Overview
This security policy explains how we protect the Zoom app, its users, and the data accessed while using the service.
The app allows an authorised Zoom user to sign in with their Zoom account, view meetings and webinars available to that account, locate connected polls, export selected poll content to a text file, and upload that file into another authorised Zoom account to recreate poll content.
The app is designed to operate without storing Zoom meeting, webinar, poll, or user data on our servers.
Authentication
Users access the app by signing in with their own Zoom account.
The app uses Zoom’s authentication process to verify the user and request permission to access only the Zoom data required for the app to function.
Access is granted through a temporary Zoom security token. This token is used only during the active user session to retrieve the requested Zoom data and perform actions selected by the user.
Tokens expire after 60 minutes of inactivity.
We do not use Zoom authentication tokens for any purpose other than providing the requested app functionality.
Data Access
The app requests access only to the Zoom data needed to perform its core function.
This may include:
Meetings available to the authorised Zoom account
Webinars available to the authorised Zoom account
Polls connected to selected meetings or webinars
Poll content selected by the user for export or import
We do not request unnecessary personal information from Zoom.
We do not request access to contacts, recordings, chat history, participant reports, or other unrelated account data unless such access is required for a specific approved feature.
Data Display and Processing
Data retrieved from Zoom is displayed on screen only so the user can select the meeting, webinar, or poll content they wish to work with.
The app processes the selected poll data only for the purpose of export or import.
The app does not record, retain, analyse, sell, or share the data retrieved from Zoom.
Data Storage
We do not store Zoom meeting, webinar, or poll data on our servers.
We do not maintain a database of exported poll content.
When a user exports poll content, the app creates a text file for the user to download. That file is controlled by the user after export.
When a user uploads a text file for import, the uploaded content is processed only for the purpose of creating or recreating poll content in the authorised Zoom account.
Uploaded files are not retained after processing.
Token Security
Zoom access tokens are handled securely and are used only for the active session.
Tokens are not used to access Zoom data outside the user’s requested actions.
Tokens expire after 60 minutes of inactivity.
We do not permanently store Zoom access tokens.
Server Security
The app is hosted on a secured server environment.
We apply reasonable technical and organisational measures to protect the app and server, including:
Secure server configuration
Restricted administrative access
Use of encrypted connections where applicable
Monitoring and maintenance of the application environment
Regular security reviews
Quarterly penetration testing
We run regular quarterly penetration tests to help identify and address potential security vulnerabilities.
Data Sharing
We do not sell, rent, or share Zoom data with third parties.
We do not provide Zoom data to advertisers, analytics companies, or external data processors for profiling or marketing.
Data accessed through the app is used only to provide the functionality requested by the authorised user.
User Responsibility
Users are responsible for the files they export from the app.
Once a poll export file has been downloaded, the user is responsible for storing it securely and sharing it only with appropriate people or accounts.
Users should not upload files they do not trust or files that have been modified by unknown parties.
Incident Response
If we become aware of a security issue that may affect the app, user access, or Zoom-related data, we will investigate the matter promptly.
Where appropriate, we will take corrective action, which may include:
Fixing the vulnerability
Revoking or invalidating affected sessions
Notifying affected users
Notifying Zoom where required
Updating this policy or related procedures
Security Contact
If you believe you have discovered a security issue with this app, please contact us immediately.
Security contact:
[email protected]
Please include enough detail for us to understand and investigate the issue.
Policy Updates
We may update this security policy from time to time to reflect changes in the app, Zoom platform requirements, security practices, or legal obligations.
The latest version of this policy will be made available on our website or app support page.