Da­ta pro­tec­tion in­for­ma­tion for on­line meet­ings, tele­phone con­fer­ences and we­bi­na­rs via “Zoom” of Gün­ter Stahl GmbH.

We would like to in­form you be­low about the pro­cess­ing of per­son­al da­ta re­gard­ing the use of “Zoom”.

Pur­pose of pro­cess­ing

We use the tool “Zoom” to con­duct con­fer­ence calls, on­line meet­ings, video con­fer­ences and/or we­bi­na­rs (here­inafter: “on­line meet­ings”). “Zoom” is a ser­vice pro­vid­ed by Zoom Video Com­mu­ni­ca­tions, Inc. which is based in the USA.

Re­spon­si­ble en­ti­ty

The en­ti­ty re­spon­si­ble for da­ta pro­cess­ing di­rect­ly re­lat­ed to the per­for­mance of “on­line meet­ings” is Gün­ter Stahl GmbH.

Note: In­so­far as you vis­it the web­site of “Zoom”, the provider of “Zoom” is re­spon­si­ble for da­ta pro­cess­ing. How­ev­er, vis­it­ing the web­site of “Zoom” is on­ly nec­es­sary to down­load the “Zoom” soft­ware.

You can al­so use “Zoom” if you en­ter the re­spec­tive meet­ing ID and, if ap­plic­a­ble, fur­ther ac­cess da­ta for the meet­ing di­rect­ly in the “Zoom” app.

In case you do not want or can not use the “Zoom” app, you may fall back to a brows­er ver­sion of “Zoom”, which you can al­so find on the “Zoom” web­site. This ver­sion on­ly pro­vides the ba­sic func­tions of the ap­pli­ca­tion.

What da­ta is processed?

Var­i­ous types of da­ta are processed when us­ing “Zoom”. The scope of the da­ta al­so de­pends on the da­ta you pro­vide be­fore or dur­ing par­tic­i­pa­tion in an “on­line meet­ing”.

The fol­low­ing per­son­al da­ta are sub­ject to pro­cess­ing:

User de­tails: first name, last name, tele­phone (op­tion­al), e‑mail ad­dress, pass­word (if “sin­gle sign-on” is not used), pro­file pic­ture (op­tion­al), de­part­ment (op­tion­al).

Meet­ing meta­da­ta: Top­ic, de­scrip­tion (op­tion­al), at­tendee IP ad­dress­es, device/hardware in­for­ma­tion.

For record­ings (op­tion­al): MP4 file of all video, au­dio and pre­sen­ta­tion record­ings, M4A file of all au­dio record­ings, text file of on­line meet­ing chat.

For di­al-in with the tele­phone: in­for­ma­tion on the in­com­ing and out­go­ing call num­ber, coun­try, start and end time. If nec­es­sary, fur­ther con­nec­tion da­ta such as the IP ad­dress of the de­vice can be stored.

Text, au­dio and video da­ta: You may have the op­por­tu­ni­ty to use the chat, ques­tion or sur­vey func­tions in an “on­line meet­ing”. To this ex­tent, the text en­tries you make are processed in or­der to dis­play them in the “on­line meet­ing” and, if nec­es­sary, to log them. In or­der to en­able the dis­play of video and the play­back of au­dio, the da­ta from the mi­cro­phone of your de­vice and from any video cam­era of the de­vice will be processed ac­cord­ing­ly for the du­ra­tion of the meet­ing. You can turn off or mute the cam­era or mi­cro­phone your­self at any time via the “Zoom” ap­pli­ca­tions.

To par­tic­i­pate in an “on­line meet­ing” or to en­ter the “meet­ing room”, you must at least pro­vide your name.

Scope of pro­cess­ing

We use “Zoom” to con­duct “on­line meet­ings”. If we want to record “on­line meet­ings”, we will trans­par­ent­ly com­mu­ni­cate this to you in ad­vance and – if nec­es­sary – ask for con­sent. The record­ing icon will al­so be dis­played to you in the “Zoom” app.

If it is nec­es­sary for the pur­pose of log­ging the re­sults of an on­line meet­ing, we will log the chat con­tent. How­ev­er, this will usu­al­ly not be the case.

In the case of we­bi­na­rs, we may al­so process ques­tions asked by we­bi­nar par­tic­i­pants for the pur­pos­es of record­ing and fol­low­ing up on we­bi­na­rs.

If you are reg­is­tered as a user at “Zoom”, re­ports of “on­line meet­ings” (meet­ing meta­da­ta, tele­phone di­al-in da­ta, ques­tions and an­swers in we­bi­na­rs, sur­vey func­tion in we­bi­na­rs) may be stored at “Zoom” for up to one month.

Au­to­mat­ed de­ci­sion-mak­ing with­in the mean­ing of Art. 22 DS­G­VO is not used.

Le­gal ba­sis for da­ta pro­cess­ing

In­so­far as per­son­al da­ta is processed by em­ploy­ees of Gün­ter Stahl GmbH, § 26 BDSG is the le­gal ba­sis for da­ta pro­cess­ing. If, in con­nec­tion with the use of “Zoom”, per­son­al da­ta is not re­quired for the es­tab­lish­ment, im­ple­men­ta­tion or ter­mi­na­tion of the em­ploy­ment re­la­tion­ship, but is nev­er­the­less an el­e­men­tary com­po­nent in the use of “Zoom”, Ar­ti­cle 6 (1) (f) GDPR is the le­gal ba­sis for da­ta pro­cess­ing. In these cas­es, our in­ter­est is in the ef­fec­tive im­ple­men­ta­tion of “on­line meet­ings”.
For the rest, the le­gal ba­sis for da­ta pro­cess­ing when con­duct­ing “on­line meet­ings” is Art. 6 (1) lit. b) GDPR, in­so­far as the meet­ings are con­duct­ed in the con­text of con­trac­tu­al re­la­tion­ships.
Should no con­trac­tu­al re­la­tion­ship ex­ist, the le­gal ba­sis is Art. 6 para. 1 lit. f) GDPR. Here, too, our in­ter­est is in the ef­fec­tive im­ple­men­ta­tion of “on­line meet­ings”.

Re­cip­i­ents / pass­ing on of da­ta

Per­son­al da­ta processed in con­nec­tion with par­tic­i­pa­tion in “on­line meet­ings” is gen­er­al­ly not passed on to third par­ties un­less it is specif­i­cal­ly in­tend­ed to be passed on. Please note that the con­tent of “on­line meet­ings”, as well as per­son­al meet­ings, is of­ten used to com­mu­ni­cate in­for­ma­tion with cus­tomers, in­ter­est­ed par­ties or third par­ties and is there­fore in­tend­ed to be passed on.
Oth­er re­cip­i­ents: the provider of “Zoom” nec­es­sar­i­ly ob­tains knowl­edge of the above da­ta to the ex­tent pro­vid­ed for in our or­der pro­cess­ing agree­ment with “Zoom”.

Da­ta pro­cess­ing out­side the Eu­ro­pean Union

“Zoom” is a ser­vice pro­vid­ed by a provider in the USA. Pro­cess­ing of per­son­al da­ta thus al­so takes place in a third coun­try. We have con­clud­ed an or­der pro­cess­ing agree­ment with the provider of “Zoom” that com­plies with the re­quire­ments of Art. 28 GDPR.
An ad­e­quate lev­el of da­ta pro­tec­tion is guar­an­teed by the con­clu­sion of the so-called EU stan­dard con­trac­tu­al claus­es.

Da­ta pro­tec­tion of­fi­cer

We have ap­point­ed a da­ta pro­tec­tion of­fi­cer.

You can reach him as fol­lows:
Mr. Chris­t­ian Volk­mer, Pro­jekt 29 GmbH & Co. KG, Os­ten­gasse 14, 93047 Re­gens­burg, Ger­many, phone: +49 941 2986930, e‑mail: anfragen@projekt29.de.

Your rights as a da­ta sub­ject

You have the right to ob­tain in­for­ma­tion about the per­son­al da­ta con­cern­ing you. You can con­tact us for in­for­ma­tion at any time.

In the case of a re­quest for in­for­ma­tion that is not made in writ­ing, we ask for your un­der­stand­ing that we may re­quire proof from you that you are the per­son you claim to be.

Fur­ther­more, you have a right to rec­ti­fi­ca­tion or dele­tion or to re­stric­tion of pro­cess­ing, in­so­far as you are en­ti­tled to this by law.
Fi­nal­ly, you have a right to ob­ject to pro­cess­ing with­in the scope of the law.

A right to da­ta porta­bil­i­ty al­so ex­ists with­in the frame­work of the da­ta pro­tec­tion le­gal re­quire­ments.

Dele­tion of da­ta

We delete per­son­al da­ta in prin­ci­ple when there is no need for fur­ther stor­age. A re­quire­ment may ex­ist in par­tic­u­lar if the da­ta is still need­ed to ful­fill con­trac­tu­al ser­vices, to check and grant or de­fend against war­ran­ty claims and, if ap­plic­a­ble, guar­an­tee claims. In the case of statu­to­ry re­ten­tion oblig­a­tions, dele­tion will on­ly be con­sid­ered af­ter ex­piry of the re­spec­tive re­ten­tion oblig­a­tion.

Right of com­plaint to a su­per­vi­so­ry au­thor­i­ty

You have the right to com­plain about the pro­cess­ing of per­son­al da­ta by us to a su­per­vi­so­ry au­thor­i­ty for da­ta pro­tec­tion.

Changes to this da­ta pro­tec­tion no­tice

We re­vise this da­ta pro­tec­tion no­tice in the event of changes to da­ta pro­cess­ing or oth­er oc­ca­sions that make this nec­es­sary. You will al­ways find the cur­rent ver­sion on this web page.