Data protection MS Teams

For communication via the Internet, we use the video conferencing system Microsoft Office 365 TEAMS. Below we inform you about the processing of your personal data when using Teams.

1. Person responsible and data protection officer

The responsible person in the sense of Art. 4 para. 7 GDPR is:

Local Brand X GmbH
Sophie-Christ-Straße 4
55127 Mainz

+49 6131 63571 22
info@local-brand-x.com

You can reach our data protection officer as follows:

RMPrivacy GmbH
Herr Matthias Rosa
datenschutz@local-brand-x.com

2. Processing of personal data

As part of our online meetings using Microsoft Teams, we process the following personal data: 

  • Communication data (e.g. your email address, if you provide it on a personal basis)
  • Personal master data (if you specify it)
  • Log files, log data
  • Metadata (e.g. IP address, time of participation, etc.)
  • Profile data (e.g. your username, if you provide it of your own accord)

Chat content is logged when using Microsoft Teams. Files that users share in chats are stored in the OneDrive for Business account of the user who shared the file. The files that team members share in a channel are stored on the team's SharePoint site.

3. Microsoft Teams service

Microsoft Teams is a product from the Microsoft Office 365 product suite. Through the video conferencing feature of Microsoft Teams, we can offer you participation via video and audio in our meetings and online events. We do not record the Microsoft Teams online events and meetings unless we have obtained their consent in advance.

The people who can see your audio and video input depends on the team modes we use:

Live events:
During live events, we do not allow sound or video recordings of participants in order to maintain anonymity.

Team Meetings:
In team meetings, all participants can set their own audio and video inputs. Unauthorized processing by other participants, e.g. by recording the meeting, cannot be definitively excluded or prevented by us.

Microsoft Office365 is software from the company

Microsoft Ireland Operations Limited  
One Microsoft Place
South County Business Park Leopardstown
Dublin 18
D18 P521
Irland  

Data processing with Office 365 is performed on our behalf on servers in data centers in the European Union in Ireland and the Netherlands.

Third country transfer

Microsoft may request remote access for the purpose of remote maintenance. We will review and approve such access on a case-by-case basis if it is necessary for Microsoft to perform support services (e.g., troubleshooting). In this case, such access may also be granted by Microsoft affiliates from outside the European Union. We have entered into standard contractual clauses with Microsoft solely for this case of access from outside the European Union in individual cases approved by us. For a copy of Microsoft's standard contractual terms, please see the Microsoft Terms of Use for Online Services ("MicrosoftOnlineServicesTerms"), the current version of which is available in your language at the following link: www.microsoftvolumelicensing.com/DocumentSearch.aspx.  

Own data processing by Microsoft

In accordance with its privacy policy, Microsoft reserves the right to process customer data for its own legitimate business purposes. We have no control over these data processing activities by Microsoft. To the extent that Microsoft Teams processes personal data in connection with legitimate business purposes, Microsoft is the independent data controller for those data processing activities and, as such, is responsible for compliance with all applicable data protection laws. If you need information about Microsoft's processing, we encourage you to review the relevant Microsoft statement: privacy.microsoft.com/de-de/privacystatement.  

4. Purpose and legal basis

We carry out the data processing under items 2 and 3. on the basis of a legitimate interest pursuant to Art. 6 (1) f) GDPR. The purpose and legitimate interest of this data processing are:  Provision of communication options with our customers, business partners and interested parties via the Internet and for internal coordination.

5. Duration of data storage

Your personal data will be deleted after 180 days at the latest.

6. Your rights under the GDPR

a) Information

Upon request, you will receive information about all personal data that we have stored about you at any time and free of charge.

b) Correction, deletion, restriction of processing (blocking), objection

If you no longer agree to the storage of your personal data or if this data has become incorrect, we will arrange for the deletion or blocking of your data or make the necessary corrections (insofar as this is possible under the applicable law) in response to a corresponding instruction. The same applies if we are only to process data in a restrictive manner in the future. You have the right to object in particular in cases where your data is required due to the performance of a task that is in the public interest or in our legitimate interest, as well as profiling based on this. You also have such a right of objection in the event of data processing for the purpose of direct advertising.

c) Data portability

If the data processing is based on a contract, pre-contractual negotiations, consent or with the help of automated processes, you have the right to data portability. Upon request, we will provide you with your data in a common, structured and machine-readable format so that you can transfer the data to another responsible party upon request.

d) Right of revocation for consents with effect for the future

You can revoke consents granted at any time with effect for the future. Your revocation does not affect the lawfulness of the processing until the time of revocation.

e) Right of appeal

You also have the possibility to complain to a supervisory authority about your data protection rights:

www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

f) Restrictions

Data for which we are not able to identify the data subject, e.g. if it has been anonymized for analysis purposes, is not covered by the above rights. Information, deletion, blocking, correction or transfer to another company may be possible in relation to this data if you provide us with additional information that allows us to identify you.

 

If you have any questions, please feel free to contact us at datenschutz@local-brand-x.com.