Candidate Privacy Statement

Zoom Communications, Inc., our subsidiaries and affiliated companies (“Zoom,” “we,” “us,” and “our“) are committed to protecting your privacy. This Candidate Privacy Statement (“Statement“) describes the privacy practices that apply to our collection, use and disclosure of information relating to you as an identified or identifiable candidate (“Personal Data“) when you (“you,” “your” or “the Candidate“) engage with us for employment or internship opportunities, via any method (collectively, the “Sites“), as well as how we use and share that information. We appreciate your interest in Zoom and take care to process and use your Personal Data responsibly.

California Residents Please See Your California Privacy Notice

If you have any questions about this Statement, please contact us at privacy@zoom.us.

Personal Data We Collect

To process your application, we ask you to provide Personal Data about yourself. You provide your information voluntarily, and you determine the extent of information you provide to Zoom. However, some information may be necessary to complete an evaluation of your application and without it our ability to consider you as a candidate may be limited. If your job application is successful, you will receive a separate privacy notice from us explaining how we process the Personal Data of our employees.

From You

As an applicant, you provide Zoom with certain Personal Data, including educational and employment background, contact information and preferences, job qualifications, work permit or visa information, and jobs or other career opportunities for which you would like to submit an application. You also may choose to provide Zoom with additional information, such as your CV, resume, cover letter  and transcripts; employment references and related information; compensation information; and information about special needs or health conditions and information relating to accommodations that you may request during the recruiting process.

Sensitive personal data

Some Personal Data may be considered sensitive personal data under certain privacy laws. Sensitive personal data includes, for example, government ID, information relating to a person’s race or ethnic origin, political opinions or religious beliefs, physical or mental health or condition, sexual orientation, or trade union membership. It may include information about an individual’s criminal offenses or convictions, as well as any other information deemed sensitive under applicable data protection laws. This may also be referred to as “special category data”. In addition to the above, Personal Data pertaining to government ID, social security number, financial account information, geolocation, and the contents of mail, email, and text to a non-company recipient are considered “sensitive personal  information” under California privacy law.

Zoom does not request sensitive Personal Data in connection with recruiting unless permitted or required by local law (for example, for equal opportunity monitoring or internal policies related to merit based hiring and anti-discrimination). Where required by applicable data protection or privacy law, we will obtain your consent to our use of your sensitive Personal Data.

From Third Parties

Zoom may also collect information from third parties who are lawfully entitled to share your information with us, for example, in connection with a background or employment check or an employment reference. Other examples include social media sites (such as LinkedIn).

Where permitted by law and to the extent applicable, Zoom may also need to conduct background or criminal checks to determine your suitability for an open position or opportunity.

Automatically

We automatically gather Personal Data from our Sites, for example, your IP address, or from our “Zoom Careers” page where you can visit and search for open positions. For more details about the Personal Data we collect through our Sites, please see our Cookie Policy.

How We Use Your Personal Data

We use your Personal Data in our application and recruitment process for purposes including:

• Assessing your qualifications, skills, and interests against our career opportunities;
• Sending you news, alerts and other career outreach information about careers at Zoom;
• Verifying the information you or others provide and carrying out reference checks or conducting background checks (where applicable);
• Facilitating the recruiting and interview process;
• Preparing an offer letter, if your application is successful;
• Managing and improving our recruiting processes;
• Producing management reports containing analysis related to recruiting metrics, such as length of the recruiting process;
• Complying with applicable laws, regulations, legal processes or enforceable governmental requests; or
• Proactively researching your educational and professional background and skills and contacting you if we think you would be suitable for a role with us.

We will also use your information for safety and security purposes, and to protect the rights and property of Zoom, our users, applicants, candidates, employees or the public as required or permitted by law.

If you are offered and accept employment with Zoom, the information collected during the application and recruitment process will become part of your employment record.

How We Share Your Personal Data

Zoom will not sell the information on your application to unaffiliated third parties for their marketing purposes. We take care to limit access to your Personal Data to only those who need access to perform their tasks and duties, and to third parties who have a legitimate purpose for accessing it. We may share Personal Data about you with third parties in the following circumstances:

• Our subsidiaries and affiliated companies, in relation to the purposes described above.
• Vendors, consultants and other service providers:We may share your Personal Data internally and with service providers, agents and other third parties (for example, recruiters, consultants, cybersecurity vendors, attorneys and background checking services as necessary in connection with recruiting, employment, safety and security threats, corporate governance, acquisitions, and legal or regulatory requirements).
• For Legal Reasons: Zoom may share Personal Data as needed to: (1) comply with applicable law or respond to, investigate, or participate in valid legal process and proceedings, including from law enforcement or government agencies; (2) enforce or investigate potential violations of its Terms of Service or policies; (3) detect, prevent, or investigate potential fraud, abuse, or safety and security concerns, including threats to the public; (4) meet our corporate and social responsibility commitments; (5) protect our and our customers’ rights and property; and (6) resolve disputes and enforce agreements.
• Business transfers:We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, acquisition, dissolution, corporate reorganization or similar event. We will inform any buyer that your information shall only be used in accordance with this Statement.
• With your consent:We may disclose your Personal Data for any purpose with your consent.

Our Legal Bases for Processing Your Personal Data

Our legal bases for processing your Personal Data in the EEA and Switzerland, in the ways described in this Statement, include:

• As necessary to prepare and enter into an employment contract with you
• Consistent with specific consents, which you may revoke at any time
• As necessary to comply with our legal obligations
• To protect your vital interests or those of others
• As necessary for our (or others’) legitimate interests, including our interests in considering candidates for current and future employment opportunities, and in managing and improving our recruitment and hiring processes, unless those interests are overridden by your interests or fundamental rights and freedoms, which require protection of personal data.

Data with special protections. Information such as health information is subject to special protections under EU law. We may process such data where necessary to carry out our obligations or for the establishment, exercise or defense of a legal claim by us, or with your explicit consent, or for the exercising of our rights or your rights in the context of employment or social security law. For example, we may need to process information about your health to accommodate any special needs you have if you come on-site for an interview.

Your Privacy Rights

You may have a legal right under applicable law (for example, the European Union’s (“EU”) General Data Protection Regulation (“GDPR”) applicable to EU residents’ personal data, or the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act (collectively, “CCPA”) to access the Personal Data we maintain about you. If you would like to review, correct, or update your Personal Data, or exercise any rights to withdraw your consent for us to collect any information please submit the following request form. We will try to respond to your request(s) as soon as reasonably practicable, consistent with applicable law. Note, in some cases, and where permitted, we may charge a fee for data access requests.

Security

We take security seriously and use appropriate technical and organizational security measures to safeguard your information. But no security procedures are guaranteed to be 100% secure so we encourage you to take care when disclosing Personal Data online and to use tools, such as endpoint security, Internet firewalls, anti-virus and anti-spyware software, and similar technologies to protect yourself online.

Our Retention of Your Personal Data

We’ll retain your Personal Data for as long as required to comply with our legal obligations, resolve disputes, and to enforce our contractual agreements, or as necessary for our legitimate interests, such as to consider you for other current and future employment opportunities at Zoom.

If you’re successful in your application for a position at Zoom, we retain the information that you provide during the application process, and information about your application process, as part of your employee records.

If you do not want us to retain your information for consideration for other roles, or want us to update it, please contact privacy@zoom.us. Please note, however, that we may retain some information if required by law or as necessary to protect ourselves from legal claims.

Your Responsibilities

You are responsible for the information you make available to Zoom, and you must ensure it is honest, truthful, accurate, and not misleading in any way. You must ensure that the information does not contain material that is obscene, defamatory, or infringing on any rights of any third party; does not contain malicious code; and is not otherwise legally actionable. Further, if you provide any information concerning any other person, such as individuals you provide as references, you are responsible for providing any notices and obtaining any consents necessary for Zoom to collect and use that information as described in this Statement before you provide the referee’s Personal Data to Zoom.

California Privacy Notice

In California, in addition to your rights to access, delete, and correct information described above,  you additionally have a right to request categories of personal information collected, categories of sources form which we collected personal information, the business or commercial purpose for collecting or selling information, categories of third parties to whom we disclose personal information, categories of personal information sold/disclosed, and categories of third parties to whom the personal information was sold or disclosed for a business purpose. Zoom does not sell or share personal information of employees in the manner restricted by the CCPA and have not done so in the preceding 12 months. This only applies if the ground for processing is Consent or Contract. You are entitled to exercise California rights free from discrimination as prohibited by the CCPA, including exercising such rights without retaliation.

To exercise a California privacy right, please email privacy@zoom.us or https://zoom.us/dsar-form or call 1-888-799-0566.   We may require identity verification by requiring you to log into an online account for former employees if you have one, provide information that can help us verify your identity, provide government identification, and/or provide an affidavit under penalty of perjury. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it. We reserve the right to confirm your California residency.

Your authorized agent may make a request on your behalf upon our verification of the agent’s identity and our receipt of a copy of a valid power of attorney given to your authorized agent pursuant to California Probate Code Sections 4000-4465. If you have not provided your agent with such a power of attorney, you must provide your agent with written and signed permission to exercise your CCPA rights on your behalf, provide the information we request to verify your identity, and provide us with confirmation that you have given the authorized agent permission to submit the request.

International Transfers of Your Personal Data

Zoom operates globally, which means Personal Data may be stored and processed (for example stored in a data center) in any country where we have facilities or in which we engage service providers, including where we have data centers. By using Zoom or providing Personal Data for any of the purposes stated above, you acknowledge that your Personal Data may be transferred to or stored in the United States or in other countries around the world as indicated above. Such countries may have data protection rules that are different and less protective from those of your country.

Zoom processes Personal Data in (i) any country where we have facilities, (ii) any country in which we engage service providers; or (iii) any country where events are held.

Residents of the European Economic Area (EEA)

If you are a resident of the European Economic Area (EEA), Switzerland, or the UK, we will protect your personal information when it is transferred outside of the EEA, Switzerland, or the UK by:

• Processing it in a territory which the European Commission has determined provides an adequate level of protection for personal information; or
• Otherwise implementing appropriate safeguards to protect your personal information, including:
  • implementing the European Commission’s standard contractual clauses

Zoom complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Zoom has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Zoom has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Zoom commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.

Zoom Communications, Inc., Zoom Voice Communications, Inc., Solvvy, Inc., are adhering to the DPF Principles. The Federal Trade Commission has jurisdiction over Zoom’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

If third-party agents process personal data on our behalf in a manner inconsistent with the DPF Principles, we remain liable unless we prove we are not responsible for the event giving rise to any damages. If you have a question or complaint related to our compliance with the DPF Principles, please contact us as indicated at the bottom of this privacy statement.

Under limited circumstances and after other available dispute resolution mechanisms have been exhausted, binding arbitration is available to address certain residual complaints under the DPF not resolved by other means.

Changes to this Statement

Zoom will review and update this Statement periodically in response to changing legal, technical, and business developments. When we update this Statement, we will note the date of its most recent revision above. If we make material changes to this Statement, we may take appropriate measures to inform you in a manner that is consistent with the significance of the changes we make. We encourage you to review this Statement frequently for information on how Zoom is processing your information.

How to Contact Us

If you would like to review, correct, or update your Personal Data, or exercise any rights to withdraw your consent for us to collect any information please click here. If you have any questions or concerns regarding this Statement, you may email us at privacy@zoom.us. You can also contact us by writing to this address:

Zoom Communications, Inc.
Attention: Data Privacy Officer
55 Almaden Blvd, Suite 600
San Jose, CA 95113

Or to our representative in the EU or UK:
Lionheart Squared (Europe) Limited
Attn: Data Privacy
2 Pembroke House
Upper Pembroke Street 28-32
Dublin
DO2 EK84
Republic of lreland
email: zoom@LionheartSquared.eu

Lionheart Squared Limited
Attn: Data Privacy
17 Glasshouse Studios
Fryern Court Road
Fordingbridge
Hampshire
SP6 1QX
United Kingdom
Contact: zoom@LionheartSquared.co.uk

If we are unable to resolve your concerns, you have the right to contact your local data privacy supervisory authority or seek a remedy through the courts if you believe your requests to exercise your rights have not been honored.