Information on privacy for the use of Microsoft Teams and Microsoft 365

 

What is this information on privacy about?

To make the most of electronic communication, we use Microsoft Teams (hereinafter referred to as "Teams") to conduct meetings online. The General Data Protection Regulation (GDPR) has laid down some requirements on how to handle these data and to what extent we have to inform users in this regard. In accordance with Art. 13 of the GDPR, you have the right to be informed about certain aspects as soon as data are collected. This is why we are providing you with this information on privacy.

Who is responsible for data processing?

When data are processed due to the use of Teams, fruitcore robotics GmbH is the data controller. You can find information on how to contact us by mail, phone or email in the imprint of our website.

We have appointed a data protection officer, whose contact details can be found here.

What happens using Microsoft Teams?

We use Teams to enable simplified, uncomplicated communication with you and, where applicable, other participants by holding meetings online in real time and allowing instant exchanges in the chat function, as well as to enable our collaboration to be more efficient and more flexible, regardless of time or location. Depending on how participants use the program, different forms of personal data are processed via Teams (e.g. name, email address, video, audio). Additional information about data processing via Teams can be sourced directly from the provider Microsoft.

Participating in an online meeting via Teams does not require a user account to be created with Microsoft. All participants have to do is follow the link contained in the invitation email and join via the web interface. Your email address and name are required for us to identify you as an authorized participant and allow you to enter a meeting.

During participation, various technical usage data known as "metadata" (e.g. IP address, device/hardware information), connection data (e.g. telephone number, country name, start and end time), content data (e.g. text, audio, video) and diagnostic data are processed. Meta and connection data refer to information that has to be generated when using Teams. Otherwise, no connection can be established to you and your end devices.

The diagnostic data processed when using Teams contains a unique ID generated by Microsoft that allows the data to be uniquely assigned to a user (e.g. client ID, user ID, duration service is used, event ID, program language). These data are processed to provide, improve and update the Teams service and to maintain security. These data are also collected automatically during usage. Microsoft needs the data to be able to provide the Teams service without errors.
You can decide for yourself which content data can be processed via Teams. You can turn off the camera or microphone yourself at any time and prevent data from being processed in this way. The use of the chat function is also voluntary.

However, in order for it to make sense to conduct a meeting using this service, according to the purpose described at the beginning, it is necessary to use the audio function at the very least. There are no further "active" usage obligations.

The use of teams is permitted and governed by Art. 6, paragraph 1, letter f of the GDPR (legitimate interest). We have a legitimate interest in being able to keep business going even if it is not possible to hold face-to-face appointments for various reasons. In addition, using this service is less expensive and more efficient in many cases. It makes it easier for us to communicate and cooperate and should therefore also be in your interest.

Will my data be forwarded?

We use Teams as a cloud application, with the Microsoft Corporation as the data processor. You can view the data processing agreement included with the license purchase on Microsoft's website. Since they are a US provider, data are transferred to the USA. This is permitted because a sufficient level of data protection has been ensured through the stipulation of EU standard contractual clauses. You can obtain more information about this from Microsoft directly.

In the context of an online meeting, other participants can see your name as well as take note of any content you share.

For all members of a Teams room, both for employees of fruitcore robotics GmbH and external parties, there is transparency with regard to the other members of a Teams room. In particular, it is prohibited to share personal login details to a Teams room with other persons without authorization or to let other persons secretly participate in a Teams meeting, especially in a telephone or video conference. The video conference systems used have been designed in such a way that participants can recognize which video and audio data are recorded, transmitted and stored.

How long are data stored for?

Data are first stored when you join an online meeting via Teams. Data concerning the content of a meeting are neither recorded nor stored. In the event that a meeting is to be recorded, all participants will be notified and asked for their consent. The content of the chat can be viewed at least until the meeting is over. Information on exact retention periods can be found on Microsoft’s site.

What are your rights?

You may contact us to assert the following rights at any time:

  • Right of access (Art. 15 of the GDPR): upon request, we will inform you about the data we have stored regarding your person and what we do with these data.
  • Right to rectification (Art. 16 of the GDPR): if we have stored incorrect information about you, you can request that this be modified.
  • Right to deletion (Art. 17 of the GDPR): if there is no reason for your personal data to continue to be stored, we will delete it.
  • Right to restriction of processing (Art. 18 of the GDPR): if there is something specific you no longer wish to accept, you can request that processing be restricted.
  • Right to data portability (Art. 20 of the GDPR): you may, in certain cases, request that your data records be transferred to you.

We have given consideration as to whether we may process your personal data. This concerns, in particular, all processing operations carried out on the basis of Art. 6, paragraph 1, letter f of the GDPR. If you object to processing for advertising purposes, you will no longer receive any advertising.

You may exercise your rights at any time, but this does not mean that such requests will be fulfilled. For example, you cannot ask for your data to be deleted and to use our services at the same time.

You have the right to appeal to a data protection supervisory authority at any time. An overview can be found on the website of the Federal Commissioner for Data Protection and Freedom of Information.