Information Security Policy and Measures

Updated October 20th, 2024

Zoom Analytics Ltd. (The Company), also known as Zoom Engage, gives utmost importance to the security and privacy of itself and of its customers.

In order to comply with the provisions of the Privacy Protection Law and to provide its customers with reliable and safe service, Zoom Analytics Ltd. maintains an information security management system that meets the ISO 27001:2013 information security management requirements.

Accordingly, Zoom Analytics Ltd. is committed to:

  • To comply with the provisions of Israel's Protection of Privacy Law 1981 and any other designated law and regulation, as well as to regularly update these.

  • Do the best to prevent the possibility of embezzlement or fraud by the employees of the company or any entity that has business relations with the company.

  • Maintain the confidentiality, completeness and availability of the information stored in its possession.

  • To take all appropriate measures to secure and protect the information of it and its customers from unauthorized access from within the company and from outside of it.

  • To conduct a process of improving and advancing the information security management system.

  • Raise the awareness of employees to information security aspects at all times.

  • To create an infrastructure for business continuity in the event of an exceptional event or any failure that will prevent the company’s ongoing activity and provide quality and reliable service to customers and members.

 Zoom Analytics uses the following measures to assure adequate level of security and privacy:

  • GDPR Compliant

  • ISO 27001:2013 certificated (certificate can be found here)

  • Undergoes an external Penetration Test (PT) at least once a year

  • As part of the compliance with ISO 27001:2013 the company undergoes a yearly external security audit

  • Uses a WAF and DDoS protection service to protect all calls to it servers

  • Uses 2FA to access all important systems

  • All communication between customer’s website and company’s servers is done in a secured manner (HTTPS) when supported by the customer’s website.

  • Endpoints are protected with Antivirus, Firewall and DLP (Data Loss Prevention)

  • All employees are bound by contract to protect the security and privacy of the company and of its customers

  • All sub-contractors of the company are bound by an NDA to protect the company’s data and the data of the company’s customers.

  • Secure Software Development process is applied
  • All employees receive security training on a regular basis.