Zoom illegally gave Facebook its users’ personal data without telling them, according to a new lawsuit against the teleconferencing company that has seen its business surge amid the coronavirus pandemic.

The company failed to tell users that it gave Facebook “and possibly other third parties” access to personal information it collected whenever they installed or opened the company’s app, according to the suit, filed Monday in a California federal court.

That data includes the model of the user’s device, the time zone they’re in and a “unique advertising identifier” that can be used to target the user with ads, according to the class-action complaint.

“Had Zoom informed its users that it would use inadequate security measures and permit unauthorized third-party tracking of their personal information, users … would not have been willing to use the Zoom App,” reads the complaint.

The lawsuit, brought by Robert Cullen of Sacramento, asks a judge to declare Zoom’s practices illegal and seeks damages from the company. Neither Zoom nor Facebook immediately responded to requests for comment on the suit. Neither Zoom nor Facebook immediately provided comment on the suit.

The complaint comes amid a boom in Zoom’s business fueled by the coronavirus pandemic. People have turned to its video-conferencing platform to work from home and chat with friends during lockdowns imposed to stop the deadly virus from spreading. That has helped the Silicon Valley company’s stock price to more than double so far this year.

It’s not uncommon for apps to share data with Facebook, but Zoom users’ information was shared even if they did not have a Facebook account — something that was not clear from the company’s privacy policy, according to the tech news publication Motherboard, which first reported on the issue last week.

Zoom said last week that it decided to remove the Facebook software tool responsible for collecting the data, though users will have to update their app for the change to take effect.

“We sincerely apologize for the concern this has caused, and remain firmly committed to the protection of our users’ privacy,” the company said in a Friday blog post.

Zoom is also reportedly facing scrutiny from New York Attorney General Letitia James, whose office sent the company a letter Monday about its data privacy practices. James’ office asked what security measures Zoom has implemented to deal with higher traffic and to spot hackers, according to the New York Times.

“We appreciate the New York Attorney General’s engagement on these issues and are happy to provide her with the requested information,” Zoom said in a statement.