to those purposes.
In the preceding twelve (12) months, we have sold or shared the following categories of personal information to ZoomInfo customers, partners, or affiliates:
- Identifiers
- Personal information categories listed in the California Customer Records statute
- Internet or other similar network activity
- Professional or employment-related information
- Inferences
ZoomInfo may also disclose personal information to its service providers for business purposes necessary for providing functions related to our operation of our business and provision of our products and services. In the preceding twelve (12) months, we have disclosed for a business purpose the following categories of personal information to our service providers:
- Identifiers
- Personal information categories listed in the California Customer Records statute
- Internet or other similar network activity
- Professional or employment-related information
- Inferences
We do not sell or share the personal information of minors under 16 years of age.
A Consumer’s Right to Opt-Out of the Sale or Sharing of Personal Information
A consumer has the right to opt out of the sale or sharing of that consumer’s personal information by ZoomInfo. Consumers may opt out of the sale of their information by visiting our Manage Your Personal Privacy page in our Privacy Center and submitting a request to remove the consumer’s profile or delete the consumer’s data. A consumer may also contact us by calling 833-901-0859 or by sending an email to privacy@zoominfo.com.ZoomInfo may also share your information with third parties for marketing and advertising purposes. Individuals may opt out of the sharing of their information by disabling cookies on our Cookies Page. ZoomInfo also responds to and abides by opt-out preference signals sent by the Global Privacy Control (“GPC”). For additional information regarding the GPC, including how to download and use the GPC, please visit the Global Privacy Control website.
→ Other State Laws Subject to certain limitations, residents of Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, Nevada, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia may have the right to opt out of the processing of their Personal Information for purposes of sale or targeted advertising. Residents of Colorado, Connecticut, Delaware, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, and Virginia may also have the right to opt out of processing that amounts to profiling. If you believe this right applies to you, follow the instructions above to opt out.
A Consumer’s Additional State Law Rights and Choices
State Privacy Laws provide consumers with specific rights regarding their personal information. This section describes a consumer’s rights and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights
A consumer has the right to request that we disclose certain information to that consumer about ZoomInfo’s collection and use of that consumer’s personal information over the past twelve (12) months. Once we receive and confirm a consumer’s verifiable consumer request, we will disclose:
- The categories of personal information we collected about that consumer.
- The categories of sources from which the personal information was collected.
- Our business or commercial purpose for collecting, selling, or sharing that personal information.
- The categories of third parties to whom we disclose that personal information.
- The specific pieces of personal information we collected about that consumer (also called a data portability request).
→ Other State Laws Subject to certain limitations, residents of Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia may have a right to confirm whether ZoomInfo is processing their Personal Information and to access their Personal Information. In less common situations, some residents may also have a right to obtain their Personal Information in a portable and, to the extent technically feasible, readily usable format, or to obtain a list of third-party recipients of personal information. If you believe these rights apply to you, follow the instructions below to contact us.
Correction Request Rights
A consumer has the right to request that we correct personal information that we maintain about the consumer if it is inaccurate, taking into account the nature of the personal information and the purposes for which it is processed. Once we receive and confirm a consumer’s verifiable consumer request, we will use commercially reasonable efforts to correct the inaccurate personal information. We may require documentation if necessary to confirm the accuracy of the requested correction. We may deny the request if:
- We determine, based on the totality of the circumstances, that the contested personal information is more likely than not accurate as maintained.
- We determine that the requested correction would be impossible or would involve disproportionate effort.
- The requested correction is in conflict with federal or state law.
- We denied the same request to correct within the past six months and the consumer has not provided additional documentation in support of the request.
- We have a good-faith, reasonable, and documented belief that the request to correct is fraudulent or abusive.
In any case, we will inform you of the action we take and, where the request has been denied, the reasons for the denial. Subject to the exceptions given below, a consumer whose request to correct has been denied may be able to exercise a right to delete the contested data.
→ Other State Laws Subject to certain limitations, residents of Colorado, Connecticut, Delaware, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia may have a right to request that we correct inaccurate Personal Information held about them. If you believe this right applies to you, follow the instructions below to contact us.
Deletion Request Rights
A consumer has the right to request that ZoomInfo delete any of his or her personal information that we have collected and retained, subject to certain exceptions. Once we receive and confirm a consumer’s verifiable consumer request, we will delete (and direct our service providers and/or customers to delete) that consumer’s personal information from our records, unless an exception applies.
We may deny a consumer’s deletion request if retaining the information is necessary for us or our service providers or customers to:
- Complete the transaction for which we collected the personal information, fulfill the terms of a product warranty or product recall conducted in accordance with federal law, provide a good or service that a consumer requested, take actions reasonably anticipated within the context of our ongoing business relationship with that consumer, or otherwise perform our contract with that consumer.
- Help to ensure security and integrity to the extent the use of the consumer’s personal information is reasonably necessary and proportionate for those purposes.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research that conforms or adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the ability to complete such research, if a consumer provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on a consumer’s relationship with us and compatible with the context in which the consumer provided the information.
- Comply with a legal obligation.
→ Other State Laws Subject to certain limitations, residents of Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia may have a right to request that we delete Personal Information concerning them. If you believe this right applies to you, follow the instructions below to contact us.
Exercising Access, Correction, Data Portability, and Deletion Rights
To exercise the access, correction, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:
- Calling us at 833-901-0859
- Visiting the Manage Your Personal Privacy page in our Privacy Center
- Contacting us at privacy@zoominfo.com
Only a consumer, or a natural person or business entity that a consumer authorizes to act on a consumer’s behalf (an “Authorized Agent”), may make a verifiable consumer request related to a consumer’s personal information. A consumer may also make a verifiable consumer request on behalf of that consumer’s minor child.
A consumer or the consumer’s Authorized Agent may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows ZoomInfo to reasonably verify a consumer is the person about whom we collected personal information.
- If an Authorized Agent is being used, provide sufficient proof that the consumer has provided the Authorized Agent with permission to submit the request on the consumer’s behalf, such as signed permission or a power of attorney executed pursuant to California Probate Code Sections 4121 to 4130.
- Describe a consumer’s request with sufficient detail that allows ZoomInfo to properly understand, evaluate, and respond to it.
We cannot respond to a consumer’s or an Authorized Agent’s request or provide a consumer or Authorized Agent with personal information if we cannot verify the consumer’s or Authorized Agent’s identity and/or authority to make the request and confirm the personal information relates to that consumer. Making a verifiable consumer request does not require a consumer to create an account with us. We will only use personal information provided to us in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within 45 days of its receipt, or a shorter or longer timeframe as required by applicable law. If we require more time (up to 90 days), we will inform the consumer of the reason and extension period in writing. We will deliver our written response by mail or electronically. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt unless another applicable period applies. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will choose a format to provide a consumer’s personal information that is readily useable and should allow a consumer to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to a consumer’s verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell the consumer why we made that decision and provide the consumer with a cost estimate before completing that consumer’s request.
Appeals
→ Other State Laws Residents of Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, and Virginia may have the right to appeal an adverse decision made in response to their exercise of a consumer data rights request. If you believe this right applies to you and you have received an adverse decision regarding your exercise of a consumer data rights request, you may email us at privacy@zoominfo.com to initiate an appeal.
Non-Discrimination
Consumers have the right to not receive discriminatory treatment by a business for exercising their rights under the CCPA. We will not discriminate against a consumer for exercising any CCPA rights.
→ Other State Laws Residents of Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia may also have the right to not receive discriminatory treatment in response to their exercise of a consumer data rights request. We will not discriminate against a consumer for exercising these rights.
Data Retention
For all categories of personal information we collect, we will retain personal information for a period of time consistent with and not longer than is reasonably necessary for the original purpose(s) for which we collected it, as described in this Privacy Policy, including, as applicable, (i) for as long as we have an ongoing relationship with the individual to whom the information pertains; (ii) as long as needed to provide users, our customers, or our partners the Services; (iii) as necessary to comply with our legal obligation(s); (iv) as necessary to resolve disputes or to protect ourselves from potential future disputes; or (v) as necessary to enforce our agreements. Retention periods will be determined taking into account the amount, nature, and sensitivity of the personal information and the purpose(s) for which it was collected. After the retention period ends, we will delete the personal information. Where we are unable to do so, we will ensure that appropriate measures are put in place to prevent any further use of such information. We will retain biometric data only so long as we have the consumer’s consent, as specified in our Biometric Privacy Notice.
Changes to Our Privacy Statement
We reserve the right to amend this privacy statement at our discretion and at any time. When we make material changes to this privacy statement, we will provide notification by email or through a notice on our website homepage.
Consumer Rights Requests Metrics
During the previous calendar year, ZoomInfo received the following number of requests from residents of California:
Received | Complied with in Whole or in Part | Denied | Mean Number of Days to Respond | |
Requests to know | 419 | 419 | 0 | 3 days |
Requests to delete | 11,377 | 11,377 | 0 | < 1 day |
Requests to opt-out | 15,686 | 15,686 | 15 | 3 days |
Request to correct | 595 | 595 | 0 | < 1 |
Contact Information
If there are any questions or comments about this Statement, our Privacy Policy, the ways in which we collect and use a consumer’s personal information, how to receive a copy of the Privacy Policy and/or this Statement in an alternative format (for consumers with a disability), a consumer’s choices and rights regarding such use, or to exercise consumer rights under California or other state law, please do not hesitate to contact us at:
ZoomInfo
Attn: Privacy
805 Broadway, Suite 900
Vancouver, WA 98660
Phone: 833-901-0859
Email: privacy@zoominfo.com
This Privacy Statement was last updated on September 27, 2024.