Data protection information for online meetings, telephone conferences and webinars via “Zoom” at FEG Textiltechnik Forschungs- und Entwicklungsgesellschaft mbH
We would like to inform you below about the processing of personal data in connection with the use of “Zoom”.
Purpose of processing
We use “Zoom” as a tool for holding telephone conferences, online meetings, video conferences and/or webinars (hereinafter referred to as “online meetings”). “Zoom” is a service provided by Zoom Video Communications, Inc., which is based in the USA.
Responsibility for data processing directly related to holding “online meetings” rests with FEG Textiltechnik Forschungs- und Entwicklungsgesellschaft mbH.
Note: Insofar as you visit the “Zoom” website, the provider of “Zoom” is responsible for data processing. However, it is only necessary to visit the website to use “Zoom” in order to download the software for using “Zoom”.
You can also use “Zoom” if you enter the unique meeting ID and, if applicable, further access data for the meeting directly in the “Zoom” app.
If you do not wish to, or are unable to, use the “Zoom” app, then the basic functions can also be used via a browser version, which you can also find on the “Zoom” website.
What data is processed?
Various types of data are processed when using “Zoom”. The scope of the data also depends on the data you provide before, or during, participation at an online meeting.
The following personal data is subject to processing:
Details about the user: First name, last name, telephone (optional), e-mail address, password (if “single sign-on” is not used), profile picture (optional), department (optional)
Meeting metadata: Topic, description (optional), IP addresses of participants, device/hardware information.
Recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of the online meeting chat.
Dial-in by phone: Information about the incoming and outgoing phone number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be stored.
Text, audio and video data: You may have the option of using the chat, question or polling functions in an “online meeting”. In that respect, the text entries you make will be processed in order to display them in the “online meeting” and, if necessary, to log them. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device will be processed accordingly for the duration of the meeting. You can turn off the camera or mute the microphone yourself at any time via the “Zoom” applications.
To participate in an “online meeting” or to enter the meeting room, you must enter your name details at least.
Scope of processing
We use “Zoom” for holding “online meetings”. If we want to record “online meetings”, we will inform you transparently in advance and – if necessary – ask for consent. The fact that the meeting is being recorded will also be indicated to you in the “Zoom” app.
We will log the chat content if it is necessary for the purpose of logging the results of an “online meeting”. However, this will generally not be the case.
In the case of webinars, we may also process questions asked by webinar participants for the purpose of recording and following up on webinars.
If you are registered as a user at “Zoom”, then reports of “online meetings” (meeting metadata, phone dial-in data, questions and answers in webinars, polling function in webinars) may be stored in “Zoom” for up to one month.
Automated decision-making within the meaning of Article 22 GDPR is not used.
Legal basis for data processing
Where personal data relating to employees of FEG Textiltechnik Forschungs- und Entwicklungsgesellschaft mbH is processed, Paragraph 26 of the German Federal Data Protection Act (BDSG) shall be the legal basis for data processing. If, in connection with the use of “Zoom”, personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component in the use of “Zoom”, Article 6 Subsection (1) lit. f) of the GDPR shall be the legal basis for data processing. In these cases, our interest lies in the effective implementation of “online meetings”.
Otherwise, the legal basis for data processing when conducting “online meetings” shall be Article 6 Subsection (1) lit. b) of the GDPR to the extent that the meetings are conducted in the context of contractual relationships.
In the absence of any contractual relationship, the legal basis shall be Article 6 Subsection (1) lit. f) of the GDPR. In these cases, our interest once again lies in the effective implementation of “online meetings”.
Recipients / disclosure of data
Personal data processed in connection with participation in “online meetings” is generally not disclosed to third parties unless it is specifically intended for disclosure. Please note that content from “online meetings”, just as in face-to-face meetings, is often used for the precise purpose of communicating information with existing customers, prospective customers or third parties and is thus intended for disclosure.
Further recipients: The provider of “Zoom” shall acquire knowledge of the above-mentioned data by necessity, to the extent that this is envisaged in the context of our order processing agreement with “Zoom”.
Data processing outside the European Union
“Zoom” is a service delivered by a provider from the USA. This means that processing of personal data also takes place in a third country. We have concluded an order processing agreement with the provider of “Zoom” that complies with the requirements of Article 28 of the GDPR.
An adequate level of data protection is guaranteed on the one hand by the conclusion of the so-called EU standard contractual clauses. Furthermore, in order to enhance our safeguards, we have configured Zoom in such a way that only data centres in the EU, the EEA or secure third countries such as Canada or Japan are used to conduct “online meetings”.
Data protection officer
We have appointed a data protection officer.
He or she can be reached at the following address: FEG Textiltechnik Forschungs- und Entwicklungsgesellschaft mbH, – Data protection officer –, Prager Ring 70, 52070 Aachen, E-mail: firstname.lastname@example.org
Your rights as a data subject
You have the right to obtain information about the personal data concerning you. You can contact us for information at any time.
If you submit a non-written request for information, please be aware that we may require you to provide proof that you are the person you claim to be.
Furthermore, you have a right to rectification or erasure or to restriction of processing, to the extent that the law permits you to do so.
Finally, you have a right to object to processing within the scope of the law.
There is also a right to data portability within the framework of data protection law.
Erasure of data
As a matter of principle, we erase personal data when there is no need to continue storing it. A requirement may exist in particular if the data is still needed in order to fulfil contractual services, to check and grant or defend against warranty and, where applicable, guarantee claims. In the case of statutory duties to retain data, erasure shall only be considered upon expiry of the duty to retain the data in question.
Right to complain to a supervisory authority
You have the right to lodge a complaint about our processing of personal data to a data protection supervisory authority.
Changes to this data protection notice
We shall revise this data protection notice in the event of changes to data processing or other occasions that make this necessary. The current version can always be found on this website.