Data Protection Information for Online Meetings, Telephone Conferences, and Webinars of the ifo Institute

We would like to inform you below about the processing of personal data in connection with the use of online meeting applications.

Purpose of the Processing

We, the ifo Institute – Leibniz Institute for Economic Research at the University of Munich e. V. (hereinafter referred to as “ifo Institute”) use the following tools to conduct telephone conferences, online meetings, video conferences, and webinars (hereinafter: “Online Meetings”). 

-    Zoom: https://zoom.us, based in the US
-    Microsoft Teams: http://teams.microsoft.com, based in the US
-    wonder.me: https://www.wonder.me, based in Berlin, Germany

(hereinafter referred to as “Online Videoconferencing Tools”)

Responsible Party

The data controller for data processing directly related to the holding of Online Meetings for the ifo Institute is the ifo Institute itself.

Note: If you access the website of the abovementioned Online Videoconferencing Tools, the respective provider is responsible.

What Data is Processed?

When using the above-mentioned Online Videoconferencing Tools, various types of data are processed. The scope of the data also depends on which tool you use and which data you provide before or during participation in an Online Meeting.

The following personal data is subject to processing (this list is not exhaustive):

User details: first name, last name, profile picture. Meeting metadata: topic, description. For recordings (optional): MP4 file of all video, audio, and presentation recordings, M4A file of all audio recordings, text file of the online meeting chat. For participants who dial in by telephone: information about the incoming and outgoing phone number, etc. 

For detailed information about the types of data collected, see the following links: 

•    Microsoft Teams: https://docs.microsoft.com/de-de/MicrosoftTeams/policy-control-overview
•    Zoom: https://zoom.us/de-de/privacy.html#_Toc44414842
•    wonder.me: https://www.wonder.me/policies/data-processing-agreement

Scope of the Processing

If we want to record Online Meetings, we will give you clear notice in advance and – if necessary – ask for your consent.

If it is necessary for the purposes of logging the results of an Online Meeting, we will log the chat content. However, this will not usually be the case.

In the case of webinars, we may also process questions asked by webinar participants for the purposes of recording and following up on webinars.

Automated decision-making in the sense of Art. 22 GDPR is not used.

Legal Basis for Data Processing

Insofar as personal data of employees of the ifo Institute online meetings is processed, Section 26 BDSG is the legal basis for the data processing. If, in connection with the use of the Online Videoconferencing Tools, personal data is not required for the establishment, implementation, or termination of the employment relationship, but is nevertheless an elementary component of the use of the Online Videoconferencing Tools, the legal basis for data processing is Article 6 (1) f) GDPR. In these cases, our interest is in the effective implementation of Online Meetings.

For the rest, the legal basis for data processing when conducting Online Meetings is Art. 6 (1) lit. b) GDPR, insofar as the meetings are conducted within the framework of contractual relationships.
Should no contractual relationship exist, the legal basis is Art. 6 para. 1 lit. f) GDPR. Here, too, our interest is in the effective implementation of Online Meetings.

Recipients / Disclosure of Data

Personal data processed in connection with participation in Online Meetings is generally not passed on to third parties by ifo unless it is specifically intended to be passed on. Please note that content from Online Meetings as well as personal meetings is often used to communicate information with customers, interested parties, or third parties and is therefore intended to be passed on.

Other recipients: Providers of the abovementioned Online Videoconferencing Tools necessarily receive knowledge of the abovementioned data, insofar as this is provided for within the framework of our contract with the abovementioned Online Videoconferencing Tool provider.

Data Processing Outside the European Union

If personal data is processed in a third country outside the EU (e.g., in the US), we ensure an appropriate level of protection, e.g., by agreeing EU standard contractual clauses.

Data Protection Officer

The protection of your personal data is of great importance to the ifo Institute – Leibniz Institute for Economic Research at the University of Munich e. V. In order to express this importance, we have commissioned a consulting firm with a great deal of experience in the fields of data protection and data security to take on these central issues. Our data protection officer also comes from this group of experts. We are advised by:

Legaltech GmbH
Augustaanlage 32
68165 Mannheim
https://www.schutz-von-daten.de/

Please contact our data protection officer Legaltech GmbH directly if you have any questions regarding data protection and data security:

Email: datenschutz@ifo.de
Phone: +49 621 43179339

Your Rights as a Data Subject

You have the right to information about the personal data concerning you. You can contact us for information at any time. 

In the case of a request for information that is not made in writing, we ask for your understanding that we may require proof from you that you are the person you claim to be. 

Furthermore, you have a right to rectification or deletion or to restriction of processing, insofar as you are entitled to this by law.

Finally, you have a right to object to processing within the limits of the law.

A right to data portability also exists within the framework of the data protection regulations.

Deletion of Data

We delete personal data when there is no need for further storage. A requirement may exist in particular if the data is still needed to fulfil contractual services, to check and grant or ward off warranty, and – if applicable – guarantee claims. In the case of statutory retention obligations, deletion will be considered only after expiry of the respective retention obligation.

Right of Appeal to a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work, or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the EU GDPR.

Competent supervisory authority for us is:

Bavarian State Office for Data Protection Supervision
PO Box 606
91511 Ansbach
Germany

The supervisory authority with which you have lodged a complaint will inform you of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 EU GDPR.

Amendment of This Data Protection Notice

We revise this data protection notice in the event of changes to data processing or other occasions that make this necessary. You will always find the current version on this website.

Status: July 1, 2021

You Might Also Be Interested In

Artikel

Privacy Policy