Zoom is tightening its European data protection guidelines. In collaboration with the Dutch SURF, the company has adapted various mechanisms to ensure that data remains more in the EU.

Zoom is adjusting its data protection regulations. In collaboration with SURF (the ICT cooperation umbrella organization of Dutch education and research institutions), the conference specialist is changing guidelines and mechanisms regarding the processing of European data. This isn’t the first time Zoom has tinkered with its policies alongside SURF. After previous criticism, Zoom has entered into a constructive collaboration with SURF with the intention of processing as much data as possible only within the EU.

Concrete improvements

The focus of the new agreement is on data localization. The adjusted rules apply to business and educational customers. According to Zoom, three measures stand out:

• EU localization: The amount of personal data processed exclusively in the EU has increased significantly. Every customer in the European Economic Area can benefit from this.
• Data requests: Zoom has launched a new portal to request access to personal data. By the end of this year, users should be able to submit a request for access to which a clearly readable response will be provided.
• Clarity: Zoom provides further details on data management, including transparent retention periods.

Zoom is further clarifying how diagnostic data will be processed and putting together a European support team. Anyone in the EU who wants support will receive it from the EU, meaning the data will no longer leave the Union. This support is temporarily limited to requests during office hours.