Security & Data Privacy at ZE Portal

Security & Privacy at ZE Portal

At ZE Portal, we believe your data should stay where it belongs: under your control. Our architecture is designed with a privacy-first approach, ensuring that we act as a secure gateway rather than a data silo.

This article outlines how we handle data, where it is hosted, and how we leverage industry-leading infrastructure to keep your information safe.

Idea
The Three Pillars of ZE Portal

To understand our security model, it’s helpful to see how the platform is divided:

  1. The End-User Application: The portal your clients interact with at zeportal.com.

  2. The Subscriber Application: The widgets and settings you interact with inside your Zoho CRM.

  3. Zoho CRM Records: The actual records (Portals, Items, etc.) stored within your own Zoho environment.

Info
Data Residency & Hosting

We use Cloudflare to host both the end-user and subscriber applications. To ensure speed and security, your requests are routed to the closest global server (e.g., if you are in London, you are served by a London-based server).

What We Store

We collect and retain only the minimal data necessary to provide our service:

  • Subscriber Data: This includes the configuration settings you choose within the Zoho CRM widget (e.g., your portal branding or functional settings).

  • Logs: We maintain activity logs for 30 days to assist with troubleshooting and security monitoring. These logs include request URLs, timestamps, and the associated Zoho CRM Organization ID.

What We NEVER Store

We do not store any end-user (your client) data on ZE Portal servers. When your clients answer questions or upload documents, that data is transmitted via secure API directly to your Zoho CRM and Zoho Workdrive accounts. It never touches our persistent storage.

Info
Secure Integration via oAuth

ZE Portal connects to your Zoho environment using oAuth, the industry standard for secure authorization.

  • Authorization: You initiate the connection, granting ZE Portal a refresh token and an access token.

  • Data Fetching: We use these tokens to fetch specific records from your Zoho CRM to display them to your users.

  • Direct Uploads: Any documents provided by your clients are uploaded directly to your Zoho Workdrive.

  • Communications: All emails are sent directly through your Zoho CRM account, maintaining your domain's reputation and security.

Info
Accreditations & Infrastructure

Because ZE Portal is designed to be "pass-through" software, we rely on the world-class security accreditations of our infrastructure partners:

  • Zoho CRM & Workdrive: For data storage and record management.

  • Cloudflare: For application hosting and DDoS protection.

By keeping your data within the Zoho ecosystem, you benefit from their extensive security audits and compliance certifications (such as SOC 2 and ISO 27001) while using ZE Portal to enhance your workflow.

Info
HIPAA Compliance

While ZE Portal is a UK-based company, we understand the requirements of US healthcare providers. Our "zero-retention" architecture is designed to support HIPAA-compliant workflows by ensuring ePHI is never stored on our servers, but rather transmitted directly to your secured Zoho environment.

However, due to the significant administration and documentation required for HIPAA Compliance (including the execution of Business Associate Agreements, tailored setup, and installation support to ensure correct API permissions), we recommend contacting us for a custom quote. We can help ensure your ZE Portal installation is truly HIPAA-compliant and fully functional within the restricted conditions of HIPAA-protected Zoho CRM and Zoho Workdrive accounts.

NotesSummary: We provide the interface; you keep the data. Your client information remains in your Zoho account, protected by Zoho’s enterprise-grade security.

    • Related Articles

    • Create Portal Script

      You may wish to create a Workflow Rule or run code in the After section of a Blueprint transition that creates a Client Portal Record (with all the Client Portal Items from your chosen Template). The below script will use a ZE Portal built-in ...

    • Create Additional Portal Item

      You may wish to create a Workflow Rule or run code in the After section of a Blueprint transition that automatically creates a Client Portal Item (and links it to an existing Client Portal). For example, you can use this when you receive a form ...

    • How to Setup Zoho Prefilled Forms in ZE Portal

      Integrating Zoho Prefilled Forms with Zoho CRM and ZE Portal Step 1 - Create a form Using Zoho Forms you can create a new form from scratch or choose from the available templates. Go to: https://forms.zoho.com and start building your form. See also: ...

    • How to Subscribe to ZE Portal

      Visit our About Page and use the button at the bottom of the page to sign up for a subscription Be sure to enter your Zoho CRM "Org ID" correctly when signing up. Your Org ID is shown in the URL bar when you are on any page within Zoho CRM. For ...

    • Understanding Automated Portal Reminders and Statuses

      Understanding Automated Portal Reminders and Portal Statuses The portal is designed to automatically "chase" end-users via email to ensure your requests are completed quickly. Here is a breakdown of when those emails are triggered and how you can ...