BBAA Atlas

Does Zapier offer EU data residency?

Zapier, Inc. · Workflow Automation · official site ↗

No EU data residencyEU-US DPF + SCCsDPA available
Where does Zapier store EU data — and who can touch it?
Zapier does not offer EU data residency — data is hosted outside the EEA, and relies on the EU-US Data Privacy Framework plus SCCs for transfers.
Zapier hosts data on AWS in the United States and explicitly does not support EU-only storage, but it certifies to the EU-US, UK and Swiss Data Privacy Frameworks with SCCs as fallback, and its DPA is pre-signed and self-serve.

EU data residency

Can you keep data in the EU?
Zapier states it hosts data in AWS servers located in the United States and that EU-only storage 'is not an option Zapier supports'. There is no EU data-at-rest residency configuration on any plan.
Transfer mechanism
Zapier is certified under the EU-US Data Privacy Framework, the UK Extension and the Swiss-US DPF, using DPF as the primary transfer mechanism with the SCCs (controller-to-processor, processor-to-processor and UK addendum) as fallback.

Sub-processors

Who else processes your data?
Zapier publishes a sub-processor list (~30 entries across categories, including AWS, Google, Microsoft, OpenAI and Anthropic). Its DPA provides 14 days' advance written notice of new sub-processors. current sub-processor list ↗

Data Processing Agreement (DPA)

Does Zapier sign a DPA?
Zapier's DPA is pre-signed and incorporated by reference into the Terms of Service — no separate copy needs signing — and a standalone signed copy is available via e-signature. DPA ↗
What the trust-badge pages don't tell you
Because Zapier orchestrates data across the apps you connect, the bigger exposure is its ~30 sub-processors and US-only hosting, not the DPA. If EU data-at-rest is mandatory, Zapier cannot satisfy it on any plan.
Last checked 2026-06-02confidence: high · GDPR terms, residency regions and sub-processors change — confirm current terms with Zapier, Inc. and run your own transfer impact assessment. This is not legal advice.
$249/moto monitor up to 25 vendors' DPA & residency
$3,000/yr, incl. cited bulk export

Monitor your whole vendor list for DPA & residency changes

The free lookup answers one vendor at a time. Teams running EU vendor intake track dozens and need to know the moment a sub-processor, residency region or DPA term changes. Leave your work email and we'll set up monitoring + a cited export for your list.

We'll reply to set up your vendor list and confirm pricing. No card, no checkout here.

Get notified when this changes

Compliance isn't one-and-done. Leave your email and we'll alert you when any vendor's BAA or HIPAA status we cover changes.

One email per change. No newsletter, no selling your address.

Frequently asked questions

Does Zapier offer EU data residency?
No. Zapier states it hosts data in AWS servers located in the United States and that EU-only storage 'is not an option Zapier supports'. There is no EU data-at-rest residency configuration on any plan.
Where does Zapier send my data, and does it rely on SCCs?
Zapier is certified under the EU-US Data Privacy Framework, the UK Extension and the Swiss-US DPF, using DPF as the primary transfer mechanism with the SCCs (controller-to-processor, processor-to-processor and UK addendum) as fallback.
Who are Zapier's sub-processors?
Zapier publishes a sub-processor list (~30 entries across categories, including AWS, Google, Microsoft, OpenAI and Anthropic). Its DPA provides 14 days' advance written notice of new sub-processors. See the current list at https://zapier.com/legal/subprocessors.
Does Zapier sign a GDPR Data Processing Agreement (DPA)?
Yes — Zapier's DPA is pre-signed and incorporated by reference into the Terms of Service — no separate copy needs signing — and a standalone signed copy is available via e-signature.
Is Zapier GDPR compliant?
Zapier can be used in a GDPR-compliant way, but compliance depends on your configuration, not just the vendor: Zapier hosts data on AWS in the United States and explicitly does not support EU-only storage, but it certifies to the EU-US, UK and Swiss Data Privacy Frameworks with SCCs as fallback, and its DPA is pre-signed and self-serve. You are the controller — confirm the current DPA, residency and sub-processor terms with Zapier, Inc. and run a transfer impact assessment before processing EU personal data. This is not legal advice.

Sources

Zapier — Data Privacy
https://zapier.com/legal/data-privacy
Supports: US (AWS) hosting; EU-only storage not supported; DPF certificationdated: 2026-06-02
Zapier — Data Processing Addendum
https://zapier.com/legal/data-processing-addendum
Supports: Pre-signed self-serve DPA; DPF primary with SCCs fallbackdated: 2026-06-02
Zapier — Sub-processors
https://zapier.com/legal/subprocessors
Supports: Public sub-processor list; 14 days' advance change noticedated: 2026-06-02
This page is cited public information, not legal or compliance advice. Whether Zapier can lawfully process your EU personal data depends on your plan, configured region, contract and a transfer impact assessment you control. Always confirm current terms with Zapier, Inc. before sending EU personal data.

Check another vendor

AirtableEU residency on higher tiersAmplitudeEU data residency availableAsanaEU residency on higher tiersAtlassian (Jira & Confluence)EU data residency availableBoxEU residency on higher tiersCalendlyNo EU data residency

Browse all 25 vendors →