Common use of Security of Personal Data Clause in Contracts

Security of Personal Data. 6.1 Zoom may not update the Services in a way that would remove Customer's choice to apply end to end encryption to Meetings, introduce any functionality that would purposefully allow anyone not authorized by the Customer to gain access to Customer encryption keys or Customer content, or remove the ability to store recordings locally. 6.2 Zoom certifies that it has not purposefully created any “back doors” or similar programming in the Services that could be used by third parties to access the system and/or personal data. Zoom has not purposefully created or changed its business processes in a manner that facilitates such third party access to personal data or systems. Zoom certifies there is no applicable law or government policy that requires Zoom as importer to create or maintain back doors or to facilitate access to personal data or systems or for the importer to be in possession of or to hand over the encryption key. 6.3 Taking into account the state of the art, the costs of implementation, and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Zoom shall maintain appropriate technical and organizational measures with regard to Customer Personal Data and to ensure a level of security appropriate to the risk, including, but not limited to, the “Security Measures” set out in Annex II to the Standard Contractual Clauses (attached here as EXHIBIT B). Customer acknowledges that the Security Measures are subject to technical progress and development and that Zoom may update or modify the Security Measures from time to time, provided that such updates and modifications do not degrade or diminish the overall security of the Services.

Security of Personal Data. 6.1 Zoom may not update the Services in a way that would remove Customer's choice to apply end to end encryption to Meetings, introduce any functionality that would purposefully allow anyone not authorized by the Customer to gain access to Customer encryption keys or Customer content, or remove the ability to store recordings locally. 6.2 Zoom certifies that it has not purposefully created any “back doors” or similar programming in the Services that could be used by third parties to access the system and/or personal dataPersonal Data. Zoom has not purposefully created or changed its business processes in a manner that facilitates such third third-party access to personal data Personal Data or systems. Zoom certifies there is no applicable law or government policy that requires Zoom as importer to create or maintain back doors or to facilitate access to personal data Personal Data or systems or for the importer to be in possession of or to hand over the encryption key. 6.3 Taking into account the state of the art, the costs of implementation, and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Zoom shall maintain appropriate technical and organizational measures with regard to Customer Personal Data and to ensure a level of security appropriate to the risk, including, but not limited to, the “Security Measures” set out in Annex II to the Standard Contractual Clauses (attached here as EXHIBIT B). Customer acknowledges that the Security Measures are subject to technical progress and development and that Zoom may update or modify the Security Measures from time to time, provided that such updates and modifications do not degrade or diminish the overall security of the Services.