Enter your details below to secure your spot in Zalow.
Our Security Center details the security and privacy best practices that support Zalow's commitment to a secure, reliable, and compliant marketplace. Please contact us at legal@zalow.com with any questions.
Information security management system (ISMS)
Our Information Security Management System (ISMS) defines the overall security functions at Zalow. Our ISMS outlines the roles and responsibilities of all our employees to help protect the confidentiality, integrity, and availability of the platform. Information Security & Privacy training is an essential element for all Zalow team members.
We design controls and maintain our platform to optimize for security, availability, and performance. We utilize security by design principles to ensure controls are baked into our platform and that we utilize all appropriate infrastructure and programmatic controls.
Zalow’s Bug Bounty Program invites researchers to test Zalow’s platform to ensure our customers are using a secure platform that's tested by the security community.
If you believe you’ve discovered a potential security vulnerability on Zalow, please email us at security@zalow.com while following the Guidelines for Responsible Disclosure.
Data encryption
To help protect from attacks, eavesdropping, and session hijacking, we encrypt all data in transit using Hypertext Transfer Protocol Secure (HTTPS) and enforce HTTP Strict Transport Security (HSTS).
We use various internal and external systems and solutions to protect users against malicious behavior. Messages and attachments are scanned for viruses and other malware prior to you downloading them.
Enter into an agreement concerning confidentiality and intellectual property rights that works for you and your talent, or use our Optional Service Contract Terms, or tweak them to your needs, so the rights transfer at the time of payment.
GDPR
Our legal and information security teams have carefully analyzed the General Data Protection Regulation (GDPR) and have undertaken the necessary steps to ensure compliance.
CCPA
We are compliant with the California Consumer Privacy Act (CCPA), the most stringent data privacy law in the United States.
We have voluntarily implemented a robust Anti-Money Laundering Program and have a highly trained team dedicated to preventing illicit use. We also use Stripe, Inc. for all financial transactions and identity verification, and utilize their systems and solutions to enhance our AML capabilities.
Built on a foundation of trust, community, and innovation, we empower freelancers and organizations alike to thrive in a rapidly shifting threatscape where agility wins.
