Zoom CommunityCustomer Support

Privacy, Security, and Compliance

Data Residency

For Zoom Phone-specific data residency, there are two distinct categories of data that cover different components of the service: Diagnostic Data and Customer Content Data. Each of these data types has different rules governing their residency, which are discussed in the following sections.

Diagnostic Data

Diagnostic Data is data automatically generated or collected by Zoom through use of the Zoom service. For Zoom Phone, Diagnostic Data includes phone call, SMS/MMS, voicemail, videomail, and voice recording metadata, telemetry data (e.g., product usage and system configuration), and other service-generated data (e.g., information to provide a service requested by the end user).

Details of how Diagnostic Data and its sub-categories are collected and handled are provided within the Zoom Contact Center Privacy Data Sheet and Zoom's Privacy Statement. Customers with outstanding questions are encouraged to speak to their Zoom account team for more information.

Customer Content Data

Zoom Phone Customer Content Data is the data your users record or share during a phone call, including voice/video, transcripts, recordings, voicemail, videomail, and SMS/MMS.

Where this data is stored can depend on several factors and may vary depending on account, group, and user settings or call routing tool-specific settings. However, it is important to note that all call recordings will be temporarily stored and processed in the SIP zone region where the user's device is registered before it is moved to its permanent data storage location. For instance, if a user's applicable content storage is set to Germany but they are registered to a SIP zone in the U.S., the call will be recorded and processed within the U.S. data center before being transferred to long-term storage in Germany.

The following table outlines which pieces of data in Zoom Phone are customizable for residency and which are located within the account's provisioned cluster.

Controlled by Customer Content Storage Setting
Stored in the region where account was provisioned

Call recordings

Call logs

Call transcripts

MMS media file

Voicemails

SMS/MMS messages

Voicemail transcripts

SMS/MMS logs

Custom greeting prompts

Defining Storage Location Settings

Zoom offers all paid customers regional data storage for applicable types of Customer Content—which is configurable at the account, group, and user levels—and for each unique Auto Receptionist, Call Queue, and Shared Line Group.

For these various groups and call-routing tools, customers can choose to store applicable Zoom Phone Customer Content in the following locations:

  • United States

  • Australia

  • Brazil

  • Canada

  • Germany

  • Japan

  • Singapore

  • Switzerland

Refer to Zoom's support center for more information on managing Customer Content storage locations.

Data Retention

Zoom Phone Customer Content Data is retained in the cloud indefinitely by default. However, customers can customize their data retention settings to between 1 and 4,000 days (approximately 11 years) for the following items:

  • Call Logs

  • Ad-Hoc Recordings

  • Automatic Call Recordings

  • Voicemail

  • Videomail

  • SMS/MMS

Customers can also define deletion behavior, with the option initially "soft delete" data, leaving it in a recoverable state for up to 30 days before it is permanently deleted. Alternatively, customers can set it to permanently delete after the set time without a "soft delete" period.

Example image of "Auto-delete data after retention" menu.

Refer to Zoom's support center for more information on customizing the "Auto Delete Data After Retention Duration" Zoom Phone policy.

Information Barriers

Zoom Phone provides features for Information Barriers, assisting customers in managing user communication policies and fulfilling regulatory obligations. This includes preventing specific groups of users with sensitive information from communicating with others unauthorized to access this data.

Within Zoom Phone, users blocked by Information Barriers are unable to search, call, or text other members of affected groups. Attempting these actions will prompt an error message indicating restricted communication between certain groups and users. Furthermore, blocked users cannot invite other members of the affected group into a meeting using Zoom Phone.

Refer to Zoom's support center for more information on Information Barriers.

End-to-End Encrypted Calling

Zoom Phone supports end-to-end encrypted (E2EE) calls between two Zoom Phone users within the same account, so long as both users meet specific requirements. This offers users an extra layer of privacy and confidentiality to their Zoom Phone calls, and can be quickly enabled so long as both users are calling from a supported Zoom app or device.

Refer to Zoom's support center for more information on enabling and using end-to-end encrypted calling. For more information on Zoom Phone's end-to-end encryption practices, refer to Zoom's Cryptography Whitepaper.

Zoom Phone Privacy Data Sheet

Zoom has provided the Zoom Phone Privacy Data Sheet, which describes Zoom's process for handling personal data and other data handling practices. Readers are also encouraged to refer to Zoom's Privacy Statement.

Certifications, Attestations, and Standards

Zoom maintains a list of Certifications, Attestations, and Standards within our Legal Compliance Center.

Last updated

Was this helpful?