Purpose of the data processing
PrivacyRules uses Zoom to conduct conference calls, online meetings, conferences and webinars(hereafter referred to as ‘online meetings’).
What data is processed?
While using Zoom, different types of data may be processed. The quantity of data processed also depends on what information you will providein the context of theregistration to the meeting and during it.
The types of personal data that may be processed are the following:
User information: First name,email address, last name (optional), phone number (optional), password (when necessary), organization (optional), job title (optional).
Meeting details: topic, description (optional), participants’ IP addresses, type of device/hardware information.
Recording data: Video files, audio files and presentation recordings. Also,a text file of the online meeting chat may be saved.
Phone call data: If you call in by phone, Zoom will store the incoming/outgoing phone numbers, country, and start / end times of your participation. Other call data may also be stored, such as the device’s IP address.
Text, audio and video data: In an online meeting, you may have the option of using the chat, question or survey functions. Any text you input will be processed to display it and, where relevant, log it during the online meeting. To enable video display and audio playback, the data from the microphone on your device and any video camera on your device may be processed for the meeting duration. The Zoom app always allows you to switch off the camera or mute the microphone yourself anytime.
As a minimum, in order to take part in an online meeting/webinar or enter the ‘meeting/webinar room’, you will have to provide some information about your name and email address.
We use Zoom to conduct online meetings. When we want to record online meetings, we will inform you of that fact clearly in advance and – where necessary – ask for your consent. In any case, the Zoom app will inform you that a meeting is being recorded.
In some cases, we may save the content of the chat. However, this will not usually be the case.
During webinars, we may also process the questions asked by webinar participants for recording and follow-up purposes or to create additional events.
It should be noted that the Zoom service may necessarily involve the user data to be transferred outside the EU (identifying data, contact details, data and meta-data of the day, time and contents of the joined sessions). Please note that:
This transfer generally occurs based on the legitimate interest set forth in Article 6 (1) (f) of the GDPR. In these cases, our legitimate interest is the effective running of online meetings.
In some cases, PrivacyRules specifically asks for the data subject’s consent to process his or her personal data according to Article 6 (1) (a) of the GDPR.
When the meetings are carried out in the context of a contractual relationship, our legal basis for data processing is Article 6 (1) (b) of the GDPR.
As a matter of principle, personal data processed in connection with participation in online meetings is never transferred to third parties unless it is specifically intended to be shared. Please note that Privacy Ryules typically use such information for internal purposes, such as sending reminders to the registrants and further information on its activities. However, we will always ask for your explicit consent before contacting you out of the scope of the meeting you registered for.
As a service provider, Zoom is necessarily informed of the abovementioned data. These will be treated according to the“Zoom Global Data Processing Addendum” and in respect of the data processing agreement with Zoom.
In general, personal data collected by PrivacyRulesduring online meetings is never transferred to third parties, unless explicitly intended to be shared or under specific consent.