Building Trust Through Data Privacy at Apollo

81% of U.S. adults say they’re concerned about how companies use the data they collect about them, according to a Pew Research study. And only half of the respondents from a Deloitte data privacy survey feel that the benefits they get from online services outweigh their data privacy concerns.

It’s clear that following data privacy regulations and securing customer information is no longer enough to curb growing concerns. Customers want to know exactly how their data is used — and they expect to stay in control of that use at all times.

Why privacy matters to Apollo

Apollo understands this rising expectation for transparency and trust. As a data-driven company and a registered data broker, we collect information to help our customers find prospects, engage decision-makers, and grow efficiently. We recognize that this responsibility comes with a clear duty: to handle data transparently and in full compliance with applicable privacy laws and best practices.

Without strong privacy practices, information can be misused. It's about keeping people's information safe, being clear about how we use it, and giving you choices.

That’s why we’re sharing exactly how we’re putting privacy and user control at the center of our data practices. Our goal is to provide you with clear information and transparency at every step, so you can deliver that same level of trust and openness to your own customers.

"Every day, I work closely with our teams to ensure that our privacy practices not only meet evolving global regulations but also anticipate the needs of our customers. They count on us to help them navigate a complex data landscape — and to keep strengthening that foundation as we expand our capabilities around the world. Our commitment is to scale responsibly, so customers can trust that privacy remains central to everything we build."
— Alexa Summer, General Counsel at Apollo

Certifications and audits

We demonstrate our privacy and security leadership through these recognized certifications and regular audits:

• ISO 27001: Apollo is certified to the ISO/IEC 27001 standard, which specifies requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS). This demonstrates our structured approach to managing and protecting sensitive information.
  
  
• SOC 2: Apollo’s controls for security, availability, and confidentiality have been independently audited under the SOC 2 framework, providing assurance that our internal processes meet strict industry standards for protecting customer data.
  
  
• GDPR: Apollo complies with the European Union’s (EU) and the United Kingdom’s (UK) General Data Protection Regulation (GDPR) requirements, which means we have measures in place to support lawful data collection, provide notice and transparency, and enable individuals to exercise their data rights within the EU or the UK.
  
  
• EU-US Data Privacy Framework: In addition to relying on standard contractual clauses for international data transfers from the European Economic Area like many US-based companies, Apollo goes a step further by complying with the EU-US Data Privacy Framework (EU-US DPF), the UK Extension to the EU-US DPF, and the Swiss-US Data Privacy Framework as set forth by the US Department of Commerce.
  
  
• CCPA and CPRA compliance: Apollo also complies with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), which provide California residents the right to know what data we collect, request access or deletion, and opt out of certain data uses.

In addition, Apollo is also a registered data broker in the state of California and in all other US states that require data broker registration, which means that Apollo is committed to handling personal information in the most transparent, accountable, and data subject-friendly way. To that end, we also conduct regular internal and external audits on access control, information security, and systems infrastructure.

Additionally, we’ve recently completed the Cloud Application Security Assessment (CASA) Tier 2 audit, which is an industry standard for verifying that cloud service providers meet stringent security, privacy, and risk management controls.

"Apollo’s Privacy Legal team has built a best-in-class privacy program that not only meets compliance requirements but also serves as a competitive advantage for Apollo. We don’t just rest at being CCPA and GDPR compliant; we partner every day with Apollo’s Engineering and Product teams to bake privacy into product design, train Apollo’s employees, and constantly pressure-test our systems to stay ahead of risks and comply with ever-changing privacy regulations. I’m proud of the work we’ve done and continue to do."
—Conway Ekpo, Head of Product Legal & Privacy Legal at Apollo

How Apollo uses data

How we collect, enrich, and maintain data is critical to our compliance posture. In applicable jurisdictions, when we collect data, we provide notice of the purposes for which we collect and enrich that data, our legal basis for doing so, and how long the data is retained.

Our Privacy Policy explains these details, along with how people can exercise their rights under relevant privacy laws. For example, Apollo may use collected data to help customers identify potential business prospects, source candidates for recruitment, or improve marketing and sales processes — always within the bounds of legal requirements and industry standards.

Apollo uses artificial intelligence (AI) and machine learning technologies to enhance our platform and features, including automated email personalization, insight generation, lead scoring, agentic workflows, and other sales and marketing functionalities. Our Privacy Policy and AI Policy provide details about our AI practices and how people can exercise their rights with respect to AI.

Data subject empowerment and opt-out tools

We also comply with opt-out requests and other privacy rights under laws such as the GDPR, CCPA, and CPRA. You can easily submit requests through our Privacy Center or by contacting our privacy team directly at privacy@apollo.io.

The self-service tools through our Privacy Center allow you to:

• Opt out of Apollo’s database
• Request a copy of your personal data
• Request the deletion of your data
• Make other privacy-related inquiries

These tools are designed to help you exercise your rights quickly and without needing to navigate complex support channels.

Our commitment to continuous improvement

Apollo’s approach to privacy is not static. As privacy regulations evolve globally, we continue to invest in the policies, technologies, and people needed to stay ahead of requirements and customer expectations. Our Privacy and Security teams work together to monitor legal developments and update our practices accordingly.

"Privacy is not a one-time project for us, it’s an ongoing promise. We’re committed to raising the bar every year so our customers know their data is handled with care and integrity."
— Briana Jimenez, Privacy & Compliance Counsel at Apollo

We know that trust is earned, not given. Our commitment is to maintain strong privacy and security safeguards, to operate transparently, and to keep improving how we protect the data entrusted to us.

For more information about Apollo’s privacy practices and certifications, or to access our policies, please see our Privacy Center.