The statement discloses that Zoom collects audio recordings, video, chat messages, transcripts, whiteboard content, and other material generated during meetings, calls, and webinars. This collection applies regardless of whether recording or transcription features are explicitly activated by the user.
This analysis describes what Zoom's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision establishes that Zoom's data collection scope includes the substantive content of communications, not only metadata or usage signals. For enterprise accounts processing confidential business discussions, legal communications, or healthcare-related conversations, this collection scope is relevant to data classification and retention assessments.
Expanded scope to explicitly include Team Chat, Zoom Phone calls, and additional features (translation, whiteboard, closed captions) beyond the original list.
View full change record →The agreement establishes that audio, video, chat, and transcript data generated during Zoom sessions may be collected and processed by Zoom. Users who enable features such as AI Companion summaries or transcription authorize additional processing of this content as described in the AI provisions.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If we collect health information from these integrations (such as heart rate), we will not sell or use it for advertising or other similar purposes; we do not disclose it to third parties without your prior consent; and we will only use it for the specific purposes described in this Policy.
We collect your personal data when you use our Services, create a new eBay account, provide us with information via a web form, add or update information in your eBay account, participate in online community discussions or otherwise interact with us.
Monitoring
Zoom has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We collect information associated with your use of our Products, including: Audio, video, and other content you share or generate during meetings, webinars, messaging, Team Chat, Zoom Phone calls, and other Zoom services, including when you use features like transcription, translation, whiteboard, or closed captions.— Excerpt from Zoom's Zoom Privacy Statement
1. REGULATORY LANDSCAPE: Collection of meeting content including audio and video recordings engages GDPR Article 5 data minimization and purpose limitation principles for EEA users, as well as UK GDPR equivalents. In healthcare contexts where meeting content includes protected health information, HIPAA applies and a Business Associate Agreement is required. The FTC Act's prohibition on unfair or deceptive practices is relevant to the adequacy of disclosure regarding what content is collected. 2. GOVERNANCE EXPOSURE: High. The collection of substantive communication content, including audio, video, and transcripts, creates material compliance exposure for enterprises in regulated industries such as legal, healthcare, financial services, and government. The scope of this collection may require organizations to update data inventories and assess whether existing retention and deletion policies account for Zoom-held communication records. 3. JURISDICTION FLAGS: EU and EEA users have GDPR rights to access and deletion of collected content. California residents have CCPA rights to know what categories of personal information are collected. In healthcare deployments in the US, the absence of a signed BAA before deploying Zoom for PHI-containing meetings creates HIPAA exposure. Illinois BIPA may be engaged if biometric data is derived from video content. 4. CONTRACT AND VENDOR IMPLICATIONS: Enterprise procurement teams should verify that data processing agreements with Zoom address meeting content retention periods, deletion procedures, and restrictions on secondary use. Organizations should assess whether their own internal data retention policies are consistent with data Zoom may retain about meeting content. 5. COMPLIANCE CONSIDERATIONS: Compliance teams should map Zoom meeting content collection against their data classification frameworks and determine whether confidential or privileged communications processed through Zoom require additional contractual protections or platform configuration changes, such as disabling AI features for sensitive meeting categories.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision establishes that Zoom's data collection scope includes the substantive content of communications, not only metadata or usage signals. For enterprise accounts processing confidential business discussions, legal communications, or healthcare-related conversations, this collection scope is relevant to data classification and retention assessments.
The agreement establishes that audio, video, chat, and transcript data generated during Zoom sessions may be collected and processed by Zoom. Users who enable features such as AI Companion summaries or transcription authorize additional processing of this content as described in the AI provisions.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Zoom.