Data protection with Zoom
The University of Hohenheim uses the Zoom X video conferencing solution, powered by Telekom, for digital teaching, research and administration. Data processing is carried out by Deutsche Telekom AG, acting as a data processor, on servers located in Germany or the European Union.
The use of Zoom X for private purposes is prohibited. There is no monitoring of performance or conduct.
Terms and conditions of use
Privacy settings
KIM has configured Zoom X so that only a minimum amount of data is processed: meetings start with video disabled and the microphone muted, automatic recording is disabled, and chat logs are not saved. Before use, the privacy settings should be checked and adjusted if necessary (Privacy by Default, data minimisation, purpose limitation).
End-to-end encryption
For content requiring a high level of security (e.g. exams, disciplinary proceedings, job interviews), end-to-end encryption must be enabled. Please note that this means some features (breakout rooms, polls, browser dial-in, phone dial-in) will not be available.
Recording of events
The recording of online events is permitted provided that data protection regulations are complied with. Further details are set out in the guidance on recording with Zoom X:
- Guide to recording with Zoom X
- Privacy notice regarding the recording of online events
- Consent Form (Template)
File sharing
Files requiring special protection should not be shared via Zoom X. Instead, use shared drives, FEX or bwSync&Share.
Privacy notice in accordance with Article 13 of the GDPR
Data controller
University of Hohenheim, represented by the Rector, Prof. Dr Christoph Schneider
Schloss Hohenheim 1, 70599 Stuttgart | www.uni-hohenheim.de
Data Protection Officer
UIMC Dr. Voßbein GmbH & Co. KG, for the attention of Dr Heiko Haaz
Otto-Hausmann-Ring 113, 42115 Wuppertal | dsb@uni-hohenheim.de
Purpose and legal basis
Zoom X is used to conduct virtual meetings, online courses and online seminars as part of the university’s core activities (teaching, research and administration). The legal basis for this is Article 6(1)(a) (consent), (b) (contract) and (e) (public interest) of the GDPR.
Data processed
Required for use: name and Hohenheim email address. Depending on usage, additional data may be processed: meeting metadata (topic, IP address, device information), audio and video data, and, in the case of recordings, the corresponding media files.
Recipients
Data processing is carried out by Deutsche Telekom AG as a data processor (Article 28 of the GDPR) on servers located in Germany/the EU. Data is not disclosed to any other third parties.
Retention period
Data will be deleted as soon as the purpose of processing has been fulfilled and there are no further retention obligations. The user account must be deleted at the latest upon leaving the university.
Your rights
You have the right to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20) and objection (Art. 21 GDPR). You may lodge a complaint with the State Commissioner for Data Protection and Freedom of Information in Baden-Württemberg.
Contact
- Data Protection: datenschutz@uni-hohenheim.de
- Technical and organisational matters: kim-it@uni-hohenheim.de
Do you have questions or comments about this site? contact form