ZoomInfo most likely got your information from a combination of public web sources, data-sharing partners, and a program where other professionals unknowingly (or knowingly) share the contents of their work email with ZoomInfo in exchange for free access to the platform. You never had to sign up or consent directly. Here’s how each source works and what you can do about it.
Public Web Scraping
ZoomInfo uses automated machine learning to scan over 28 million website domains every day, pulling business-related information from sources that are already publicly available. This includes corporate websites, press releases, news articles, SEC filings, job postings, and other pages that mention people by name alongside their employer, job title, industry, or location.
If your name appears on your company’s “About Us” page, in a press release, on a conference speaker list, or in a regulatory filing, ZoomInfo’s crawlers have almost certainly picked it up. The same applies to professional profiles, published articles, or any page where your name sits next to a company name and title. This is the most common way ZoomInfo builds the skeleton of a contact profile: name, company, role, and sometimes location.
The Community Edition Email-Sharing Program
This is the source that surprises most people. ZoomInfo offers a free tier called Community Edition (also referred to as ZoomInfo Lite) with over 200,000 users. In exchange for limited free access to ZoomInfo’s database, these users install an application that scans their work email and extracts business contact details from email headers, signature blocks, and contact lists.
The data pulled is the kind of information you’d find on a business card: name, company, job title, email address, and phone number. Only business email accounts can be used to sign up, so the program is designed to capture professional contact data rather than personal information. But the practical result is that if you’ve ever emailed someone who later signed up for Community Edition, your name, title, email address, and phone number from your email signature may have been fed into ZoomInfo’s database without your knowledge.
This is often how ZoomInfo ends up with your direct work phone number or a specific email address that isn’t published anywhere online. Someone you corresponded with shared it, probably without thinking much about it.
Third-Party Data Partners
ZoomInfo also buys or licenses data from a network of partner companies that collect business information independently. These partners provide data points like company revenue, employee counts, technology usage, funding rounds, and additional contact details that ZoomInfo layers on top of what it already has. The company describes these as “generally available information” from a “trustworthy network of partners,” but it doesn’t publicly name the specific vendors.
This is a standard practice in the B2B data industry. Multiple data brokers collect overlapping sets of business contact information, and they regularly trade or sell to one another. Your information may have entered ZoomInfo’s database through one of these intermediaries even if none of ZoomInfo’s own crawlers or Community Edition users ever encountered your details directly.
In-House Research Teams
ZoomInfo employs a human research team that manually verifies and expands its database. These researchers check whether automated data is accurate, fill in gaps for high-value contacts, and dig up additional company details like funding history and conference attendance. If you hold a senior role or work at a company that’s actively being prospected by ZoomInfo’s customers, there’s a higher chance a human researcher has reviewed or enriched your profile.
Why This Is Legal
ZoomInfo operates primarily under the theory that business contact information, such as your work email, job title, and office phone number, is not the same as sensitive personal data. In the United States, there is no federal law that broadly prohibits companies from collecting and selling business contact details without your consent.
For individuals in the European Economic Area, the UK, or Switzerland, ZoomInfo says it complies with GDPR by processing personal data under “legitimate interest,” a legal basis that allows data processing without explicit consent when the company’s interest in using the data is balanced against the individual’s privacy rights. ZoomInfo also says it provides notice to data subjects as required under GDPR and honors rights like the right to be forgotten.
In the U.S., state-level privacy laws in a growing number of states give residents the right to request deletion of their personal information from data brokers, and ZoomInfo generally honors these requests regardless of where you live.
How to Remove Your Information
ZoomInfo provides an online removal tool at its privacy request page. The process works in three steps:
- Find your profile. Go to ZoomInfo’s removal page and enter the email address most likely associated with your profile (typically your work email).
- Submit a removal request. Once your profile is located, submit the request to have it deleted.
- Wait for confirmation. ZoomInfo sends a notification that your request is being processed.
Keep in mind that removal is not always permanent. Because ZoomInfo continuously re-scans public sources and receives new data from Community Edition users and partners, your information can reappear after you’ve removed it. If your name and title are still on your company’s website or in someone’s email signature block, ZoomInfo’s systems may rebuild your profile over time. Some people find they need to submit removal requests periodically. Removing your information from public-facing company pages and asking colleagues to update old email signatures that contain your direct number can reduce the chances of your profile being recreated.