Privacy Policy for Study Creators


Effective Date: June 23, 2021

Overview - Study creator privacy policy

This privacy policy describes how UserZoom collects, handles, secures, shares and uses the personal information and data you provide to us through your use of our services. It also describes the choices available to you regarding our use of your personal information and how you, as our customer (“Customer”) and study creator, can access and update this information. We will share your personal information with third parties only in the ways that are described in this privacy policy, unless we obtain your consent otherwise, or otherwise required by applicable law. The use of information collected through our service shall be limited to the purpose of providing the service for which you, our Customer, has engaged us.

Except where otherwise noted, this privacy policy applies to the products and services offered by us to you, the Customer. We refer to those products and services collectively as the “services” in this privacy policy. Some of our services may have supplementary privacy policies which explain in more detail our specific privacy practices in relation to those services. Unless otherwise noted, our services are provided by User Zoom, Inc. inside of the United States & Asia, and by UserZoom Ltd, UserZoom GmbH and UserZoom Technologies, Inc. outside of the United States, all of which are owned by UserZoom Technologies, Inc. (collectively, “UserZoom”, “we”, “our” or “us”).


Privacy Shield Framework

Details of the Privacy Shield are only provided to the extent they are applicable. UserZoom is aware of the Schrems II decision, as such where a transfer to the US is required by the Customer alternative mechanisms (such as the Standard Contractual Clauses) will be utilized and the Privacy Shield it would be supplemental to any such mechanism.

UserZoom Technologies, Inc. (including its parent/subsidiary company(ies), such as User Zoom, Inc., UserZoom Limited, UserZoom GmbH) participates in and has certified its compliance with the EU-U.S. and Swiss-US Privacy Shield Framework (“Privacy Shield Framework”).  We are committed to processing all personal data received from European Union (EU) member countries and Switzerland, in reliance upon the Privacy Shield Framework, in accordance with the Framework’s applicable Principles.  To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List at

We are responsible for the processing of personal data we receive, under the Privacy Shield Framework, and may subsequently transfer such data to a third party acting as an agent on our behalf.  We comply with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions thereunder.

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.  In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including meeting national security or law enforcement requirements.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at

Under certain conditions, more fully described on the Privacy Shield website [], you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

Information we collect

We collect the following personal information from our customers:

Information we collect directly from you

  • Account informationWhen we create your account, we collect your username, password, email address, first and last name. When you add new users to your account, we collect the same information for all such additional users.
  • Account settingsYou can set default preferences in your account.
  • Survey dataWe store your study data (questions, responses and data) for you.
  • Other data you intentionally shareWe may collect your personal information or data if you submit it to us in other contexts (i.e., via a different channel or method).

Information we collect about you from other sources

  • Usage data. We collect usage data about you whenever you interact with our services. This may include which webpages you visit, what you click on, when you performed those actions, and so on. Additionally, like most websites today, our web servers keep log files that record data each time a device accesses those servers. The log files contain data about the nature of each access, including originating IP addresses.
  • Device data. We collect data from the device and application you use to access our services, such as your IP address and browser type. When you download and use our Services, we automatically collect information on the type of device you use and operating system version. We may also infer your geographic location based on your IP address. We collect this location-based information for purposes of providing the services hereunder.
  • Referral data. If you arrive at a UserZoom website from an external source (such as a link on another website or in an email), we record information about the source that referred you to us.
  • Information from page tags. We use third party tracking services that employ cookies and page tags (also known as web beacons) to collect data about visitors to our websites. This data includes usage and user statistics.

How we use your personal information

We treat your study questions, responses and data as information that is private to you. We do not sell your survey data to third parties.

We use the information we collect from you in connection with our provision of the services to you, including as follows:

  • To provide you with our services.
  • To manage our servicesWe internally use your information for the following limited purposes:
  • To create new services and features.
  • To contact you about your subscription to our services or your accountWe occasionally send you communications (e.g. service-related announcements, billing-related matters, changes to our services or policies, a welcome email when you first register). You can’t opt out of these basic communications since they are required in order for us to provide our services to you.
  • To contact you for marketing purposes (if you opt in).

Communications you may receive - Newsletters

If you wish to subscribe to our newsletter(s), we will use your name and the email address provided to send the newsletter to you. If you wish to no longer receive these emails you may follow the unsubscribe instructions contained in each of the email communications you receive or contact us directly at

Communications you may receive - Service-related announcements

We will send you strictly service-related announcements on occasion when it is necessary to do so. For instance, if our services are temporarily suspended for maintenance, we might send you an email.

Generally, you may not opt-out of these communications, which are not promotional in nature. If you do not wish to receive them, you have the option of deactivating your account.

Service providers

We use other third parties such as an email service provider to send out emails, provide audio and/or recording capabilities, and provide cloud-computing infrastructure (i.e., datacenter services) on our behalf. When you sign up for our services, we will share your personal information only as necessary for such third parties to provide the relevant services. We will also use such information to administer your account.

The third parties we currently rely on (as of the “effective date” set forth above) in our provision of the services are:

  • Amazon Web Services - Datacenter service provider
  • Vonage - Video communications infrastructure used in moderated studies
  • Marketo - Marketing tool used to send commercial emails
  • Auth0 - Service provider used for Single Sign-On integrations
  • Google - Use of tracking technologies to improve the website user’s experience (Google Analytics)
  • Skilljar - UserZoom Academy hosting provider
  • Salesforce - Customer relationship management (CRM) platform
  • Zendesk - Support ticketing management platform

Data processing by these third parties is covered by the provisions in this privacy policy regarding notice and choice, as well as in the relevant service agreements with our Customers.

Access to your personal information and choice

UserZoom acknowledges that you have the right to access your personal information.  Upon request UserZoom will provide you with information about whether we hold any of your personal information. If your personally identifiable information changes, or if you no longer desire our service, you may choose to correct, update, delete/deactivate or access it by emailing us directly at We will respond to your request within a reasonable timeframe, not to exceed 30 days.

We will retain your information for so long as your account is active or as needed to provide you with the services under the relevant service agreement. Please note that we will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Data Protection Officer (DPO)

In compliance with 2016/679 of the European Parliament (General Data Protection Regulation - GDPR), we have appointed a Data Protection Officer (DPO) who is responsible for any privacy and data protection concerns related to UserZoom, and who can be reached at

Legal disclosures and business transfers

We will share your personal information with third parties only in the ways that are described in this privacy policy unless we obtain your consent otherwise, except in the following instances: (i) as required by law, (ii) in response to lawful requests by public authorities, including to meet national security or law enforcement requirements, or (iii) when we believe that disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order, or legal process served on us in connection with the services, (iv) to respond to any other government-related request, (v) to protect our rights and interests (including without limitation, for our own safety), (vi) to protect your interests (including without limitation, for your safety), (vii) to protect the interests of others (including without limitation, for the safety of others, or (viii) to investigate alleged or actual fraud, misrepresentation or other misconduct.

If UserZoom is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or via a prominent notice on our website at (“Website”) of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

Data retention

UserZoom will retain personal data we process on your behalf for as long as needed for purposes of fulfilling our obligations under the relevant service agreement with you (including for our provision of the services to you thereunder). UserZoom will retain and use the personal information described in this privacy policy as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, in accordance with this privacy policy.

Moderated studies – Specific provisions

In the event you are setting up a moderated study:

  • In the event you include individuals who participate as observers (“Observers”) in the moderated study session, they must be muted during the whole study.
  • If you unmute any of the Observers, it is your responsibility to inform such Observers of the terms of use and privacy policy as well as getting their acceptance thereof and agreement thereto.

UserZoom disclaims any and all responsibility and liability that may derive from non-compliance with respect to the provisions above. 

Data security

The security of your personal information is important to us. We follow industry best practices to protect the personal information submitted to us, both during transmission and once we receive it. We also comply with the security requirements of 2016/679 of the European Parliament (General Data Protection Regulation - GDPR), that regulates our processing of personal data. These security measures include:

  • Data encryption both at rest and in transit
  • Continuous infrastructure monitoring
  • Periodic internal vulnerability scans
  • Secure backup policy and Disaster Recovery Plan
  • Internal risk assessments
  • SOC2 certification

No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. 

Tracking technologies

UserZoom and its partners use cookies or similar technologies to analyze trends, administer the services, track users’ movements around the Website and with respect to their use of the services, and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies on an individual as well as aggregated basis, for purposes of providing the services to you, to improve the services and our provision thereof, and/or improving our customers’ (including your) overall experience and engagement with our services.

In particular, we use Google Analytics in order to perform the aforementioned. In the event you do not wish to be tracked by the Google Analytics Tool, you can use the following link in order to install a browser extension that prevents this data collection:

We use cookies to remember users’ settings (e.g. language preference), for authentication. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our services, but your ability to use some features or areas of our services may be limited.

Log files

As is true of most websites, we use a third party tracking-utility partner to gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data.

Links to other websites

Our Site includes links to other websites whose privacy practices may differ from ours. If you submit personal information to any of those other websites, your information will be governed by their privacy policy. We encourage you to carefully read the privacy policy of any website you visit.

Notification of privacy policy changes

We may update this privacy policy from time to time, in order to reflect changes to our information practices. If we make any material changes we will notify you either by email (sent to the e-mail address specified in your account) or by means of a notice our Website by updating the “effective date” found at the top of this privacy policy. We encourage you to periodically review this page for the latest information on our privacy practices, as your continued use of our services after any revisions to this privacy policy indicates your agreement to the terms of such revised privacy policy.

Contact us

If you have any questions or suggestions regarding our privacy policy, please contact us at or via postal mail at 10 Almaden Blvd, Ste 250, San Jose, CA 95113, USA.