Privacy policy for the use of Microsoft Office applications at Groz-Beckert
The protection of your data is very important to us, Groz-Beckert KG (hereinafter: "Groz-Beckert", "we"). We would therefore like to inform you about which categories of personal data we process for which purposes in the context of the shared use of Microsoft Office applications.
Please note that this privacy policy only informs you about the processing of your personal data by us if you use Microsoft applications together with us. If you require information about the processing of your personal data by Microsoft, please refer to the relevant Microsoft Privacy Statement - Microsoft Privacy Statement.
What is personal data?
Personal data means any information relating to an identified or identifiable natural person. A person is identifiable if they can be identified directly or indirectly, in particular by reference to an identification number or to one or more factors specific to their physical, physiological, mental, economic, cultural or social identity. This therefore also includes IP addresses or unique identification numbers, which may be stored in cookies when you visit our website.
What does the term processing mean?
The legislator defines the processing of personal data as activities such as the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data.
Name and contact details of the controller
Groz-Beckert Limited Partnership
Parkweg 2
72458 Albstadt
Phone: 0 01 1347 94+
E-mail: moc.trekceb-zorg@ofni
Contact details of the data protection officer
E-mail: moc.trekceb-zorg@ztuhcsnetad
Web meetings, video conferences and webinars (Microsoft Teams)
The purpose of processing your data is to plan and conduct web meetings, video conferences or webinars. The legal basis for the processing is based on Art. 6 para. 1 lit. b GDPR (insofar as the webinar is conducted within the framework of contractual relationships) or Art. 6 para. 1 lit. f GDPR (insofar as no contractual relationship exists).
Meetings are not recorded as a matter of principle. If this is not the case, you will be informed of this before the start of the session and asked for your consent, Art. 6 para. 1 lit. a GDPR.
We may process the following personal data when conducting web meetings, video conferences and webinars:
- Identification and contact data of the user, e.g. surname, first name, e-mail address, profile picture
- Meeting metadata such as device information, IP addresses
- Video, audio and presentation recordings
- Chat contents
The webinars will be held as a live event via Microsoft Teams (Office 365). The provider of the software is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA. Microsoft may necessarily obtain knowledge of the above-mentioned data insofar as this is provided for in the order processing contract with "Microsoft Teams".
When providing Microsoft Teams, Microsoft may store cookies on users' devices for analysis or settings purposes. Further information can be found on the Microsoft website: Microsoft Privacy Statement – Microsoft privacy.
We process your data for as long as is necessary to fulfill the purpose of processing or in accordance with legal requirements.
In principle, the data relating to the virtual execution of the respective session will be deleted after the end of the session. Files that were collected during the session (e.g. in the chat of a webinar) and are required for post-processing (such as answering unanswered questions) are stored for up to three weeks after the end of the session and then deleted. If you have registered with one of the services, other principles may apply here. If you have given your consent, your data will be deleted upon revocation, provided that there are no legal retention periods to the contrary.
Exchange and collaboration platform (Microsoft Teams Teams)
We use Microsoft Teams for the purpose of exchange, communication and collaboration within the Groz-Beckert Group as well as with external partners and other third parties.
Insofar as personal data of employees within Groz-Beckert are processed, Art. 6 para. 1 b) GDPR, the employment contract, is our legal basis. In addition, Art. 6 para. 1 f) GDPR, our legitimate interest, may be the legal basis for data processing. In these cases, we are interested in collaboration within the group of companies and with external partners and other third parties.
We process your data outside our group of companies if you have consented to the processing. You can withdraw this consent at any time with a view to the future. However, the withdrawal of consent does not affect the lawfulness of the processing carried out prior to the withdrawal.
To use Microsoft Teams Teams, we need your personal identification data such as first and last name, e-mail address, company.
Furthermore, we process the information relating to your person that you provide to us, such as inquiries, opinions, photos, documents and other information comparable to these data categories.
Within Groz-Beckert, access to your personal data is only granted to those departments that need it to fulfill our legal obligations or to protect our legitimate interests.
The data storage location may be in a third country if you are invited by one of our subsidiaries in a third country. If data is transferred to a service provider based in a third country, the transfer will be based on standard contractual clauses (SCC) as appropriate safeguards.
We do not process your personal data for longer than we need it for the purposes of the respective processing.
Surveys and queries (Microsoft Forms)
The purpose of the processing is to create surveys and queries, to enable appointments to be made, e.g. for organizational purposes for event planning, to receive responses from the requested persons and to evaluate them anonymously or on a personal basis, depending on the setting. Once a form has been created, internal and external persons can be invited to fill it out and send it to us. No Microsoft account is required for external persons.
Participation in surveys and/or polls takes place on a case-by-case basis either voluntarily on the basis of your consent in accordance with Art. 6 para. 1 lit. a) GDPR or our legitimate interest in accordance with Art. 6 para. 1 lit. f) GDPR.
Various types of data are processed when using Microsoft Forms. The scope of the data depends on the questions asked and answered:
- Identification and contact data of the user such as surname, first name, e-mail address, display name, profile picture (optional if stored in Microsoft 365)
- IP address
- Preferred language
- Status
- Date and time of opening the questionnaire
- Date and time the reply was sent
- Information in surveys (survey-specific)
If you participate in an anonymous survey, your response will not contain any contact information and cannot be traced back to you. To prevent tracing, please log out of your Microsoft account before participating in the survey.
Microsoft Forms is a service of the Microsoft Corporation. The processing is carried out on behalf of Groz-Beckert by:
Microsoft Ireland Operations Limited, One Microsoft Place, South Country Business Park, Leopardstown, Dublin 18, D18 P521, Ireland.
Internally (at the controller), those persons who have submitted a survey/vote via Forms and, if applicable, the interested group of persons will have access to the personal data upon request to the author.
The data of users from the European Union is processed in data centers within the European Economic Area (EEA). Nevertheless, it may be necessary for the provision of the service and in the context of support that data is processed at the headquarters of Microsoft Inc. in the USA. For data transfers to third countries, the transfer is based on standard contractual clauses (SCC) as suitable guarantees.
Anonymized log data is stored for up to 30 days for access by Groz-Beckert. It is only viewed for the purpose of identifying system errors, troubleshooting, clarifying security issues and checking for manipulation or other misuse. It is only accessible to administrators of the M365 platform.
Data collected in surveys is stored for as long as it is needed to fulfill the purpose.
Online appointment booking (Microsoft Bookings)
We use Microsoft Booking to organize and manage online appointments. For events with external third parties, the appointments are also used for billing purposes.
The legal basis for data transmission, storage and processing is your consent pursuant to Article 6(1)(a) GDPR.
We would like to point out that you are not obliged to use Microsoft Bookings to make an appointment. If you do not wish to use the service, please use one of the other contact options offered to make an appointment.
Various data is processed when appointments are made. In particular, the following personal data is processed:
- User details: first name, last name, e-mail address
- Appointment-related information (date, time, type of appointment)
- Further information is voluntary
Microsoft Bookings is a service of the Microsoft Corporation. The processing is carried out on behalf of Groz-Beckert by:
Microsoft Ireland Operations Limited, One Microsoft Place, South Country Business Park, Leopardstown, Dublin 18, D18 P521, Ireland.
Further information on the handling of user data can be found in Microsoft's privacy policy.
When using Microsoft Bookings, technically necessary cookies are used, which are required for the basic functionality of the application. These cookies are essential to ensure that Microsoft Bookings works properly and that the user experience remains smooth.
Internally (at the controller), those persons for whom an appointment has been booked have access to the personal data.
We have concluded an order processing agreement with Microsoft that meets the requirements of Art. 28 GDPR. Microsoft Bookings is a service that is generally provided by Microsoft within the EU. It cannot be ruled out that data may be transmitted to Microsoft Corp. in the USA in this context. Microsoft can also carry out remote maintenance access from other third countries. If participants use the appointment scheduling service from a third country, data is exchanged with a third country. The standard contractual clauses of the European Commission have been concluded with Microsoft Corp.
The personal data will be stored for as long as is necessary to fulfill the above-mentioned purposes. Deletion takes place after 12 months at the latest.
You have the option of withdrawing your consent to data processing or objecting to the use of the data at any time. In this case, the intended contact with the user is no longer possible or communication that has already begun can no longer be continued.
Your rights
Information on your rights can be found in our privacy policy on our homepage.
Subject to change
Groz-Beckert reserves the right to change this privacy policy at any time in compliance with legal requirements. We therefore recommend that you visit the website at regular intervals to find out about our current data protection practices.
Status: October 2024