Privacy policy for online meetings

We would like to inform you in the following about the processing of your personal data in connection with the use of "Microsoft Teams”:

1 Name and Contact Details of the Data Controller

Data controller in terms of data protection law (“we”) is:

You will find further information on our company, details of authorised representatives and other contact details in the imprint on our website: www.fka.de/impressum.

2 Contact Details of the Data Protection Officer

We have appointed a data protection officer. If you have any questions or other concerns regarding data protection, you can reach him most easily at

fka GmbH
- Data Protection Officer -
Steinbachstraße 7
52074 Aachen
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

If you have any questions or other concerns regarding data protection, you can contact our data protection officer at any time using the contact details provided above.

3 Categories of Personal Data, Purposes and Legal Basis for Data Processing

We use "Microsoft Teams" to conduct telephone and video conferences, online meetings and webinars. "Microsoft Teams" is a service of Microsoft Corporation, headquartered in the USA.
Note: If you access the "Microsoft Teams" website, the "Microsoft Teams" provider is responsible for data processing. However, calling up the Internet page is only necessary to download the software for using "Microsoft Teams".

If you do not want to or cannot use the "Microsoft Teams" app, you can also use "Microsoft Teams" via your browser. The service will then also be provided via the "Microsoft Teams" website.
The data protection provisions of Microsoft are available at

https://learn.microsoft.com/de-de/microsoftteams/teams-privacy

https://www.microsoft.com/licensing/docs

You can also dial in by phone without using an app.

When using "Microsoft Teams", various types of data are processed, the scope of which depends on the data you provide before or during a participation in an online meeting. In particular, the following personal data may be subject to processing:

• User-related information: First and last name, telephone, e-mail address, address, profile picture, employer/company, position, function;
• Meeting-related metadata: Topic, description, phone numbers, location;
• Traffic data: Message content provided by the user in the context of participating in the online meeting, in particular data transmitted via the microphone and/or video camera of the user device, chat/text input data, including information on professional and/or private life and information on whereabouts;
• Recording data: Video, audio and/or presentation recordings, text data of the Online Meeting-chat;
• When dialing in by telephone: Information on the incoming and outgoing telephone number, country name, start and end time; if applicable, other connection data such as the IP address of the device.

The data will only be processed to hold the Online Meeting.

Except for the types of data that are technically necessary to provide the Online Meeting-services, you as a user are free to decide which data you wish to provide, so as to avoid an involuntary communication of information. In particular, you have the possibility to switch off or mute the camera or microphone of your used device at any time.

We record online meetings only in exceptional cases, and only after we have transparently communicated this to you in advance (and - if necessary - obtained your consent).

To the extent necessary to log the results of an Online Meeting, we will log the chat content. For webinars, we may also process questions asked by webinar participants for recording and follow-up purposes.

If personal data of our employees are processed, Sec. 26 German Federal Data Protection Act is the applicable legal basis for data processing. If, in connection with the use of "Microsoft Teams", personal data are not required for the conclusion, performance or termination of the employment relationship, but are a necessary component to use the services mentioned, Art. 6 para. 1 (f) GDPR is the legal basis for data processing. In these cases, our legitimate interest is to effectively hold Online Meetings.

In other cases, the legal basis for data processing for the purpose of holding Online Meetings is Art. 6 para. 1 (b) GDPR, insofar as the Online Meetings are held as part of or for the purpose of initiating contractual relationships.

If no contractual relationships exist, or if the processing of data is a necessary part of the Online Meeting for other reasons, the legal basis is Art. 6 para. 1 (f) GDPR. Again, we have a legitimate interest to effectively hold Online Meetings.

Insofar as your consent should be required to record an Online Meeting, the legal basis is Art. 6 para. 1 (a) GDPR.

We make no use of automated decision making in terms of Art. 22 GDPR.

4 Duration of Storage

In general, the data transmitted or provided by you in the context of the Online Meeting is not stored. Should we store personal data (e.g. in connection with the implementation of projects), we will, in principle, delete it when there is no need for further storage. Such requirement may exist in particular if the data is still needed to fulfil contractual services or to be able to assert, exercise or defend claims, such as warranty or guarantee claims. The relevant statutes of limitation are decisive for this.

However, data may be stored for a longer period of time if this is necessary due to storage obligations under tax or commercial law. In this case a deletion only comes into consideration after expiry of the respective storage periods.

5 Recipients/Categories of Recipients

We will share your data within our company only with those persons and departments and only to the extent necessary for the proper fulfilment of the processing purposes mentioned above.

If and to the extent necessary for the specific processing purposes and if legal provisions permit or require this, the data may be passed on or disclosed to third parties, such as other project partners involved. Please note that content from Online Meetings as well as personal meetings often serves the purpose of communicating information with customers, interested parties or third parties and is therefore intended for disclosure.

In order to conduct the online meetings, service provider Microsoft Corporation necessarily obtains knowledge of the above-mentioned data. For the processing of personal data by Microsoft Corporation, we have concluded a contract with the latter that complies with the requirements of Art. 28 GDPR. Microsoft Corporation provides its services from the EU.

6 Rights as Data Subject

In accordance with Articles 15 et seq. GDPR, under the conditions defined therein, you have the right to information about the personal data concerning you and to correction or deletion or restriction of processing, a right of objection to processing and the right to data portability.

You have the right to complain to a data protection supervisory authority about the processing of personal data by us if you are of the opinion that the processing of the data concerning you violates the GDPR.

If the processing is based on your consent, you also have the right to revoke the consent at any time, without affecting the legality of the processing which took place on the basis of the consent up to the revocation. It is nevertheless possible that we may need to continue to store certain data in order to comply with legal requirements or as part of a legal prosecution (see section 4).

Version: October 2022