Data protection information for online meetings, telephone conferences and web conferences via “Microsoft Teams” by Pan-Dur GmbH

We would like to inform you below about the processing of personal data in connection with our use of “Microsoft Teams”.

  1. Responsible for data processing and who can I contact:
Responsible body: Data protection supervisor
Pan Dur GmbH

Max-Planck-Str. 1
97944 Boxberg-Windischbuch

Telephone: 07930/ 327 960

EmEtz GmbH


  1. What data we process and what we process your data for (purposes of processing) and on what legal basis we do so:

We use a “conference tool” (hereinafter referred to as the Service) to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter: “Online Meetings”). Microsoft Teams is a service provided by Microsoft Corporation, which is based in the United States.

When using the service, various types of data are processed. The scope of the data also depends on which data you make before or when participating in an “online meeting”.

Purposes of data processing Categories of data
Conducting online meetings User details (surname, first name, e-mail address, password)

Meeting metadata: Topic description, duration of participation.

When dialing in with the phone: connection data

Text, audio, and video: User input as part of the meeting

Location information for the technical provision of the service.

Organization of online meetings Information about the user and, if applicable, his contact details

Recordings of the meetings are generally not made by us.

You may have the option of using the chat, question or survey functions in an “online meeting”. In this respect, the text entries made by you will be processed in order to display them in the “online meeting” and, if necessary, to log them. In order to enable the display of video and the playback of audio, the data from the microphone of your device as well as from any video camera of the end device are processed accordingly during the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time via the applications.

In order to participate in an “online meeting” or to enter the “meeting room”, you must provide the minimum information required for this.

The legal basis for data processing is art. 6 Abs. 1 lit. b) DSGVO, as far as the meetings are carried out within the framework of contractual relationships.

If there is no contractual relationship, or if the execution of the meeting is not decisive for the fulfillment of the contract, the legal basis is Art. 6 Abs. 1 lit. f) DSGVO. This is where we are interested in effective communication by conducting “online meetings”.

Insofar as personal data of employees of Pan-Dur GmbH are processed, § 26 BDSG the legal basis of the data processing.

If you are registered as a user with the “Provider”, then further data can be stored via “Online Meetings” (meeting metadata, telephone dial-in data, questions and answers in webinars, survey function in webinars).

The scope of data processing can be found in the data protection information of the provider Microsoft Privacy Statement – Microsoft Privacy.

  1. To whom is the data passed on (categories of recipients):

Personal data processed in connection with participation in “online meetings” will not be passed on to third parties unless they are specifically intended for this disclosure. In the course of participation in “online meetings”, which are intended for the exchange of content, the transfer will of course take place to the participants or the intended recipients. Within our company, only those persons process the data who also need this data in the context of meeting organization or execution.

Other recipients:

The provider necessarily receives knowledge of the above-mentioned data, insofar as this is provided for in the context of our order processing contract with him.

  1. Duration of data storage:

In principle, we delete personal data if there is no requirement for further storage. A requirement may exist in particular if the data is still needed to fulfil contractual services. In the case of statutory retention obligations, deletion is only possible after expiry of the respective retention obligation.

  1. Data transfer to third countries:

The service provider is from the USA. The processing of personal data thus also takes place in a third country. We have concluded an order processing contract with the provider, which meets the requirements of Art. 28 DSGVO complies. An adequate level of data protection is ensured by the conclusion of the so-called EU standard contractual clauses.

  1. Further mandatory information (e.B. rights of data subjects, right of appeal)

The other mandatory information of the Art. 13,14 and 21 the DSGVO please refer to our general information on data protection on our homepage.