Web meetings with Cisco Webex

Purpose

The processing of personal data in connection with web meetings using Cisco Webex is carried out for the purpose of conducting and organizing online meetings, video conferences, and webinars.

Various types of personal data are processed during web meetings. The scope of data processing also depends on the information you provide before or during your participation in a web meeting and the settings you configure.

The following personal data is subject to processing:

  • Participation details: To participate in a web meeting, an invitation link is sent to the email address provided. Before entering the meeting room, you are asked to enter a name. It is not necessary to provide any additional data. Your name is visible to the other participants.
  • Meeting metadata: Topic, description (optional), IP address, device/hardware information.
  • For recordings: MP4 file of all video, audio, and presentation recordings; M4A file of all audio recordings; text file of the online meeting chat.
  • When dialing in by phone: Information regarding the incoming and outgoing phone numbers, country name, start and end times. If applicable, additional connection data, such as the device’s IP address, may be stored.
  • Text, audio, and video data: You have the option to use the chat, question, or poll functions in a web meeting. In this regard, the text you enter is processed to be displayed in the web meeting and, if necessary, to create recordings of it. To enable video display and audio playback, data from your device’s microphone and any video camera on your device is processed for the duration of the meeting. You can turn off or mute the camera or microphone yourself at any time via the Cisco Webex application.

In principle, only the personal text, audio, and video data of the person inviting others to the web meeting are processed. You only need a Webex account if you are hosting a web meeting and wish to invite additional participants.

Neither registration nor additional permissions are required to participate in a meeting. Participants receive an invitation link at the email address provided to join the web meeting. Further information on participation is provided by the organizer.

In the context of courses, you may be required to provide your full name to verify your identity and to briefly activate your video function. In the context of a course, your active participation may also be required, in which case audio and video data must be processed. Apart from that, your personal text, audio, and video data will only be collected and stored from you as a participant if you voluntarily contribute to the web meeting by activating the corresponding functions via chat or video.

If the host wishes to record the web meeting, you will be informed of the purpose of the recording in advance, asked separately for your consent, and made aware of your rights. If you refuse to give your consent, this may result in you being unable to participate in the web meeting. However, you will always have the option to view the recording later, so that you will not suffer any disadvantages as a result of not giving your consent.

The processed personal data is hosted in a data center within the EU.

Legal basis

Your personal data is processed by the EUF for the purpose of fulfilling the tasks stipulated in the Higher Education Law for Higher Education Institutions and the University Hospital of Schleswig-Holstein (Hochschulgesetz, HSG), in particular for academic purposes through research, teaching, study, and continuing education, as well as for the purposes of self-governance.

The Cisco Webex tool is used to enable these tasks to be carried out digitally.

To fulfill the university’s tasks, we process your personal data on the basis of Article 6(1)(e) GDPR and Article 6(3) GDPR in conjunction with the HSG, or, where special categories of data are processed, in accordance with Article 9(2)(g) GDPR in conjunction with the HSG. If web meetings are conducted in the context of contract initiation or performance, we process your personal data on the basis of Article 6(1)(b) GDPR. If personal data of EUF employees is processed, the legal basis for data processing is Article 88 GDPR in conjunction with § 26 BDSG and § 15 LDSG (SH).

In the case of recordings or the voluntary provision of data, the processing of your personal data is based on your consent in accordance with Article 6(1)(a) GDPR, or, if special categories of data are processed, in accordance with Article 9(2)(a) GDPR. You may withdraw your consent at any time by notifying the person who invited you.

Recipients

Personal data processed in connection with participation in web meetings is generally not disclosed to third parties, unless it is specifically intended for disclosure. Please note that, as with in-person meetings, content from web meetings often serves precisely to communicate information with faculty, students, clients, interested parties, or third parties and is therefore intended for disclosure.

Since data transfer to the U.S. cannot be entirely ruled out in the context of using Cisco Webex, the lawfulness of data processing is based on the European Commission’s adequacy decision (EU–U.S. Data Privacy Framework) as well as on concluded EU Standard Contractual Clauses in accordance with Article 46(2) GDPR.

For more information on this, please refer to the Cisco Privacy Statement.

Storage time

User-generated information processed in the context of online meetings is generally deleted as soon as it is no longer required for the purposes for which it was collected or is proactively deleted by the user. Upon termination or expiry of the service, this information is deleted from the Cisco Webex platform within 60 days.

Cisco stores registration information (financial information), host, and usage information (logging information) for 7 years after the termination of the service, in accordance with legal and regulatory retention periods.

Video recordings are stored on the Cisco Webex platform for a maximum of 7 days and, beyond that, outside of this platform, until the purpose for which this data is required has been fulfilled.

Necessity to provide data

The provision of personal data when using Cisco Webex is necessary to enable participation in web meetings from a technical and organizational standpoint. Without providing certain basic data—such as name, email address, or, if applicable, a user ID—no invitation can be sent, no authentication can be performed, and no connection to the conference can be established.

Your rights, contact information, Data Protection Officer

For more information, please see the data protection information on the homepage.