Communication, Information and Media Center (KIM)

Data protection and security with Microsoft Teams

Purpose of processing

Teams is used in administration, teaching, and research primarily as a messenger service (text, audio, and video chat) e.g. in departments or learning groups. The purpose of data processing is to use Teams as a tool for cooperation within the framework of the student or official activities at the University of Hohenheim for the fulfillment of university tasks (teaching, research, and administration).

It is not permissible to use Teams for private purposes.

There is no performance or behavioral monitoring based on your use of Teams. The use of Teams to generate personal statistics is not permitted.

Conditions for permitted use

  • No content with high protection requirements
    No content that requires a high level of protection or is strictly confidential should be exchanged via this service. Nor should it be used to conduct appointment procedures or interviews. You can use webconf or DFNconf for these matters, but not if special categories of personal data are processed, such as health data.



  • No exchange of files with high data protection requirements
    For the exchange of particularly sensitive files between participants, existing secure channels should generally be used (shared drives, FEX, possibly BwSync&Share).

  • No university examinations
    As a rule, university examinations should only be conducted via Teams in justified exceptional cases, especially if other suitable options are not available. For these, you should use webconf or DFNconf if they must be conducted virtually.

Further information on data protection

  • Avoid unauthorized data processing
    When using Teams, it must be ensured that no unauthorized data processing takes place. It must also be ensured that the confidentiality of official matters is maintained.

    Make sure that smart devices, such as Alexa, Siri, Google Home, are not near where you are working or are not active to prevent unauthorized data processing or recording.

  • Adjust privacy settings before meeting
    Before using Teams, the possible data protection settings must be made in such a way that personal data is processed by Teams only for the purposes mentioned and within the scope of the applicable laws. The data protection principles privacy by default, data minimization, data economy, and purpose limitation must be observed.

  • Tracking
    You can exclude advertising cookies and tracking (Google Analytics, Google Ads,...) by making the appropriate settings in Teams and in the software used (e.g. browser).

  • Hide background
    To protect your privacy, you can replace your background with an overlay. Your head can still be seen, but your surroundings cannot.

Data protection configurations in Teams

Central settings and recommendations on our part:

Availability status and status message

In Teams, just like normal messengers, there is also an availability status that shows others whether you are currently available or not. Teams manages the status automatically by default:

  • "absent" after 5 minutes of inactivity
  • "do not disturb" during a presentation
  • "in a meeting" if there is a meeting on your calendar
  • ...

You can use a status message to inform the team of your status in a different way:

  • at lunch until 1 p.m.
  • on holiday until 17 May
  • sick
  • ...

The availability status can be perceived as a control. A status message, on the other hand, can be helpful information for the team in certain cases.

In general, however, you are not obliged to maintain a correct status. You are free to choose your online status display. A displayed availability does not mean anything for your actual presence.

If you don't want teams to automatically determine your status, set it manually to any other status, such as "busy".

Reading receipts

By default, you can see whether other members of the university have seen your message and vice versa. This is helpful, but not mandatory. Via [ Settings ] [ Privacy ] [ Read receipts ] you can disable mutual read confirmation. External persons (guests) do not receive a read receipt regardless of this setting.

Meetings

  • anonymous participants can neither start a meeting nor participate in one
  • anonymous participants cannot interact with apps
  • external participants cannot be given control
  • transcriptions are deactivated
  • could recordings are deactivated

Apps / data exchange with other services

  • Apps are allowed to access the following by default: Media (camera, microphone, speaker), location, notifications, external links, MIDI devices

You can disable this default permission by selecting [ Settings | Permissions ]. Apps will then ask you for permission one at a time if they need access rights.

  • Gifs and memes are disabled.
  • Third-party apps are deactivated (Asana, Adobe, ...)
  • Interfaces to third-party cloud storage (Citrix files, Dropbox, Box, Google Drive, Egnyte) are deactivated.
  • The integration of task-oriented services (MakeCode and Turnitin) is disabled.

Guests and other organizations

You can work in your team with individual guests from outside the university. Add the person's email address as a new team member. The person will receive an invitation and if they do not already have an account, a Microsoft account will be created for them. By default, guests have almost the same rights within a team as members from the university (telephony, meetings, messages, chats, document access).

We cannot establish positions of trust with other organizations. If you would like to work with external people, include them as guest members of your team.

Storage location of team data

Data for Microsoft 365 services is stored by default in Germany (Frankfurt).

Live events

  • Transcriptions are deactivated
  • Recordings are not created automatically, but the organizer can manually initiate a recording
  • Live events are always recorded

Do you have questions or comments about this site? contact form

Links

Alternatives/supplements