Zoom · Zoom Sub-Processors · View original document ↗

AI-Function Subprocessor Inclusion

Medium severity Low confidence Inferredfromcontext Unique · 0 of 352 platforms
Share 𝕏 Share in Share 🔒 PDF
Recent governance activity Zoom recorded 2 documented changes in the last 30 days.
Start monitoring updates
Monitor governance changes for Zoom Create a free account to receive the weekly governance digest and monitor one platform for governance changes.
Create free account No credit card required.
Document Record

What it is

The subprocessor list includes vendors engaged for AI-related processing functions in connection with Zoom's services, meaning customer data may be processed by third-party AI infrastructure or tooling providers as part of Zoom's AI feature delivery.

This analysis describes what Zoom's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

The inclusion of AI-function subprocessors is operationally distinct from standard infrastructure or support subprocessors because AI processing may involve additional data categories, model training considerations, and automated decision-making implications that engage specific regulatory frameworks including the EU AI Act and sector-specific AI governance requirements. The document does not specify which customer data categories are processed by AI subprocessors or the nature of the AI processing performed.

Interpretive note: The document does not specify which subprocessors perform AI functions, what data categories they process, or the nature of the AI processing, making it difficult to assess regulatory implications from this document alone.

Consumer impact (what this means for users)

Customer data may be processed by third-party AI vendors as part of Zoom's AI feature delivery, as disclosed through the subprocessor list. The specific data types processed by AI subprocessors and the nature of automated processing involved are not detailed in this document.

Cross-platform context

See how other platforms handle AI-Function Subprocessor Inclusion and similar clauses.

Compare across platforms →

Monitoring

Zoom has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Get Monitor Or create a free account →
▸ View Original Clause Language DOCUMENT RECORD
"
A subprocessor is a vendor Zoom uses to process data on behalf of our customers.

— Excerpt from Zoom's Zoom Sub-Processors

ConductAtlas Analysis

Institutional analysis (Compliance & governance intelligence)

1. REGULATORY LANDSCAPE: AI processing of personal data engages GDPR provisions on automated decision-making and profiling, as well as the EU AI Act, which imposes obligations on providers and deployers of AI systems depending on risk classification. Sector-specific AI governance frameworks may apply in regulated industries. Enforcement authorities include EU supervisory authorities for GDPR-related AI processing and, for high-risk AI systems, national market surveillance authorities under the EU AI Act. 2. GOVERNANCE EXPOSURE: Medium to High depending on the customer's industry and the nature of AI features used. Organizations in regulated sectors such as healthcare, financial services, or human resources should assess whether Zoom's AI subprocessors process special category data or perform processing that constitutes automated decision-making with significant effects under GDPR Article 22. 3. JURISDICTION FLAGS: EU and EEA customers face heightened exposure under both GDPR and the EU AI Act. UK customers should assess AI processing against the UK ICO's AI guidance and the proposed UK AI regulatory framework. US-based customers in regulated sectors should assess applicable federal and state AI governance requirements. 4. CONTRACT AND VENDOR IMPLICATIONS: Procurement teams should identify which Zoom AI features are enabled in their deployments and confirm which subprocessors support those features. Data Processing Agreement review should confirm whether AI processing purposes are specifically scoped and whether restrictions on model training using customer data are included. 5. COMPLIANCE CONSIDERATIONS: Organizations should conduct data protection impact assessments for Zoom AI features that process personal data, assess whether any AI processing constitutes high-risk automated decision-making, and confirm that appropriate safeguards and transparency obligations are satisfied under applicable law.

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Track 3 platforms — free Get Monitor

Free: track 3 platforms + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.

Applicable agencies

  • FTC
    The FTC has asserted jurisdiction over AI-related data practices and unfair or deceptive practices in the deployment of AI systems involving consumer data
    File a complaint →

Provision details

Document information
Document
Zoom Sub-Processors
Entity
Zoom
Document last updated
July 6, 2026
Tracking information
First tracked
July 6, 2026
Last verified
July 6, 2026
Record ID
CA-P-013433
Document ID
CA-D-00930
Evidence Provenance
Source URL
Wayback Machine
Content hash (SHA-256)
8fd5028a6a70d970b01aff7e574b1ac598f580f953416e9617e7464c57820321
Analysis generated
July 6, 2026 23:07 UTC
Methodology
Evidence
✓ Snapshot stored   ✓ Hash verified
Citation Record
Entity: Zoom
Document: Zoom Sub-Processors
Record ID: CA-P-013433
Captured: 2026-07-06 23:07:54 UTC
SHA-256: 8fd5028a6a70d970…
URL: https://conductatlas.com/platform/zoom/zoom-sub-processors/ai-function-subprocessor-inclusion/
Accessed: July 7, 2026
Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.
Classification
Severity
Medium
Categories

Other risks in this policy

Compliance Governance Intelligence

Need to monitor specific governance provisions?

Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies
Get Compliance

Or start with Monitor →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Zoom's AI-Function Subprocessor Inclusion clause do?

The inclusion of AI-function subprocessors is operationally distinct from standard infrastructure or support subprocessors because AI processing may involve additional data categories, model training considerations, and automated decision-making implications that engage specific regulatory frameworks including the EU AI Act and sector-specific AI governance requirements. The document does not specify which customer data categories are processed by AI subprocessors or the …

How does this clause affect you?

Customer data may be processed by third-party AI vendors as part of Zoom's AI feature delivery, as disclosed through the subprocessor list. The specific data types processed by AI subprocessors and the nature of automated processing involved are not detailed in this document.

Is ConductAtlas affiliated with Zoom?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Zoom.