Customer Information & Privacy

Zoom Integration Privacy Notice

Effective Date: 2/25/2026

Exelare (“Exelare”, “we”, “our”, or “us”) provides optional integration with Zoom to allow users to schedule and manage virtual interviews and meetings directly within the Exelare platform.

This Zoom Integration Privacy Notice explains what information is accessed, how it is used, and how it is protected when you connect your Zoom account to Exelare. This notice supplements our main Privacy Policy.

1. How the Zoom Integration Works

When a user chooses to connect their Zoom account to Exelare, they authorize Exelare to access limited Zoom account information necessary to:

  • Create Zoom meetings for interviews and recruiting activities
  • Display meeting details within the Exelare platform
  • Manage scheduling workflows
  • Update or cancel meetings when modified in Exelare

The integration operates only after explicit user authorization.

2. Information We Access

When Zoom integration is enabled, Exelare may access:

  • Basic Zoom account information (such as name and email address)
  • Meeting metadata (meeting ID, join URL, date/time, duration, participants)
  • Authorization tokens required to maintain the connection

Exelare does not store:

  • Meeting audio or video recordings (unless separately uploaded by a user)
  • Chat messages from Zoom meetings
  • Zoom account passwords

3. How We Use Zoom Data

Information obtained through the Zoom integration is used solely to:

  • Facilitate interview scheduling and virtual meetings
  • Display meeting details within candidate and job records
  • Enable automated scheduling workflows
  • Provide user support and troubleshoot technical issues

We do not use Zoom data for advertising, profiling, or marketing purposes.

Exelare does not use data obtained from Zoom APIs to develop, improve, or train generalized artificial intelligence or machine learning models unrelated to the functionality of the integration.

4. Data Storage and Retention

Exelare stores only the information necessary to support recruiting workflows, such as meeting links and scheduling metadata.

Zoom OAuth tokens are securely stored and encrypted. Tokens may be revoked at any time by the user through:

  • Their Exelare account settings, or
  • Their Zoom account security settings

Meeting metadata is retained in accordance with Exelare’s general data retention policies.

5. Data Sharing

Exelare does not sell or share Zoom integration data with third parties for marketing purposes.

Information may only be disclosed:

  • To comply with legal obligations
  • To protect the security or integrity of Exelare systems

6. Security Measures

Exelare implements administrative, technical, and organizational safeguards designed to protect Zoom integration data, including:

  • Encrypted storage of access tokens
  • Secure API communication (HTTPS/TLS)
  • Role-based access controls within the platform

While we use commercially reasonable safeguards, no system can guarantee absolute security.

7. Disconnecting Zoom

Users may disconnect their Zoom account at any time from within Exelare settings.

Upon disconnection:

  • OAuth tokens are revoked or deleted
  • Exelare will no longer be able to create or manage Zoom meetings
  • Previously scheduled meeting records remain as part of recruiting history unless deleted by the user

8. Relationship with Zoom

Zoom’s collection and use of your information is governed by Zoom’s own privacy policy. Exelare is not responsible for Zoom’s independent data practices.

 

Privacy Policy Update for Gmail/Office 365 integration in Exelare

Last updated: 03/11/2025

Information Collection
We collect the following user data from your Gmail and Office 365 accounts upon receiving your explicit permission:
– Email data: email addresses, subject lines, email body content, attachments, and timestamps
– Calendar data: event titles, descriptions, locations, start and end times, attendees, and reminders

Use of Information
The collected user data from Gmail and Office 365, including email and calendar data, is used solely for integrating your email and calendar accounts with our application. This integration enables you to view, manage, and interact with your emails and calendar events within our platform.

  • We do not use Google Workspace APIs to develop, improve, or train generalized AI and/or machine learning (ML) models.
  • The data accessed via Google Workspace APIs is only used for the purpose of providing user-requested functionality and is not shared, stored, or processed beyond what is necessary for service delivery.
  • We maintain strict access controls and adhere to Google’s API policies and industry security standards to protect user data.

Your data will not be used for any other purpose without your explicit consent

Sharing, Transfer, or Disclosure of Information
We do not share, transfer, or disclose your user data from Gmail and Office 365 to third parties except:
– As required by law
– To protect the rights and safety of our users and third parties
– With your explicit consent for specific instances

Any sharing of data will be done in accordance with applicable laws and with your explicit consent when necessary.

Storage and Protection of Information
We take the security of your user data very seriously and employ the following data protection mechanisms:
– Industry-standard encryption methods to protect your data both in transit and at rest
– Access to your data is restricted to authorized personnel only
– Regular reviews and updates to our security practices to ensure the ongoing protection of your data

User Control and Access
You have full control over the integration of your Gmail and Office 365 accounts with our application. Emails are not stored automatically; they are only stored when you explicitly choose to link them. However, once you select the option to sync your calendar with Gmail or Office 365, the calendar synchronization will occur automatically. You can revoke access at any time through your Google or Microsoft account settings. Additionally, you can request to view, modify, or delete your email and calendar data stored in our application by contacting our support team.

Data Retention
We retain your user data from Gmail and Office 365 only for as long as necessary to provide the integration services. Once you revoke access or delete your account, we will delete your user data from our servers within a reasonable timeframe, except where retention is required by law.

Compliance with API Services User Data Policies
Our use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Similarly, our use of information received from Microsoft APIs will adhere to Microsoft’s API Services policies. We ensure that the data collected from your email and calendar accounts is only used to provide or improve user-facing features that are prominent in the requesting application’s user interface. It is not used for serving ads, and we do not allow humans to read the data unless we have your affirmative agreement for specific messages, we are compelled for security purposes (such as investigating a bug or abuse), or to comply with applicable law.

Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the ‘Last updated’ date. We encourage you to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

SMS Communication

We may send SMS (text) messages to users who have provided their mobile phone numbers in the course of engaging with us – for example, when requesting a demo, submitting a contact request, or communicating with us for support or billing-related queries. These messages may include:

  • Service Updates
  • Support-related communications
  • Billing-related notifications

Message frequency may vary. Standard message and data rates may apply. Users can opt out at any time by replying “STOP” to any message or by contacting us directly.

Data Sharing and Third Parties

We do not share, sell, rent, or disclose your mobile numbers, SMS opt-in, or related communication data with third parties or affiliates under any circumstances. Your privacy is important to us, and we handle your information responsibly and in compliance with applicable standards.

Contact Information
If you have any questions about this Privacy Policy, please contact us at support@cbizsoft.com.

GDPR

Updated on 5/24/2018 to reflect GDPR commitment

cBizSoft is working with customers in the EU and will work to comply with applicable General Data Protection Regulation (GDPR) regulations as a data processor when they take effect on May 25, 2018.  If you have offices in the EU or if you are working with clients and candidates living in the EU, you can learn more about the GDPR HERE.

Where Do We Stand

We have always had a very straight forward privacy policy that let our customers, the data controllers, know what data we capture and how that information is used.

Customer Information & Privacy

cBizSoft does not collect the following information stored in a customer’s Exelare database, directly or indirectly, by any of its products (including, but not limited to, cBizOne, XBar, Exelare, Exelare Mobile)

  • Contact data stored in Customer databases.
  • Candidate data stored in Customer databases. Candidate resumes.
  • Requirements data stored in Customer databases
  • Any data from EMails Sent.
  • Any data from EMails Received.
  • Any other data, except the following given below.

cBizSoft does collect the following customer data only for supporting, marketing and licensing of its products.

  • Customer’s Name
  • Customer’s Company Name
  • Customer’s Phone Numbers
  • Customer’s EMail Address

cBizSoft’s hosting solution includes:

  • Daily Backups
  • Monthly offsite backups
  • Redundant servers in two data centers
  • Disaster recovery services
  • 99% uptime guarantee

Detailed hosting and security information is available HERE.

Control Your Data

Exelare provides admins the ability to modify profiles for their team members. Users may also have the ability to search and modify their personal data if their permission level and access allows.  If you have any questions about controlling your personally identifiable data, please email support@cbizsoft.com.

Customers may request their Exelare database at any time, provided Customer account is current.  Any outstanding balances must be paid for Customer to receive their data.

In the event that cBizSoft should go out of business or at any time at the request of Customer, a complete export of all of Customer’s data and resumes will be sent to them in a timely fashion (within 5 business days of requesting an export).  All data will be in an industry standard open format.  There will be no charge for exporting and sending Customer their data and resumes.

What’s Next?

We will continue to make additional operational changes resulting from the GDPR legislation and will keep our customers informed throughout this process.