Controller within the meaning of the General Data Protection Regulation (GDPR)
MeVis Medical Solutions AG is responsible for processing your personal data in connection with the use of "Zoom".
We would like to inform you about the usage and processing of your personal data as follows.
Data processing and uses
We use the video conference platform "Zoom" to conduct online seminars as well as telephone and video conferences (hereinafter referred to as "online meetings").
Depending on the time and scope of the online meeting, different types of data can be processed. These include in particular:
Required data and functions
To participate in an online meeting, you need an access link.You will receive this link either from the host or you can find it on the website of the respective event. All you need to do is enter your name when dialing into the online meeting.
In addition, the platform processes user data required for the provision of technical support and improvements of the service. This includes in particular technical data about your devices, your network and your internet connection, such as IP address, MAC address, and other device IDs (UDID), device type, operating system type and version, client version, camera type, microphone or loudspeaker, type of connection.
Voluntary data and functions
You can choose to provide further information about your person without an obligation to do so. You are also free to choose the chat or survey functions during the online meeting. You can also turn your camera and microphone on and off.
When you use the chat or survey functions, your text entries are processed and displayed in the online meeting. When you turn on your camera or microphone, incoming signals from your microphone and video camera are transmitted to the meeting room. At the start of the online meeting, your camera and microphone are turned off by default.
Please note, any information that you or others upload, post, or create during the online meeting is processed at least for the duration of the meeting. This includes, but is not limited to chat, messages, upload files, whiteboards, and other information shared while using the service.
Chat content can be logged if required to record the results of an online meeting. However, this only applies to "public" chats and messages sent directly to the host. Private chat content is not logged.
If we wish to record online meetings, we will inform you in advance, and - if necessary - ask for your consent. If a recording is made, the participants of the online meeting will be informed by the system via video and audio as well.
Legal basis for data processing
If your participation in the online meeting is necessary to fulfill a contract concluded between you and us, your data will be processed based on Art. 6 para. 1 lit. b) GDPR. The same applies if the online meeting serves the implementation of pre-contractual measures which are carried out at your request.
If the data processing in connection with the use of "Zoom" is not necessary, neither for the fulfillment of a contract nor for the implementation of pre-contractual measures, it is carried out based on Art. 6 para. 1 sentence 1 lit. f) GDPR. Our legitimate interest here is to maintain communication independent of location, to maintain business contacts, and to provide services owed.
If you voluntarily provide information about yourself when using the tool, or voluntarily use functions that are not absolutely necessary, the associated data processing is carried out based on your revocable consent in accordance with Art. 6 para. 1 sentence 1 lit. a) 7 GDPR. You can revoke your consent at any time with effect for the future. Please note, processing that took place before your revocation is not affected.
Transfer of data
As a matter of principle we do not transfer your data to third parties. We will only pass on your data to third parties, if the data is intended to be passed on, if you have expressly consented to the transfer in advance, or if we are obliged or entitled to do so by law. Please note, consents from online meetings as well as personal meetings often serve the purpose of communicating information with other people and therefore are intended to be passed on.
When processing your data, Zoom Video Communications Inc. supports us as an external service provider. As a processor in the sense of Art. 28 GDPR, Zoom Video Communications Inc. processes your data strictly in accordance with your instructions and based on a separately concluded contract.
The data processing can also take place outside the EU or the EEA. With regard to Zoom Video Communications Inc. an adequate level of data protection can be assumed in accordance with Art. 45 para. 1 GDPR by participating in the Privacy Shield Agreement and in accordance with Art. 46 para. 2 lit. c) GDPR by using EU standard contractual clauses.
Deletion of your data
We process your data only as long as it is necessary for the purposes for which it was collected. Therefore, the data we process from you as a participant in an online meeting will be deleted immediately after the end of the meeting, unless the processing or storage of your data is necessary to assert, exercise or defend legal claims. In case of legal storage obligations, deletion will only be considered after the respective storage obligation has expired. If you as a host have your own "Zoom" account, you can usually delete it yourself.
Your privacy rights
As a data subject, you have the right to request information on the personal data we store about you. In addition, you have the right to request for that personal data to be rectified, erased, or blocked, if it is incomplete or inaccurate. You also have the right to object to the processing base on your particular situation. You have the right to lodge a complaint with a supervisory authority if you consider that our processing of your personal data infringes your rights. You can assert your data protection rights here:
You also have the right to complain to a supervisory authority if you believe that the processing of data concerning you is in breach of data protection legislation. In particular, the right of appeal may be lodged with a supervisory authority in the member state in which the data subject is resident or in which the subjected breach occurred.
Our data protection officer
You also have the right to contact our data protection officer at any time, who is obliged to maintain confidentiality regarding your request. The contact data of our data protection officer are as follows:
FIRST PRIVACY GmbH
Ein Unternehmen der
Phone +49 421-69 66 32 80
Fax +49 421-69 66 32 11