Data Privacy Compliance and UserZoom

Learn about how UserZoom handles data privacy compliance. This article is an overview of compliance best practices when using UserZoom Manager. This information should by no means be seen as legal advice. We strongly advise customers to always consult their internal compliance team and/or privacy attorney regarding legal matters.

Plan Availability: All Plans
👥 User roles: Owner, Admins, Researchers, and Collaborators
For more information, see our article on how to find your plan and user role.


On this page:



About data privacy compliance

  • When conducting usability testing in UserZoom, no Personal Identifiable Information (PII) is collected by default.
  • Depending on the settings and questions of the study, it's possible that Personal Information is collected.
  • Although it may differ from one Regulation to another, personal information is any kind of data that can be used to identify a single individual.
  • In order to collect such data, most countries' legal frameworks require the implementation of certain safeguards to preserve citizen's rights.
  • If you want to know more about the specific security measures taken, please contact us.



How UserZoom helps you comply

UserZoom is committed to privacy and security. Here's an overview of the features and measures in place that help you comply with most of the current privacy regulations (GDPR & CCPA):


Customizable Legal Consent Request Page

Enabled by default in studies.


Launching controls

  • When trying to disable the feature for a specific study, users see a message warning about potential privacy issues.
  • If the Legal Consent Request page is not activated, users see a warning about the possible need to ask participants for their consent in case personal information is collected with the study.


Proof of consent upon request
If the Legal Consent Request page and checkboxes are enabled in a study, UserZoom can provide proof of consent upon written request.


Data security
UserZoom implemented security measures to safeguard the data collected through studies:

  • Data encryption both at rest and in transit.
  • UserZoom is SOC2 Type II certified, awarded TRUSTe's Privacy Seal, and US-EU Privacy Shield compliant.
  • Dedicated security department and staff to oversee the global product.
  • Adaptation of our Privacy Policies, Code of Conduct, Terms of Use, and existing contractual clauses with suppliers to ensure alignment with most of the current privacy regulations.


Data retention and deletion

  • Customers own and control all the data they collect.
  • Data is retained unless the customer deletes it from UserZoom Manager (For example, when the data is no longer valid) or ceases to have a contract with UserZoom.


PII and recruiting with Intellizoom

When automatically recruiting participants with UserZoom (Intellizoom), PII collection is not allowed.


Please provide any feedback you have on this article. Your feedback will be used to improve the article and should take no more than 5 minutes to complete. Article evaluations will remain completely confidential unless you request a follow-up. 

Was this article helpful?
1 out of 3 found this helpful