Microsoft Teams – RHI Magnesita Data Privacy statement for online meetings, telephone conferences and webinars via “Microsoft Teams”
In connection with the use of “Microsoft Teams”, RHI Magnesita group (“we”) will process your personal data within the framework of the provisions of the General Data Protection Regulation 2016/679 (GDPR) and in compliance with applicable national data protection legal regulations.
In the following, we will inform you about the purpose, type and scope of the processing of your personal data and about your rights in this regard.
Purpose of processing
We use the tool “Microsoft Teams” to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter: “online meetings”). “Microsoft Teams” is a service of Microsoft Corporation.
Name and contact data of the Data controller
Responsible for the processing of your personal data:
Magnesita GmbH
Kranichberggasse 6
1120 Vienna, Austria
Note: If you access the “Microsoft Teams” website, the provider of “Microsoft Teams” is responsible for data processing. However, accessing the website is only necessary to download the software for using “Microsoft Teams”.
If you do not want to or cannot use the “Microsoft Teams” app, you can also use “Microsoft Teams” via your browser. The service will then also be provided via the “Microsoft Teams” website.
Processing purposes and legal bases
As far as personal data of employees of RHI Magnesita are processed, the employment relationship is the legal basis of the data processing. If, in connection with the use of “Microsoft Teams”, personal data is not required for the establishment, implementation or termination of the employment relationship or no contractual relationship exists but is nevertheless an elementary component of the use of “Microsoft Teams”, the legal basis for data processing is Art. 6 (1) f) DSGVO. In these cases, our interest lies in the effective implementation of “online meetings”.
In all other cases, especially towards non-employees, the legal basis for data processing when conducting “online meetings” is Art. 6 (1) lit. b) DSGVO, insofar as the meetings are conducted in the context of contractual relationships.
Should no contractual relationship exist, the legal basis is Art. 6 para. 1 lit. f) DSGVO. Here, too, our interest is in the effective implementation of “online meetings”.
Processed personal data categories and affected data subjects
When using “Microsoft Teams”, various types of data are processed. The scope of the data also depends on the data you provide before or during participation in an “online meeting”.
The following personal data are subject to processing:
User details: e.g. display name (“Display name”), e-mail address if applicable, profile picture (optional), preferred language.
Meeting metadata: e.g. date, time, meeting ID, phone numbers, location
Text, audio and video data: You may have the option of using the chat function in an “online meeting”. To this extent, the text entries you make are processed in order to display them in the “online meeting”. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device will be processed accordingly for the duration of the meeting. You can turn off or mute the camera or microphone yourself at any time via the “Microsoft Teams” applications.
Place of data processing and transmission of data
Personal data processed in connection with participation in “online meetings” will generally not be disclosed to third parties unless it is intended for disclosure. Please note that, as with face-to-face meetings, content from online meetings is often used to communicate information with customers, prospects or third parties and is therefore intended for disclosure.
Other recipients: The provider of “Microsoft Teams” necessarily receives knowledge of the above-mentioned data, insofar as this is provided for in the context of our order processing contract with “Microsoft Teams”.
Data processing outside the European Union
In principle, no data is processed outside the European Union (EU), as we have limited our storage location to data centers in the European Union. However, we cannot rule out the possibility that data may be routed via Internet servers located outside the EU. This may be the case in particular if participants in “Online Meeting” are located in a third country.
However, the data is encrypted during transport over the Internet and thus protected against unauthorized access by third parties.
Storage period of the data
As a matter of principle, we delete personal data when there is no need for further storage. A requirement may exist in particular if the data is still needed to fulfill contractual services, to check and grant or defend against warranty and, if applicable, guarantee claims. In the case of statutory retention obligations, deletion will only be considered after expiry of the respective retention obligation.
Your rights
Generally, you are entitled to information, rectification, erasure, restriction, data portability and objection. To assert these rights. also if you believe that the processing of your personal data violates applicable data protection law or that your rights under data protection law have been infringed in any other way, you may lodge a complaint with us or the data protection authority of your country of residence.
However, we kindly ask you to contact us first by using the contact details below:
dataprivacy@RHIMagnesita.com