Please read the following excerpt from Zoom’s FERPA compliance policies and procedures.
How does Zoom help with FERPA compliance?
Zoom uses privacy practices and technical security measures to ensure that customer data is
protected. Our security and privacy measures include:
• Providing a variety of in-meeting product security features
• Protecting data in transit by TLS 1.2 and at rest using 256-bit Advanced Encryption Standard
• Leveraging the physical and environmental protection of our data center providers. Zoom’s
hosting facilities have 24×7 manned security and monitoring through multiple layers of
physical security controls including perimeters fences, manned lobbies, surveillance cameras
(CCTV), man trap, locked cages, motion detectors, and biometric access requirements
• Not monitoring, viewing, or tracking the video or audio content of your video meetings or
• Not sharing customer data with third parties
• Not storing customer data other than account information which consists of email address
use for UserID, first and last name, optional company name, optional phone number, and
optional profile picture
• Only retaining accounts for 30 days after termination to assist with product reactivation (if
requested by customer). After 30 days have passed, the account is permanently deleted
Please read the following excerpt about Zoom’s account policies for minors.
Supervised Account Creation
Students under the age of 18 should not go to www.zoom.us to create an account because (i) they should only be joining
Zoom meeting sessions as participants (not separate account holders) through the School Subscriber’s account and (ii) minors
are not permitted to create an account per Zoom’s Terms of Service. The School Subscriber’s account administrator (e.g.,
teachers) should securely and confidentially provide meeting information and meeting passwords to the student users to
ensure the school can maintain supervision and control over its student users’ meeting experiences. If students have already
signed up for individual accounts, Zoom can assist schools in fixing this.
Please read the following excerpt about Zoom’s legal confidentiality obligations.
- Complying with our legal obligations or the legal obligations of our subscribers.
This includes responding to a legally binding demand for information, such as a warrant issued by a law enforcement entity of competent jurisdiction, or as reasonably necessary to preserve Zoom’s legal rights.
Zoom does not share Personal Information with third parties other than the service providers described above, or as required by law, except at the direction and on behalf of a School Subscriber.
Maintaining the confidentiality, security, and integrity of students’ Personal Information is a top priority. We use industry-standard security technologies, procedures, and organizational measures designed to help protect Personal Information from unauthorized access, use, or disclosure.
Access and Deletion Rights
If a student or his or her parent would like to request to access, review, refuse further collection of, or delete the student’s Personal Information, please contact your school or school district with your request. Because Zoom is required to comply with contractual confidentiality obligations related to our customers’ data, we are not able to respond to parental or student requests directly. School Subscribers may direct requests to access, delete or restrict further collection or use of a student’s Personal information to firstname.lastname@example.org.