I’m having troubles understanding exactly what kind of data stored in our system is considered important and should be deleted in order to fulfill the data compliance agreement when a user uninstalls the app.
Apart from storing the refresh and access tokens, for each created meeting through our application, our application stores the meeting’s Join url, password and the meeting ID.
Do we have to remove this data from our databases when the user uninstalls our app from his Zoom account?
I’m asking because our app’s domain is helping with creating and organizing meetings, so the data that we store (join url, password and meeting ID) is still helpful for the user and all other users in our system even after the Zoom app is uninstalled.
The meeting data is replicated into any number of mail applications, including through Zoom’s own site links (ics generator, etc.). No mechanism exists to delete this information once sent to mail applications even if the account is terminated. So why would meeting details on a site that stores and sends shared meeting details be any different?
Instead of facilitating a disconnection, it makes it unnecessarily difficult because any and every existing meeting will have to be manually edited by the user for new details if they want to disconnect their account for reasons other than termination.
Imagine the user wants to disconnect their Zoom credentials but has a dozen meetings created with Zoom coordinates. What is our application going to do when the account is disconnected - send out hundreds of updated invites to invitees with Zoom details replaced with “TBD”? Also, as you probably know, usually the Zoom coordinates are embedded in the meeting details, perhaps with other information; how would this be ‘scraped out’ as a result of a disconnect. I’m very interested if you have experience from other integrations that would help us address this in an elegant way.
You do not need to programmatically delete the actual Zoom meeting, you just need to clear any user data from your database if that user uninstalls the app.
It is up to you how you handle a future meeting for example, that was scheduled via your app, but then the user uninstalled it.
