Zoom has got very popular very quickly and yes a number of issues are arising highlighting potential privacy concerns. It is popular fore good reason: Works very well, has great features, and invitees don't need to register.
But it is built on WebRTC (as are many other video conferencing platforms now) which was designed for secure one-on-one (peer-to-peer) conferencing. So no-one can snoop on the traffic passing over the Internet but your client side app and the enterprise hosting the service instance for group calling potentially could.
There are some services such at Riot Matrix and Cisco Webex that can optionally enable full E2EE but it usually either costs in terms of price, network ovberhead, or limited numbers which can group conference.
However, if your organisation is a government or needs to be more sure around the security it is probably best to self-host something like Jitsi which you can fully control (or at least control access to it). Your organisation is the "man in the middle".
See Zoom's end-to-end encryption isn't actually end-to-end at all. Good thing the PM isn't using it for Cabinet calls. Oh, for f...
as well as an article about WebRTC and group calls at https://trueconf.com/webrtc.html
and also https://wire.com/en/blog/is-your-video-conference-solution-secure/