We should like to inform you in the following about the processing of personal data in connection with the use of Microsoft Teams.

Purpose of processing
We use the Microsoft Teams tool in order to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter: online meetings). Microsoft Teams is a service of the Microsoft Corporation.

Data Controller
The Data Controller, who is directly involved in the conduct of online meetings is

Picard GmbH
Further information is available in our Legal Notices:
https://www.picard-hammer.de/en/footer/imprint/

Note: If you access the Microsoft Teams website, the Microsoft Teams access provider is responsible for the data processing. Accessing the website is, however, necessary only in order to download the software for the use of Microsoft Teams.

If you do not wish or are unable to use the Microsoft Teams app, you can also use Microsoft Teams via your browser. In this respect the service is then also provided through the Microsoft Teams website.

Which data are processed?
A variety of types of data is processed during the use of Microsoft Teams. The scope of the data depends also on which data you provide before and/or during participation in an online meeting.

The following personal data are the object of the processing:

Data on the user: e.g. display name, where applicable, e-mail address, profile image (optional), preferred language
Meeting meta data: e.g. date, time, meeting ID, telephone numbers, location
Textual, audio and video data: where applicable, you have the possibility of using the chat function during an online meeting. In this respect your text inputs are processed, in order to display these in the online meeting. In order to be able to display video and play back audio material, the data from the microphone of your terminal and from any video camera in your terminal are processed for the duration of the meeting. You may at any time switch off the camera or the microphone yourself by using the Microsoft Teams applications.

Scope of the processing
We use Microsoft Teams in order to conduct online meetings. If we wish to log online meetings, we shall inform you of this in a transparent manner and, if necessary, request consent.

The chat contents are logged during the use of Microsoft Teams. We store the chat contents for a period of up to three months. If they are required for the purposes of logging the results of an online meeting, we log the chat contents. However, this is as a rule not the case.

Automated individual decision-making within the meaning of Article 22 GDPR is not used.

Legal bases for data processing
Insofar as personal data of employees of the responsible authority is processed, § 26 German Federal Data Protection Act is the legal base for the data processing. Should personal data not be required in connection with the use of Microsoft Teams for the establishment, performance or termination of the employment, but are notwithstanding an elementary component in the use of Microsoft Teams, Article 6 (1) (f) GDPR is the legal base for the data processing. Our legitimate interest in these cases exists in the effective conduct of online meetings.

Otherwise, the legal base for data processing for the conduct of online meetings is Article 6 (1) (b) GDPR, provided that the meetings are conducted within the context of contractual relationships.

Should there be no contractual relationship, the legal base is Article 6 (1) (f). In this instance also our legitimate interest exists in the effective conduct of online meetings.

Recipient / transfer of data
Personal data, which are processed in connection with participation in online meetings, are as a matter of principle not disclosed to third parties, unless they are intended specifically for disclosure. Please note that the contents of online meetings and also those of personal discussion meetings frequently serve to communicate information to customers, potential buyers and thus are intended for disclosure.

Other recipients: The Microsoft Teams access provider necessarily obtains knowledge of the aforesaid data, insofar as this is provided in the context of our commissioned data processing agreement with Microsoft Teams and/or EU standard contractual clauses.

Data processing outside the European Union
As a matter of principle data is not processed outside the European Union (EU), since we have restricted our storage location to data processing service centres within the European Union. However, we cannot exclude the possibility that the data are routed through Internet servers, which are located outside the EU. This may be the case, in particular, if participants in an online meeting reside in a third country.

However, during transport over the Internet the data are encrypted and thus secured from unauthorised access by third parties.

Data Protection Officer
We are not obliged by law to appoint a Data Protection Officer.

If you have questions about data protection, contact us.
​​​​​​​https://www.picard-hammer.de/en/footer/imprint/

Your rights as a data subject
You have the right to access to the personal data concerning you. You can contact us for access at any time.

In the case of a request for access, which is not submitted in writing, please understand that, where applicable, we request from you evidence, which proves that you are the person whom you purport to be.

Furthermore, you have a right to correction or erasure of the data or to the restriction of the processing, provided that you are legally entitled to this. Finally, under the statutory provisions you have a right to object to the processing.

There is also a right to data portability under the provisions of data protection law.

Erasure of data
We erase personal data as a matter of principle, if there is no requirement that they should continue to be stored. It may be necessary to continue to store data, if the data are still needed to fulfil contractual services, to verify and grant or defend warranty and where applicable, guarantee claims. Where legal duties of retention exist, erasure of the data does not come into question until the respective duty of retention has expired.

Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a supervisory authorityabout the processing of personal data by us.

Amendment of this data protection information
We revise this Privacy Notice when there are modifications in the data processing or when other events occur, which make revision of this notice necessary. The current, valid version is always available on this website.

Status: 1st March 2021