If you use Zoom through your employer, school, or another organization, that organization's account administrator controls key privacy settings on your behalf, including recording and AI feature settings. Your privacy questions may need to go to that administrator rather than directly to Zoom.
This analysis describes what Zoom's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision allocates data governance responsibility to the organizational administrator rather than individual users, creating a delegation structure where administrative controls supersede individual user settings for organizational accounts. This operational model requires users to work through institutional channels for privacy-related requests.
If you use Zoom through an employer or institution, that organization's administrator determines many of the privacy settings that affect you, including whether meetings are recorded and whether AI features are active. Your ability to exercise privacy rights may depend on your organization's administrator responding to your requests.
How other platforms handle this
Federal law governs our use of certain information we obtain because you are our customer. The information is called Customer Proprietary Network Information (CPNI) and includes things like the quantity, technical configuration, destination, and amount you are charged for network services. We may us...
If you use Notion as part of a workspace created by an organization (such as your employer), the administrator of that workspace may have the ability to access, monitor, use, or disclose data available to you in that workspace. Please refer to your organization's policies for information about how t...
By setting your pages and repositories to be viewed publicly, you agree to allow others to view and fork your repositories within the GitHub Service. By setting your repositories to be viewed publicly, you agree to allow GitHub to display your User Content in ways to enable users to view, fork, and ...
Monitoring
Zoom has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"Account owners and administrators have the ability to manage certain settings and features on behalf of users in their accounts, including settings related to data collection, recording, and AI features. Users who are part of an organization's Zoom account should direct privacy inquiries to their account administrator.— Excerpt from Zoom's Zoom Privacy Statement
REGULATORY LANDSCAPE: This provision engages GDPR's controller/processor framework, where the account-holding organization may be the data controller and Zoom the processor for certain processing activities. The allocation of privacy controls to administrators rather than individual users may create tension with GDPR's requirement that data subjects be able to exercise rights against the controller. CCPA similarly requires that rights requests be honored by the business collecting data. GOVERNANCE EXPOSURE: High. Organizations acting as account administrators are effectively acting as data controllers for their users' Zoom data. This creates compliance obligations for those organizations, including the obligation to respond to data subject rights requests and to configure Zoom settings in accordance with their privacy commitments to users. JURISDICTION FLAGS: EU and UK organizations have heightened exposure as controllers under GDPR. California employers using Zoom for employee meetings should assess CCPA obligations for employee data. CONTRACT AND VENDOR IMPLICATIONS: Organizations should review their Zoom Data Processing Agreements to confirm the allocation of controller/processor responsibilities. HR and legal teams should understand that configuring Zoom administrator settings is a privacy governance decision with regulatory implications. COMPLIANCE CONSIDERATIONS: Organizations should establish internal processes for employees or users to submit privacy requests that are then actioned through Zoom's administrator tools. Privacy training for IT and HR teams responsible for Zoom administration is advisable to ensure settings reflect the organization's data governance commitments.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Buried in Robinhood's customer agreement is broad authority to close your positions, suspend your account, and force arbitration. Here is what it actually says.
Stripe's terms authorize fund reserves, payout withholding, and account termination. Here is what the agreement states and what business owners should review.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision allocates data governance responsibility to the organizational administrator rather than individual users, creating a delegation structure where administrative controls supersede individual user settings for organizational accounts. This operational model requires users to work through institutional channels for privacy-related requests.
If you use Zoom through an employer or institution, that organization's administrator determines many of the privacy settings that affect you, including whether meetings are recorded and whether AI features are active. Your ability to exercise privacy rights may depend on your organization's administrator responding to your requests.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Zoom.