Privacy notice for online meetings with Microsoft Teams

In the following we would like to inform you about the processing of personal data in connection with the use of "Microsoft Teams"

Responsible party

The person responsible for data processing is

syscovery solve & serve GmbH
Käfertaler Str. 190
68167 Mannheim

Note: Insofar as you call up the website of the online meeting provider, the provider is responsible for data processing. However, accessing the website is only necessary in order to download the software that may be required to use the online meeting service, or to obtain information on how to use the online meeting software.

Purposes and legal basis of data processing

We use "Microsoft Teams" to conduct conference calls, online meetings, video conferences and webinars (hereinafter: "Online Meetings"). "Microsoft Teams" is a service of Microsoft Corporation, One Microsoft Way in Redmond, WA 98052-6399, which is headquartered in the USA.

When participating in an online meeting, these categories of personal data may be subject to processing:

  • Your IP address used to access Microsoft Office 365 applications.
  • Your user name (access data to the Microsoft Office 365 applications), data within the scope of the so-called multi-factor authentication, which you yourself have stored in your Microsoft account (e.g. optionally the (private) mobile phone number).
  • Identification features: Information about your person that identifies you as a user, sender, recipient of data within the application. This includes in particular the following master data: Name, first name, official contact data such as telephone number, e-mail address, official fax number, if provided by you. Further data (such as a profile picture stored by you) can also be viewed in your profile.
  • Data required for authentication and licence use as well as user activities such as time of access, date, type of access, information on the data/ files/ documents accessed, creating, modifying, deleting a document, setting up a team (and channels in teams), making notes in the notebook, starting a chat, etc.
  • Meeting metadata: Topic, description, participant IP addresses, device/hardware information.
  • For recordings: MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of all online meeting chats.
  • when dialling in with the telephone: information on the incoming and outgoing call number, country name, start and end time, if necessary, further connection data such as the IP address of the device can be stored.
  • Text, audio and video data: You may have the option of using the chat, question or poll function in an online meeting. In this case, the text entries you make are processed in order to display them in the online meeting and, if necessary, to record them. In order to enable the display of video and the playback of audio, the data from the microphone and/or the video camera of your terminal device are processed during the online meeting. You can deactivate or mute the camera and/ or microphone at any time via the provider's online meeting software.

We use the above data to conduct an online meeting. If we want to record online meetings, we will inform you in advance and obtain your consent. The fact of the recording will be displayed to you in the online meeting software.

If it is necessary to record the results of an online meeting, we will record the text inputs. In the case of webinars, for the purposes of recording and following up on webinars, we may process questions asked by participants. The data you provide will be used to record the outcome of the meeting.

The provision of your data is not required by law. However, some of the aforementioned data is required to conduct an online meeting. Without providing the data required to conduct an online meeting, you will not be able to participate in the online meeting. The communication of other data is voluntary, but may be required for the use of certain services. We will inform you when you enter data if the provision is required for the respective service or function. This data is marked as mandatory. In the case of required data, failure to provide it will result in the relevant service or function not being provided. For optional data, failure to provide it may result in our not being able to provide the online meeting in the same form and to the same extent as usual.

The legal basis for the data processing described above is Article 88 DSGVO in conjunction with Section 26 (1) BDSG (implementation of the employment relationship, insofar as you are in an employment relationship with us) and Article 6 (1) lit. f DSGVO (safeguarding legitimate interests, based on our interest in conducting online meetings and making them efficient, insofar as you are a participant in an online meeting without also being an employee). Insofar as we record an online meeting, this is done on the basis of Art. 6 para. 1 lit. a DSGVO (consent).

Data transfer to third parties

Content from online meetings is available to all participants. In addition, the provider of the online meeting software has access to your data insofar as this is provided for in the context of order processing. This does not apply insofar as we conduct an online meeting with end-to-end encryption. In this case, the provider of the online meeting software cannot access the contents of an online meeting. Apart from that, we will of course treat your data confidentially and will not pass it on to third parties.

Data processing outside the European Union

"Microsoft Teams" is a service provided by a provider from the USA. The USA is a third country outside the European Union. Countries outside the European Union handle the protection of personal data differently than countries within the European Union. We have therefore taken special measures to ensure that your data is processed as securely in third countries as it is within the European Union.

We have concluded the data protection contract (standard data protection clauses) provided by the Commission of the European Union for the processing of personal data in third countries with the provider "Microsoft Teams". This provides appropriate safeguards for the protection of your data when processed in a third country. You can request a copy of this data protection contract using the contact details provided above.

Deletion of data

Unless there are legal retention periods, your data will be deleted as soon as it is no longer necessary for the purpose for which we collected it. In the case of statutory retention periods, deletion will take place after the retention obligations have expired.

Your rights

Data subjects have the right to obtain information from the controller about the personal data concerning them (Art. 15 GDPR), as well as the right to have inaccurate data corrected (Art. 16 GDPR) or deleted, provided that one of the reasons mentioned in Art. 17 GDPR applies, e.g. if the data is no longer needed for the purposes pursued. There is also the right to restriction of processing if one of the conditions mentioned in Art. 18 DSGVO applies, the right to object (Art. 21 DSGVO) if the processing is based on Art. 6 (1) lit. e or lit. f DSGVO, and in the cases of Art. 20 DSGVO the right to data portability. If we process your data on the basis of consent, you have the right to revoke your consent at any time. A revocation does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

Right to lodge a complaint with a supervisory authority

Every data subject has the right to lodge a complaint with a supervisory authority if he or she believes that the processing of data relating to him or her violates data protection law. The contact details of the supervisory authority responsible for us are:

State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
Königstrasse 10 a
70173 Stuttgart
Tel.: +49 711 615541-0

Our data protection officer

We are supported by our external data protection officer in fulfilling our obligations under data protection law. In the event of an enquiry, please name the company in question. The contact details of our data protection officer are:

Bitkom Servicegesellschaft mbH
Albrechtstraße 10
10117 Berlin

Phone: +49 30 275 76-524

Change to this privacy notice

We revise this data protection notice in the event of changes to data processing or other occasions that make this necessary. You will always find the latest version on this website.