We only gather the data we need in order to provide services to you. We store and process this information at Zea and through secure third-party platforms like HubSpot and Stripe in full compliance with local regulations. Rest assured that you and your users are in good hands. We do not sell your data.

Zea leverages enterprise-grade authentication platforms, including Firebase Authentication, to ensure secure access. Our system seamlessly integrates with renowned solutions like Google and Microsoft accounts for enhanced security and privacy.

Password-Less

Zea also supports password-less authentication, providing an additional layer of convenience and security. Phishing attacks trick users into exposing their usernames and passwords to malicious parties who then use those credentials to gain access to your company’s private data and take control of your cloud resources.

By not using traditional username/password protocols, we significantly reduce the surface area for potential attacks.

Zea follows traditional enterprise-level software user access control models. Each user in Zea is assigned a role that determines the user’s capabilities within the platform. Access to data is managed via workspaces, allowing small or large organizations to manage teams working on different projects simultaneously.

Zea Identity and Access Management (ZIAM)

Empower your team with Zea Identity and Access Management (ZIAM). Assign distinct roles such as owner, admin, editor, and viewer, granting appropriate access levels to your organization’s resources. With ZIAM, you can centralize user management and define granular access controls based on roles.

You can be sure that what goes into the platform stays in the platform. The visualization data we generate from the CAD files is based on a proprietary binary file format that can only be viewed on Zea. This binary file format is very small, making it fast to load and extremely difficult to reverse engineer.

We have taken every measure to build a powerful and secure platform while also using third-party security firms to perform vulnerability assessments and penetration testing. Zea works with Vumetric to perform periodic third-party testing of this nature.

Data retention and backup happen securely. All cloud services, including databases, storage, and computing, are provided by and hosted on Google Cloud Platform (GCP). We run instances and backups in multiple zones and provide a service-level agreement to back it up.

We encrypt data at rest and in transit between your location and our instances on GCP, ensuring that it can only be accessed by authorized roles and services with audited access to the encryption keys.

At Zea, we prioritize the safety and integrity of your data. As part of our robust data management practices, we perform weekly backups. These backups serve as an essential safeguard against data loss or corruption. In the event of any unforeseen incidents or data-related issues, we can leverage these backups to restore your data at any point.

We collaborate with a world-class Google Cloud Platform hosting provider located in the United States. By leveraging the capabilities of GCP, implementing robust backup procedures, and incorporating redundancy into our services, we maintain a secure, fast, and resilient hosting environment. This approach safeguards your data, enhances reliability, and provides peace of mind, allowing you to focus on your core business operations.

Data stored on our infrastructure is automatically encrypted at rest and distributed for availability and reliability; 
this helps guard against unauthorized access and service interruptions. The former by accentuating protocols through different sites, and the latter by providing constant data backup in multiple locations.

Any application that runs on GCP infrastructure is deployed with security in mind. We don’t assume any trust between services, and we use the multiple mechanisms that Google makes available to us to establish and maintain trust. Our infrastructure was designed to be multi-tenant from the start.

Zea ensures secure connectivity between APIs and services through robust measures like Transport Layer Security (TLS) and short-lived JSON Web Tokens (JWTs). TLS guarantees encrypted communication, while the short lifespan of JWTs prevents their misuse by potential attackers. This approach enhances the overall security of M2M communication, safeguarding data integrity and preventing unauthorized access.

Zea ensures the highest level of security for your data by utilizing HTTPS and trusted certificates issued by a reputable Certificate Authority (CA); this enables secure connections, encrypting data transmitted between all parts of our infrastructure and assuring users that their information is protected from prying eyes at all times.