As far as we can see we haven't been contacted by anyone at S&T in the last year, so we're not sure what they're referring to. We had one request from them a year ago asking us to change our terms of service for a single professor.

It's true that we're not able to accommodate requests for custom documentation, but they can see Security and Privacy for the information we make publicly available. The HECVAT and similar forms really just aren't applicable to an organization like ours (they want org charts and all sorts of details about on-prem systems that we don't have), and they would seem to eliminate any non-enterprise company from providing services to an institution.

The developers stated that accounts, even those established with institutions email resources, belong to the individuals registering them.

Yes…we view the accounts that people create as belonging to them. People can bring Zotero accounts that they already had, as well as keep the Zotero account and their data after they leave an institution. S&T seems to want to assert ownership over people's Zotero accounts.

Furthermore, S&T is referring to paid cloud storage, while seemingly ignoring that Zotero is a free application that doesn't require an account to use and saves all data locally by default. Blocking people from even installing an open-source program from a nonprofit organization that goes to extraordinarily lengths to protect people's privacy, while suggesting that they use alternatives from companies that literally make money by selling people's data, is a strange choice indeed.

We'd be happy to discuss this with them, but, again, no one at S&T has reached out to us.

Regarding the Zotero account ownership issue, you may also want to check your institution's intellectual property (IP) policy. In my experience, academic institutions have not generally claimed ownership of "scholarly works" by staff (except teaching materials). Assembling a reference collection, especially with notes and annotations, would be classified as a scholarly work. The use of an university email account to facilitate that would be irrelevant. Zotero's approach is consistent with such policies.

That's certainly the case with my large university (and in any case my Zotero account is not registered with my university email address anyway*). Such IP policies may of course differ in different parts of the world, and for different types of academic institutions. In my experience of different institutions (including having been involved in drafting IP policies), the larger the university, and the more its staff create IP other than just teaching materials (eg the university's research vs teaching focus), the more likely the university is to have detailed IP policies that protect staff rights to their IP in scholarly works (and of course also protecting the university's reasonable interests and liabilities) ... and also for its legal staff drafting such policies to be aware of common practice in academic institutions. Smaller, teaching-only institutions are less likely to have such policies, or make policies up as it suits them, with or without advice from legal professionals with experience of university IP practices.

* reasons for using a university email address would only be convenience, and if your university has purchased institutional Zotero storage that requires use of such an address.

Who at Zotero would be the best point of contact? I would like to follow up on the university side to ensure that the matter is resolved.