Description
I have not found a way to completely delete a webinar registrant that was once registered, neither through the web interface nor through the API.
I am trying to conform to European data privacy regulations which would require me to be able to completely remove a person’s data from the service, if they for whatever reason opt out of participating in the Zoom webinar. From that point on we/Zoom are holding their data illegally and we might be subject to fines.
Error
After trying my best to cancel a registrant, I get the error message “The e-mail address *** cannot be used to register for this webinar.” (translated by me from German) if I try to sign up the same person again through the API. This means there still is a record of them even if I set their status to cancelled. I can also still see former registrants in the Zoom web interface. This, unfortunately, is not acceptable.
Have I just not found the proper way to delete a registrant?
The only workaround I can think of is to alter/anonymize/invalidate a registrant’s data before canceling the registration. I guess I would have to randomly generate fake e-mail-addresses. That does not seem like a good way to handle a situation where all we need is a simple “delete” operation?
Which App Type (OAuth / Chatbot / JWT / Webhook)?
JWT
How To Reproduce (If applicable)
Steps to reproduce the behavior:
Add registrants to a webinar by any means
Try and erase any trace of a once-entered registrant
Thank you for reaching out to the Zoom Developer Forum. This is a great question! I brought this question to internal subject matter experts and was informed that these users are subject to our Privacy Policy. If you are looking for more information on how to maintain compliance with GDPR, you can always reach out to our Privacy Team to make sure that you have all the information on how to best comply with GDPR.
I hope that helps! Let me know if you have any questions.
Hello @MaxM, thank you for your research into the question and your reply. I’m afraid I can’t say that it has helped me much but I infer from what you are saying that there really is no way to delete a registrant once their data have been entered - probably short of deleting the entire webinar.
It really seems like a subobtimal situation and I would really appreciate if this could be fixed down the road.
Thank you for the update. My apologies for not being very clear. You’re correct in that there is currently no way to delete the information for a canceled webinar participant. However, this shouldn’t be a concern with regard to GDPR due to the Privacy Policy that each Zoom user agrees to. If this continues to present a concern for you or your team, that’s where our Privacy Team can help further.
That being said, we are always looking for ways to improve Zoom and the API so I’ll be sure to bring this up again the next chance I get.
Hello @MaxM,
ah - interesting point. Currently though, we are not requiring Webinar participants to have an account with Zoom. This means Zoom is holding personal data of people who have not agreed to Zoom’s Privacy Policy on our behalf. I can of course send an e-mail to your Privacy Team about this but I believe the only proper way to handle this is to allow proper deletion of webinar registrants for webinar administrators - through the web interface and the API.
That’s a good point. I’m not sure at what point the Privacy Policy applies to a guest user if they agree to it by using the app or otherwise. As you mentioned, our Privacy Team can shed more light on that.