Zeta Global Trust Center

Start your security review
View & download sensitive information
Ask for information
ControlK

Overview

Welcome to the Security Portal for:

  • Cheetah Digital by Zeta Global
  • Grow
  • Loyalty

We prioritize the security of customer data. Our approach follows a defense-in-depth strategy, securing information across multiple layers, including physical, network, host, software, and user account protections.

We uphold industry-leading security standards, maintain a current attestation via a Service Organization Control (SOC) 2 Type 2 report, and conduct routine penetration testing. Our internal policies and controls are designed to protect customer data, ensuring access is limited to authorized employees performing their job responsibilities.

When engaging third parties to process customer data on our behalf, we require them to follow our written instructions, adhere to strict confidentiality obligations, and implement robust technical and administrative safeguards.

More specifically, we ensure:

  • Confidentiality - Only authorized individuals can access customer data.
  • Integrity - Data remains accurate and fit for its intended use.
  • Availability - Authorized users can reliably access the data they need when needed.

Our commitment to security ensures that customer data is safeguarded at all times.

Compliance

SOC 2 Type 2 Logo
SOC 2 Type 2
GDPR Logo
GDPR
HITRUST Logo
HITRUST
Privacy Mark Logo
Privacy Mark
SOC 1 Type 2 Logo
SOC 1 Type 2

Documents

DOCUMENTSISMS Japan
REPORTSPentest Summary Letters
REPORTSSystem Description
COMPLIANCEHITRUST
COMPLIANCEPrivacy Mark
COMPLIANCESOC 1 Type 2
COMPLIANCESOC 2 Type 2
SELF-ASSESSMENTSCAIQ
SELF-ASSESSMENTSSIG Core
APP SECURITYSoftware Development Lifecycle
LEGALCyber Insurance
INFRASTRUCTUREBusiness Continuity & Disaster Recovery (BC/DR) Policy

Risk Profile

Data Access Level
Third Party Dependence
Hosting

Product Security

Account Management
Integrations
Multi-Factor Authentication
View more

Reports

System Description
Pentest Summary Letters

Self-Assessments

CAIQ
SIG Core
SIG Core

Data Security

Security Team
Data Backups
Data Erasure
View more

App Security

Responsible Disclosure
Code Review
Software Development Lifecycle
View more

AI

AI Overview
Evaluation & Red-Teaming

ESG

We prioritize and take environmental, social, and governance (ESG) considerations seriously in our operations and decision-making processes.

Legal

SubprocessorsAirbyte-company-logoAmazon Web Services (AWS)-company-logoCloudflare-company-logoGoogle Workspace-company-logoLuzmo-company-logo
Cyber Insurance
Data Processing Agreement
View more

Data Privacy

Data Privacy Officer

Access Control

Data Access
Logging
Password Security

Infrastructure

Anti-DDoS
Business Continuity & Disaster Recovery (BC/DR) Policy
Data Center
View more

Endpoint Security

Disk Encryption
Endpoint Detection & Response
Mobile Device Management

Network Security

Firewall
Security Information and Event Management

Corporate Security

Email Protection
Employee Training
HR Security
View more

Policies

Cryptography and Encryption
Information Security Policy
Acceptable Use Policy
View more

Security Grades

We are constantly monitoring the security of our website. We will post our grades from public security rating agencies when they become available.

Incident Response

We have a dedicated team that responds to security incidents. We are happy to provide more details about our incident response practices upon request.

Risk Management

We have a dedicated team that manages security risks. We are happy to provide more details about our risk management practices upon request.

Asset Management

We have strict asset management policies in place to ensure that all assets are accounted for and secure.

BC/DR

We have a business continuity plan in place to ensure that we can continue to operate in the event of a disaster.

Training

We provide security awareness training to all employees to ensure that they are aware of security best practices.

Change Management

We have a change and configuration management process in place to ensure that changes are properly reviewed and approved.

Physical & Environment

We have physical and environmental controls in place to ensure that our data centers are secure and reliable.

Continuous Monitoring

We continuously monitor our systems for security threats and vulnerabilities. We are happy to provide more details about our continuous monitoring practices upon request.

Subprocessors

Built onSafeBase by Drata Logo