The policy states that users, particularly those in the EU, UK, and California, have rights to access, delete, correct, or restrict processing of their personal data, which they can exercise through Atlassian's privacy request mechanism.
This analysis describes what Loom's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
These rights give you a concrete way to find out what data Loom holds about you, ask for it to be deleted, or stop certain types of processing, but the practical availability of these rights depends on your location and whether you are accessing Loom as an individual or through an employer.
Interpretive note: The specific mechanism and scope of rights request procedures could not be confirmed from the truncated document HTML; this provision reflects Atlassian's publicly known rights framework as applicable to Loom users.
EU, UK, and California users have legally backed rights to request access to or deletion of personal data held through Loom and other Atlassian products; exercising these rights is possible through Atlassian's privacy portal, though enterprise users may need to go through their employer as data controller first.
How other platforms handle this
Depending on where you live, you may have certain rights regarding your personal information, such as the right to access, correct, delete, or transfer your personal information, to object to or restrict certain processing of your data, or to withdraw consent for processing where you've previously p...
Depending on your location, you may have certain rights regarding your Personal Information, including the right to access, correct, or delete your Personal Information, the right to data portability, the right to opt out of certain data processing, and the right to not be discriminated against for ...
Depending on your location, you may have certain rights with respect to your personal data, including the right to access, correct, delete, or port your data. You may also have the right to object to or restrict certain processing. To exercise these rights, please contact us through our privacy requ...
Monitoring
Loom has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
1) REGULATORY LANDSCAPE: GDPR Articles 15-21 establish rights of access, rectification, erasure, restriction, portability, and objection. CCPA/CPRA provides California residents with rights to know, delete, correct, and opt out of sale or sharing of personal information. UK GDPR mirrors GDPR rights for UK residents. Atlassian as controller must respond to individual rights requests within 30 days under GDPR (extendable to 90 days) and 45 days under CCPA. 2) GOVERNANCE EXPOSURE: Medium. The volume of data subject rights requests may increase as Loom's user base grows within Atlassian's ecosystem. Compliance teams should ensure that rights request workflows cover Loom-specific data categories including video recordings, transcripts, and viewer analytics, which may require coordination with Loom's data infrastructure teams. 3) JURISDICTION FLAGS: EU/EEA users have the strongest enforceable rights framework. California CPRA enhanced deletion and correction rights took effect January 1, 2023. Brazilian LGPD, Australia's Privacy Act, and Canadian PIPEDA also establish rights frameworks relevant to Atlassian's global user base. Where Atlassian acts as processor, rights requests from enterprise users must be handled in coordination with the enterprise customer as controller. 4) CONTRACT AND VENDOR IMPLICATIONS: Enterprise DPAs should specify Atlassian's obligations to assist the data controller in responding to data subject rights requests, including technical measures for data extraction, deletion, and restriction. Response timeline commitments in the DPA should be compared against applicable statutory deadlines to ensure compliance. 5) COMPLIANCE CONSIDERATIONS: Organizations should ensure their privacy notice and internal procedures adequately explain how employee Loom data rights requests are routed and handled. Automated tools for data subject rights management should be confirmed to cover Loom data categories. Retention schedules for Loom video and transcript data should be documented and defensible in response to erasure requests.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
These rights give you a concrete way to find out what data Loom holds about you, ask for it to be deleted, or stop certain types of processing, but the practical availability of these rights depends on your location and whether you are accessing Loom as an individual or through an employer.
EU, UK, and California users have legally backed rights to request access to or deletion of personal data held through Loom and other Atlassian products; exercising these rights is possible through Atlassian's privacy portal, though enterprise users may need to go through their employer as data controller first.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Loom.