Zoho Corporation Pvt Ltd.

India

We retain your personal information for as long as it is required for the purposes stated in this Privacy Policy. Sometimes, we may retain your information for longer periods as permitted or required by law, such as to maintain suppression lists, prevent abuse, if required in connection with a legal claim or proceeding, to enforce our agreements, for tax, accounting, or to comply with other legal obligations. When we no longer have a legitimate need to process your information, we will delete or anonymize your information from our active databases. We will also securely store the information and isolate it from further processing on backup discs until deletion is possible.

We hold the data in your account as long as you choose to use Zoho Services. Once you terminate your Zoho user account, your data will get deleted from the active database during the next clean-up that occurs once every 6 months. The data deleted from the active database will be deleted from backups after 3 months. In case of your unpaid account being inactive for a continuous period of 120 days, we reserve the right to terminate it after giving you prior notice and option to back-up your data. A verified and authorized vendor carries out the disposal of unusable devices. Until such time, we categorize and store them in a secure location. Any information contained inside the devices is formatted before disposal. We degauss failed hard drives and then physically destroy them using a shredder. We crypto-erase and shred failed Solid State Devices (SSDs). You may also contact us at privacy@zohocorp.com to request that we remove your information from our database.

We host your data in best-in-class datacenters across the globe. When you sign up for Zoho, you are given the option to choose the country from which you're signing up from. In order to make it easier for you, that field is selected by default based on your IP address. Based on the country chosen there, the corresponding datacenter is chosen for your account. Listed below are the locations we service and their associated datacenter. US, India, Australia, Europe, China, Japan. We encrypt customer data both in transit and at rest. Data at rest is encrypted using industry-standard AES-256. All customer data is encrypted in transit over public networks using Transport Layer Security (TLS) 1.2/1.3 with Perfect Forward Secrecy (PFS) to protect it from unauthorized disclosure or modification. Access to your data is restricted to a small number of employees on a need-to-know basis in order to provide you technical support. This access is reviewed periodically.

yes

no

Closing your Zoho account will result in of all of your data being permanently deleted. If you're an organization user, you have to contact your organization admin to close your Zoho account. If you are an organization admin: Sign in to your Zoho account at accounts.zoho.com. Click Settings in the left menu, then scroll down to the Close Account section. Click Close Organization. You will be redirected to the Zoho Mail control panel. Note: If you don't have a Zoho Mail account already, you will be asked to create one. Enter the name of your organization, then click Create. Delete your organization from the control panel. To delete your organization, the following steps should be done before: Remove all the users from your organization. Delete all the domains in your organization. Cancel the trial/subscription if you are a part of bundles such as Zoho One, Zoho Directory, Workplace, or PeoplePlus. After deleting the organization, return to Zoho Accounts. Click Settings in the left menu, then scroll down to the Close Account section. Click Close Account. Enter your password if prompted. Select a reason for closing your account, then click Close Account.

yes

Okta, OneLogin, Auth0 etc..

yes

yes

security@zohocorp.com

yes

no

yes

no

no