When organizations consider the immense productivity gains available with generative AI tools, they also balance unique considerations around data handling, privacy, and compliance. In an evolving technological, legal, and compliance landscape, we take seriously our obligation to provide customers with the information and tools they need to confidently implement Zoom AI Companion, your smart AI assistant throughout Zoom Workplace.

As a decision-maker for your organization, you need insights into AI Companion's data protection and privacy features and how they fit with your organization's data governance requirements. We want to offer practical guidance on common approaches for customers to tailor their AI Companion experience to meet their unique legal, compliance, and privacy needs.

At Zoom, we power AI Companion with a federated approach that combines our own artificial intelligence models with select third-party AI models. Depending on the feature in use and the overall system status, we dynamically adjust the models used based on performance and availability, to meet our customers' needs. Learn more about our model usage, data processing, and storage in the Zoom AI Companion Security and Privacy Whitepaper.

Our core philosophy on customer data and privacy is simple:

While AI Companion features must use certain content to provide the service, these commitments provide customers with confidence that Zoom will not use customer content to train our models, or for purposes other than to serve our customers. For customers with unique compliance needs, Zoom also supports Customer Managed Key for customers to manage their own encryption key for content stored in the Zoom cloud platform. CMK is available for AI Companion 1.0. CMK for AI Companion 2.0 is coming soon.

When a user engages with AI Companion, data is sent from the user to the Zoom hosted and/or third-party models. For example, if you use chat compose to help draft responses in Team Chat, relevant content such as the selected chat thread, chat participant names, and your prompt will be sent to the relevant model. Learn more about how AI Companion features use your data.

Our commitments to handling customer data are governed by our Privacy Statement and Data Processing Addendum, which describe the personal data we collect, use, store, and share. When it comes to how third-party models interact with customer data, our subprocessor page details the requirements we impose on our third-party model providers.

How long data is stored and retained

It's not enough to know how data is used, but also how long it's stored and retained. If it's important for your organization to closely manage data storage and retention for legal and compliance reasons, there are several ways you can control that.

To start, we focus on transparency around data retention. For feature-by-feature information about storage and retention settings, download our Privacy and Security Whitepaper. In general, Zoom may retain customer content to provide customers with the AI Companion service. Zoom retains inputs (like the audio transcript AI Companion used to provide a meeting summary) for up to 30 days for support and debugging purposes. Zoom would only retain that data for a longer period where required by applicable law. Third-party model providers may retain customer content for up to 30 days for trust and safety purposes.

Customers may wish to tailor the retention period for the audio transcripts used to power meeting summaries and other AI Companion features, which Zoom allows if the retain and access meeting transcripts setting is enabled. In addition, some customers may have legal or compliance reasons to elect Zoom's Zero Data Retention (ZDR) option, which immediately deletes inputs used to provide an AI Companion meeting summary after the summary is created. If you choose to use ZDR, people in your organization won't be able to use some of the functionalities for Docs and AI Companion 2.0.

AI Companion availability and where it processes data

Depending on an organization's legal and compliance needs, it can be important to know not just how AI Companion handles data, but where.

AI Companion is currently available to customers hosted in the U.S. For customers hosted outside of the U.S. (including in Australia, Canada, Europe, India, and Singapore), certain AI Companion features are available using Zoom-hosted Models Only (ZMO) to align with the data localization preferences for those accounts. This allows those customers who have compliance requirements mandating that data processing occur within a particular geographic area to leverage Zoom's data processing capabilities in that area, if available. With the Zoom-hosted Models Only option, Zoom does not leverage third-party models to power the relevant AI Companion feature. Instead, data is sent to Zoom-hosted Models for processing. There are also certain limitations for customers in select regions that are not supported by our third-party model providers and for customers in select industry verticals.

Content storage and retention by Zoom and its third-party model providers are areas of particular interest to organizations who are considering how to implement AI Companion. In circumstances where organizations wish to actively manage data storage and retention for legal and compliance reasons, Zoom puts customers in control in several ways. This empowers our customers within today's digital landscape, where it is important for organizations to maintain visibility into the data being accessed and utilized within their technology stack and have access to flexible settings to tailor data access in accordance with their own data governance priorities.

With the recent launch of AI Companion 2.0, our next generation of Zoom AI Companion, customers can now configure AI Companion to leverage their own emails, calendar items, and documents stored with third-party sources such as Microsoft and/or Google, in order to provide answers to their prompts. This powerful capability provides users more context-rich answers by synthesizing information from connected emails, documents, spreadsheets, and more.

Recognizing that customers need to understand and control what information AI Companion has access to within their accounts, AI Companion is designed to give account administrators and users flexible controls over the relevant settings. For example, account admins can manage AI Companion access to these third-party calendar events, emails, and documents in the web settings, choosing none, all, or some of these data sources based on their organization's preferences at the account and group level. Individual users must also have connected their third-party account to Zoom on their Profile page for it to be available to AI Companion. Individual settings are also available to control web content, which permits AI Companion to search the web for general knowledge questions, and local file uploads, allowing users to add files from their devices to their AI Companion prompts.

Based on these settings and permissions, the system leverages and indexes third-party data, as well as any other available data sources across your Zoom account to answer user prompts subject to the user's underlying permissions. Citations and sources are provided with answers to user prompts to help users understand which data sources were used to provide the answer.

How users are notified about AI Companion

Being transparent to users about when AI is in use is a key part of responsible AI, so Zoom designed AI Companion to provide clear options for how to turn it on, and clear notice to users about when it is in operation in meetings. For meetings, a host can turn on AI Companion on their own initiative or at the request of a meeting participant.

When a host turns on AI Companion during a meeting, a notification banner will display to meeting participants. Meeting participants joining by phone will hear an audio notice that Zoom AI Companion has been enabled for the meeting. Within the Zoom Workplace desktop app, users can bring up the AI Companion side panel by clicking the AI Companion diamond at the top-right of the client.

The AI Companion diamond is used throughout Zoom Workplace to show where AI features are available. This icon can be found in Zoom Docs, Team Chat, Whiteboard and more to help people easily identify where AI Companion can help them.

After AI Companion is turned on in a meeting, the diamond remains visible to notify everyone that AI Companion is on. Participants can click on the diamond and see which AI Companion features have been enabled in the meeting, what content is being accessed, an option to learn more about how AI Companion uses their data, and an option to ask the host to turn off AI Companion features.

You may see other notices related to AI Companion. For example, there is a reminder at the bottom of the AI Companion side panel that states, "AI can make mistakes. Review for accuracy." Also, when asking in-meeting questions to AI Companion during a meeting, you'll see the phrase, "No other participants can see this conversation."

Control how AI Companion is turned on and off in your meeting

AI Companion allows for many customization options, particularly for Zoom Meetings features.

Meeting hosts can enable or disable AI Companion features in meetings. If permitted by the admin, participants may request that the host enable these features, or they can request that the host disable them if they are turned on.

Meeting hosts also have a one-click option to turn off all AI Companion features in a meeting and delete the AI Companion meeting assets if needed.

Configure settings for meeting summary

Meeting summary is one of the most popular AI Companion features. We provide options to customize how users engage with it, including:

If your organization desires the most restrictive options, start by automatically sharing the summary only with the meeting hosts (or sending only a link), and selecting a short retention period. Similarly, you can choose to not use the additional content options to enhance the meeting summary and rely only on the audio transcript.

We also provide a way for your organization to customize the meeting summary email sent to hosts and participants. Account administrators can add company branding and any additional required policy language to those automatic emails. You can find these email templates under the Email tab in the Branding section of your account.

Customize in-meeting notices

We provide an option for account administrators to customize the in-meeting notices that tell meeting participants when AI Companion is turned on. Organizations with unique compliance needs or other special circumstances can use the notice language that works best for them and their users, including adding branding or information about their own policies when interacting with external audiences. Learn more about configuring alerts and notifications for Zoom Meetings and Webinars.

As you've read, you have a series of flexible settings and features designed to give you greater control over your implementation of Zoom AI Companion. For further reading: