Sub-Processors
Last updated on June 14, 2023
Introduction
On this page, we maintain a current list of Sub-Processors authorized to process Customer Data (which may include Personal Data) for Zscaler services and products (the “Products”).
Zscaler performs due diligence of the security and privacy practices of its Sub-Processors to ensure Sub-Processors provide a level of security and privacy appropriate to their access to Customer Data (which may include Personal Data) and the scope of the services they are engaged to provide. In addition, Zscaler requires its Sub-Processors to commit to written obligations regarding their security controls and protection of Personal Data.
Sub-Processor List
Sub-Processor Name
Service(s) Provided
Location
Hosting Providers
Sub-processor(s) engaged for IaaS.
Hosting for certain features of Zscaler Private Access (ZPA), Zscaler Internet Access (ZIA), and Zscaler Workload Segmentation (ZWS)
Hosted globally
Hosting for certain features of Zscaler Private Access (ZPA), Zscaler Internet Access (ZIA), and Zscaler Digital Experience (ZDX)
Hosted globally
Hosting for certain features of cloud infrastructure entitlement management (CIEM) and IoT Discovery Report
United States
Hosting for certain features of Zscaler Posture Control (ZPC)
Hosted globally
Optional Hosting Provider
Sub-processor(s) engaged for IaaS.
Hosting for certain features of Zscaler Products to support Customer Users in China
China
Support Services Providers
Sub-processor(s) engaged to provide Customer Support Services.
Augmenting Zscaler Support Services for GovCloud Customers, including responding to support tickets
United States
Augmenting Zscaler Support Services, including responding to support tickets
Bulgaria and India
Augmenting Zscaler Support Services, including responding to support tickets
India
Augmenting Zscaler Support Services for Customers who require Japanese language capabilities, including responding to support tickets
Japan
Customer support platform
United States
Zscaler Affiliates
To provide the Products, including Support Services, order processing, etc.
United States, India, Brazil, Australia, Canada, Japan, Israel, Costa Rica, UK, Spain, Sweden, Austria, Germany, France, Switzerland
Support Services Providers' Access to Data
Please note that in order for Zscaler or its Sub-Processor(s) to respond to a Customer support ticket, the Customer must (1) submit a support ticket and (2) authorize Zscaler and/or its Sub-Processor(s) to access the Customer’s Personal Data.
Requesting More Information About a Sub-Processor
Please email [email protected] to request additional information regarding the services a Sub-Processor provides to Zscaler and such Sub-Processor’s security controls, including any available third-party security reports or certifications.
Changes to Sub-Processor List
Customers can register at the Zscaler Trust Portal to receive notices regarding any changes or additions to this Sub-Processor List. Customers can object to a new Sub-Processor on reasonable grounds relating to the protection of Personal Data and by following the instructions provided in such notice.
Transfer Impact Assessment
As a global cloud service provider, Zscaler is committed to enabling Customers to use all Zscaler Products in compliance with data protection regulations, which includes continuous evaluation of jurisdictions to which Personal Data might be transferred. For additional information, please see the Zscaler Transfer Impact Assessment page.