Data Compliance - Publishing an App - Documentation. Deactivation event

Hello, we’re working on the “bridge” between Zoom and our service.

We allow users to oauth in our service via Zoom.
We can monitor active and scheduled Zoom Meetings via webhooks.

We’re collecting users’ email, username, user id from the start, and for the short period of time the ids of active and scheduled meetings.

According to “Developer Responsibilities” and e. “Use and Maintenance of Customer Data.” on integration deactivation, the developer should delete all customer data.
  1. The main question, will Zoom API accept requests before responding for a Webhook about such event with 200 or 204 (according to Notification Delivery API)?

Our API mostly synced and via 1 thread we want to send a request to Zoom API about account/integration deactivation before responding 200/204 for a webhook.

  1. The second question. Username and user email are required for our service consistence. To use service, users should provide them on registration via email or it will be requested from Zoom API.

The termination of such data (email) will affect user account and lead to data loss associated with email obtained from Zoom.

In case we prefer manual requests for account deletion will it comply with dev agreement? Or add certain clarification to the app description, will it work?

Hey @MS_k,

Per the notification delivery requirements, you should respond with either a 200 or 204 OK response in under 3 seconds.

What is your use case of needing to wait to send the webhook response?

If a user uninstalls your app, any data you have gotten from them via the Zoom API needs to be removed from your database.