Below navigation
  1. Inicio
  2. Data protection information regarding the ...

Data protection information regarding the use of transcription and recording in Microsoft Teams meetings

Mandatory Information to be provided persuant to Art. 12 et seq. EU-GDPR for participants in teams meetings

 

I. Name and contact information of the data controller

 

Your contact, who is the data controller as defined in the European General Data Protection Regulation (“EU GDPR”) and in other domestic data privacy legislation of the member states or any other data privacy law related provisions is:

GOPA Group Service
Hindenburgring 18
61348 Bad Homburg

Tel.: >GL3IDJE3LFCC
E-Mail: dataprotection-coordinator [at] gopa-group.org

 

 

II. Data processing in connection with our Microsoft Teams project meetings

 

1. Transcription

 

a. Description and scope

 

As part of our virtual project meetings via Microsoft Teams, we transcribe the spoken content of our Microsoft Teams meetings.

 

In the context of transcription, the following personal data will be processed:

 

  • First name;
  • Last name;
  • Language;
  • Audio content;
  • Account image;
  • Chat record.

 

In addition, further personal data may be processed depending on the use of functionalities in Microsoft Teams.

 

b. Legal basis

 

Legitimate Interest, Art. 6 Sect. 1 S. 1 lit. f) EU-GDPR.

 

c. Purpose

 

The purpose of date processing is the execution of our project organization.

 

d. Retention period

 

Your personal data will be stored for a period of 60 days.

 

e. Objection and removal options

 

The processing of your personal data in the context of transcription is absolutely necessary for our project organization. Consequently, you have no option to object.

 

 

2. Recording

 

a. Description and scope

 

As part of our virtual project meetings via Microsoft Teams, we record the spoken content of our Microsoft Teams meetings.

 

In the context of recording, the following personal data will be processed:

 

  • First name;
  • Last name;
  • Language;
  • Audio content;
  • Video content;
  • Shared content;
  • Account image;
  • Chat record.

 

In addition, further personal data may be processed depending on the use of functionalities in Microsoft Teams.

 

b. Legal basis

 

Consent, Art. 6 Sect. 1 S. 1 lit. a ) EU-GDPR

 

c. Purpose

 

The purpose of date processing is the execution of our project organization.

 

d. Retention period

 

Your personal data will be stored for a period of 60 days.

 

e. Objection and removal options

 

You have the option to revoke your consent to the recording at any time. In this case, your personal data will be deleted unless statutory retention periods prevent deletion.

 

 

3. Management of project plans and creation of meeting minutes

 

a. Description and scope

 

We process your personal data of the transcription or recording as part of the management of project plans and the creation of project-related meeting minutes.

 

b. Legal basis

 

Legitimate Interest, Art. 6 Sect. 1 S. 1 lit. f) EU-GDPR.

 

c. Purpose

 

The purpose of data processing is the creation of project-related meeting minutes. These serve us, our project partners and customers for the further organization of the project and the tracking of project progress and project agreements.

 

d. Retention period

 

Your personal data will be stored until the respective project has been completed.

 

e. Objection and removal options

 

The processing of your personal data in the context of management of project plans and creation of meeting minutes is absolutely necessary for our project organization. Consequently, you have no option to object

 

 

4. Data protection and the law

 

a. Exercising of the rights you have as a data subject pursuant to Art. 12 et seq. EU GDPR

 

(1) Description and scope

 

In conjunction with the management of the rights of data subjects, we will process your personal data. To that end, we will process any contact information you have shared in this context only to process and respond to your message and to subsequently document that the processing was in compliance with the applicable laws within the scope of our accountability obligations.

 

The following personal data will be processed in conjunction with the management of data subject rights:

 

  • First name,
  • Last name,
  • Postal address,
  • Email address,
  • Phone number.

 

(2) Legal basis

 

Legal obligation, Art. 6 Sect. 1 S. 1 lit. c) in combination with Art. 12 et seq. EU GDPR.

 

Legitimate interest in the subsequent documentation, Art. 6 Sect. 1 S. 1 lit. f) EU GDPR.

 

(3) Purpose

 

Managing your data subject rights in compliance with the law.

 

(4) Retention period

 

Data must be archived for 3 years after the processing of the respective transaction has concluded, § 41 BDSG in combination with § 31 Sect. 2 Nr. 1 OWIG.

 

(5) Objection and removal option

 

You have the option to object to the processing of your personal data in conjunction with the management of your data subject rights, which will affect all future transactions. However, in this case we will not be able to further manage your data subject rights.

 

The documentation of the compliant handling of your rights as the data subject is mandatory. Consequently, you do not have the option to object.

 

 

b. Legal defense and enforcement of the law

 

(1) Description and scope

 

Your personal data will be processed by us if you file legal claims targeting us or if we file claims and enforce rights targeting you.

 

(2) Legal basis

 

Legitimate interest, Art. 6 Sect. 1 S. 1 lit. f) EU GDPR.

 

(3) Purpose

 

The data processing purpose is to raise a defense against illegitimate claims and the legal enforcement of claims and rights.

 

This also constitutes our legitimate interest.

 

(4) Retention period

 

Your personal data will be stored until the processing purpose no longer exists. As a rule, this will be the case once the respective ruling becomes legally effective.

 

(5) Objection and removal option

 

The processing of your personal data within the scope of the legal defense and enforcement of the law is mandatory for us to ensure that we raise a legal defense or can enforce the applicable laws. Hence, you do not have any option to object.

 

 

III. Categories of Recipients

 

Within our company, we will share your personal data with those positions and departments that need them for all the above-mentioned purposes. In addition, we will, in some cases, use the services of different providers and will share your personal data with these other trustworthy recipients. These may, for instance, include the following:

 

  • Customers;
  • Cooperation partners;
  • IT-service providers;
  • Attorneys and courts of law;

 

 

IV. Transfer to Non-EU and Non-EEA Countries

 

In conjunction with the processing of your personal data, it is possible that we share your personal data with trustworthy service providers in non-EU and non-EEA countries. These countries are nations that are not within the European Union (EU) or the European Economic Area (EEA).

 

In this context, we cooperate only with such service providers who are in a position to give us qualified guarantees aiming at the protection of your personal data and who are in a position to warrant that your personal data will be processed in compliance with the stringent European Data Protection Standards. A copy of these qualified guarantees may be reviewed at our business.

 

If we share any personal data with recipients in non-EU and non-EEA countries, this will be done on the basis of a so-called adequacy decision of the European Commission, or, if such a decision is not available, on the basis of so-called standard contractual clauses, which also have been passed by the European Commission.

 

 

V. Your Rights

 

You are entitled to the following rights you may exercise in your relationship with us:

 

1. Right of access

 

You have the right to receive information as to whether and which personal data of yours we process. In this case, we will provide additional information on:

 

(1) The processing purpose,
(2) The categories of data,
(3) The recipients of your personal data,
(4) The envisaged retention period or the criteria to determine the envisaged retention period,
(5) Your additional rights,
(6) In the event that you have not shared your personal data with us: All available information as to its origins,
(7) If available: The existence of any automated decision making as well as information on the logic used, the expanse and the desired effects of the processing.

 

2. Right to rectification

 

You are entitled to have your data corrected and/or completed if the personal data processed by us is incorrect or incomplete.

 

3. Right to restriction of processing

 

You are entitled to the restriction of the processing of your data if:

 

(1) We are reviewing the correctness of your personal data processed by us,
(2) The processing of your personal data is illegal,
(3) You need the personal data processed by us to pursue your rights after the purpose of processing the data has ended,
(4) You have filed an objection against the processing of your personal data and we are in the process of reviewing your objection.

 

4. Right to erasure

 

You are entitled to having your data deleted if:

 

(1) We no longer need your personal data for the original purpose,
(2) You revoke your consent and if there is no further legal basis for the processing of your personal data,
(3) You have objected to the processing of your personal data and – if the matter in question is not direct marketing – there are no priority grounds for continued processing of the data,
(4) The processing of your personal data is illegal,
(5) The deletion of your personal data is mandated by law,
(6) Your personal data refers to minors for information society purposes.

 

5. Right to notify

 

If you have exercised your right to have data corrected, deleted or restricted in terms of processing, we will notify all recipients of your personal data, to correct, delete or restrict the processing of such data.

 

6. Right to data portability

 

You have the right to receive any personal data you have provided to us based on consent or to perform a contract in a structured, commonly used and machine-readable format and to have same transferred to another data controller. If this is technically feasible, you have the right to instruct us to send this data directly to another data controller.

 

7. Right to object

 

In the event that special grounds apply, you have the right to object to the processing of your personal data. In this case, we will no longer process your personal data, unless we are in a position to raise mandatory protection worthy grounds for continued processing.

 

If your personal data is being processed for the purpose of direct marketing you do, at any time, have the option to object.

 

8. Right to revoke consent

 

You have the right to revoke any consent you have given us at any time. The revocation of consent does not affect the legitimacy of any prior processing on the basis of consent.

 

9. Right to file a complaint with a supervisory authority

 

Any other administrative or court enforced legal remedies notwithstanding, you shall have the right to file a complaint with the competent supervisory authority, if you are of the opinion that the processing of your personal data by us is in violation of the EU GDPR.

 

The competent supervisory authority for our company is:

 

Der Hessische Beauftragte für Datenschutz und Informationssicherheit
Gustav-Stresemann-Ring 1
65189 Wiesbaden
Germany

superior de la página