The University of Mannheim uses Microsoft Teams as part of Microsoft M 365 as a collaboration and video conferencing tool. All students have the possibility to be registered in the Microsoft cloud. Registration is voluntary and you may revoke your consent at any time. Registration is subject to the acceptance of the requirements and references to the service provider’s terms of use.
(As at 1 December 2020)
Licensing
After the students have consented, the service is automatically licensed. Licensing is required for the lawful and full use of the services. For Microsoft Teams in particular, it is necessary to license all services that can be integrated as well. Within the scope of use, the individual users are obliged to comply with data protection law while using the services of a cloud service provider outside Europe.
Therefore, unencrypted contents containing personal data or employment-related data must not be made available in the cloud, must not be uploaded to the cloud and must not be shared via the cloud. The cloud is intended to be used for teaching purposes, mostly for self-organized student learning groups. The use for teaching purposes must not impede the voluntary nature of using the service and a revocation of consent must not obstruct the learning progress or availability of learning contents.
Consent to the Microsoft terms of use
By giving their voluntary consent to the terms of use described herein, all students also consent to the terms of use of the service provider. You can read these terms of use on https://www.microsoft.com/de-de/rechtliche-hinweise/nutzungsbedingungen.
External participants
You may invite external participants to join groups in Teams and include them into your team work. Guest access is limited to justified exceptional cases.
Responsibilities for data storage and retention periods
User-initiated data storage, including chat histories and documents, is limited to one year in the cloud. After expiration of this term, the data are permanently deleted. There is no automatic back up of the data stored in M365. The user is responsible for backing up the data. The individual users have to make sure to delete chat histories after one year (two semesters) and to back up any relevant data, if required. If users revoke their consent, all user generated data will be permanently deleted after 60 days. If the deletion was not intended, it may be reversed within this time period.
Data protection policy
When using Teams as part of M365, personal data are processed. Please observe the Data protection policy.
Comprehensive information about the nature and scope of data processing and further information, including your rights, can be found in the M 365 data protection policy. Please make sure to check the data protection policy regularly for any modifications.
Security incidents, personal data breaches
Please report a security incident or a personal data breach as soon as possible to the IT support.
It is considered a data breach if information from a meeting is disclosed to external parties. However, other forms of data breaches may be possible. This may happen if unauthorized persons join a meeting, information on a meeting are published on unauthorized channels or if a meeting has been recorded without having obtained the affected persons’ approval.
Please contact the IT support if you suspect a data breach.