It is a customer (service user). There is a description on the following site.
What kind of approval system is SOC2?
Are software updates and patches applied to Zoom data centers as a security measure?
Does Zoom’s data center store backup files for the appropriate period/generations?
Are backups done properly in Zoom’s data center?
Is it possible to provide SOC2 reports/audit materials?
Does Zoom’s data center have virus / intrusion countermeasures (prevention / detection / recovery of data tampering)?
Is the frequency of virus scans appropriate in the Zoom data center?