Variant: Self Hosted / hosted and operated on own servers
We would like to inform you in the following about the processing of personal data in connection with the use of "Jitsi Meet".
Purpose of processing
We use the "Jitsi" tool to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter: "online meetings"). "Jitsi" is an open source software for online meetings, which we have installed and operate on our own server.
Responsible
Responsible for data processing directly related to the execution of "online meetings" is the Institut der deutschen Wirtschaft Köln e.V.
P.O. Box 10 19 42
50459 Cologne
Visitor address:
Konrad-Adenauer-Ufer 21
50668 Cologne
Phone: 0221 4981-1
Fax: 0221 4981-99547
welcome@iwkoeln.de
Which data is processed?
When using "Jitsi" different types of data are processed. If you participate in a "Jitsi" meeting, you will be asked for your name at the beginning of the meeting. This name is processed for the duration of your participation in the respective online meeting and then deleted.
Also, any audio, video or chat content will only be processed during the online meeting.
For technical operation, the following data is processed or the following personal data is subject to processing:
IP address: In order to be able to conduct the online meeting, the IP address used by your end device is processed. The logging of the IP address is deactivated on our "Jitsi" server.
Meeting name and password (if applicable): When setting up an online meeting, a name for the online meeting is chosen by the organizer. Additionally, a password can be provided for participation in the online meeting. This data is only processed until the end of the respective online meeting and then deleted. Please note, however, that the name of "Online Meeting" and the date, time and duration of the "Online Meeting" can be stored locally in your browser. If you no longer wish to see this data, you should delete your browser cache.
Email address: You can optionally enter an e-mail address. This e-mail address will then be used to retrieve and display a profile photo from the "Gravatar" service. Gravatar profile photos will only be displayed if a public Gravatar image can be retrieved for the e-mail address provided.
Scope of processing
We use "Jitsi" to conduct "online meetings". If we want to record "online meetings", we will inform you transparently in advance and - if necessary - ask for your consent.
Legal basis of data processing
As far as personal data of employees of the Institut der deutschen Wirtschaft Köln e.V. are processed, § 26 BDSG is the legal basis for data processing. If, in connection with the use of "Jitsi", personal data are not required for the establishment, execution or termination of the employment relationship, but are nevertheless an elementary component of the use of "Jitsi", Art. 6 Par. 1 letter f) GDPR is the legal basis for data processing. In these cases, we are interested in the effective implementation of "online meetings".
In addition, the legal basis for data processing in the conduct of "online meetings" is Art. 6 para. 1 lit. b) GDPR, insofar as the meetings are conducted within the framework of contractual relationships.
If no contractual relationship exists, the legal basis is Art. 6 para. 1 lit. f) GDPR. Here too, we are interested in the effective implementation of "online meetings".
Recipient / passing on of data
Personal data that is processed in connection with participation in "online meetings" is generally not passed on to third parties, unless it is specifically intended to be passed on. Please note that content from "online meetings" as well as personal meetings often serves the purpose of communicating information with customers, interested parties or third parties and is therefore intended for disclosure.
If you have provided an email address in the "Online Meeting", the "Gravatar" service of Automattic Inc. (USA) is called up. The use of "Gravatar" does not constitute order processing for us. The provider himself determines the purpose and means of data processing. If you have created an account with "Gravatar", these terms and conditions apply.
Data processing outside the European Union
Data processing outside the European Union (EU) does not take place. However, we cannot exclude the possibility that data is routed via Internet servers located outside the EU. This may be the case in particular if participants in "online meetings" are in a third country.
However, the data is encrypted during transport over the Internet and thus protected against unauthorized access by third parties.
If you have provided an e-mail address in the "Online Meeting", the "Gravatar" service of Automattic Inc. (USA) is called. Automattic Inc.'s servers may be located outside the EU. The appropriate level of data protection is ensured by Automattic Inc.'s Privacy Shield certification.
Privacy Officer
We have appointed a data protection officer. You can reach him at:
legitimis GmbH
Herrn Sebastian Feik, Dipl.-WJur. (FH)
Ball 1
51429 Bergisch Gladbach
Tel.: +49 2202 28 941 - 0
Fax: +49 2202 28 941 - 47
E-Mail : datenschutz-IWkoeln@legitimis.com
Your rights as data subject
You have the right to be informed about the personal data regarding you. You can contact us for information at any time.
In the case of a request for information that is not made in writing, we ask for your understanding that we may require you to provide evidence that proves that you are the person you claim to be.
Furthermore, you have the right to correction or deletion or to restriction of processing, as far as you are legally entitled to do so.
Finally, you have the right to object to the processing within the scope of the statutory provisions.
You also have a right to data transferability within the framework of the data protection regulations.
Deletion of data
As a matter of principle, we delete personal data when there is no need for further storage. A requirement can exist in particular if the data is still needed to fulfil contractual services, to check and grant or ward off warranty and guarantee claims. In the case of legal storage obligations, deletion only comes into consideration after expiry of the respective storage obligation.
Right of complaint to a supervisory authority
You have the right to complain about the processing of personal data by us to a data protection supervisory authority.
Variant: Hosted by Jitsi
We would like to inform you in the following about the processing of personal data in connection with the use of "Jitsi Meet".
Purpose of processing
We use the "Jitsi" tool to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter: "online meetings"). "Jitsi" is an open source software for online meetings, which we use via a service provider by way of a so-called order processing.
Responsible person
Responsible for data processing directly related to the execution of "online meetings" is the Institut der deutschen Wirtschaft Köln e.V.
P.O. Box 10 19 42
50459 Cologne
Visitor address:
Konrad-Adenauer-Ufer 21
50668 Cologne
Phone: 0221 4981-1
Fax: 0221 4981-99547
welcome@iwkoeln.de
Which data is processed?
When using "Jitsi" different types of data are processed. If you participate in a "Jitsi" meeting, you will be asked for your name at the beginning of the meeting. This name is processed for the duration of your participation in the respective online meeting and then deleted.
Also, any audio, video or chat content will only be processed during the online meeting.
For technical operation, the following data is processed or the following personal data is subject to processing:
IP address: In order to be able to conduct the online meeting, the IP address used by your end device is processed. The logging of the IP address is deactivated on our "Jitsi" server.
Meeting name and password (if applicable): When setting up an online meeting, a name for the online meeting is chosen by the organizer. Additionally, a password can be provided for participation in the online meeting. This data is only processed until the end of the respective online meeting and then deleted. Please note, however, that the name of "Online Meeting" as well as the date, time and duration of the "Online Meeting" can be stored locally in your browser. If you no longer wish to see these data, you should delete your browser cache.
Email address: You can optionally enter an e-mail address. This e-mail address will then be used to retrieve and display a profile photo from the "Gravatar" service. Gravatar profile photos will only be displayed if a public Gravatar image can be retrieved for the e-mail address provided.
Scope of processing
We use "Jitsi" to conduct "online meetings". If we want to record "online meetings", we will inform you transparently in advance and - if necessary - ask for your consent.
Legal basis of data processing
As far as personal data of employees of the Institut der deutschen Wirtschaft Köln e.V. are processed, § 26 BDSG is the legal basis for data processing. If, in connection with the use of "Jitsi", personal data are not required for the establishment, execution or termination of the employment relationship, but are nevertheless an elementary component of the use of "Jitsi", Art. 6 Par. 1 letter f) GDPR is the legal basis for data processing. In these cases, we are interested in the effective implementation of "online meetings".
In all other respects, the legal basis for data processing in the conduct of "online meetings" is Art. 6 para. 1 lit. b) GDPR, insofar as the meetings are conducted within the framework of contractual relationships.
If no contractual relationship exists, the legal basis is Art. 6 para. 1 lit. f) GDPR. Here too, we are interested in the effective implementation of "online meetings".
Recipient / passing on of data
Personal data that is processed in connection with participation in "online meetings" is generally not passed on to third parties, unless it is specifically intended to be passed on. Please note that content from "online meetings" as well as personal meetings often serves the purpose of communicating information with customers, interested parties or third parties and is therefore intended for disclosure.
The technical service provider we use to operate "Jitsi" is also the recipient of data. We have concluded an order processing contract with the service provider that complies with the requirements of Art. 28 GDPR. In particular, the service provider shall ensure that all necessary technical and organizational measures for data security in accordance with Art. 32 GDPR are complied with.
If you have provided an e-mail address in the "Online Meeting", the "Gravatar" service of Automattic Inc. (USA) will be called up. The use of "Gravatar" does not constitute order processing for us. The provider himself determines the purpose and means of data processing. If you have created an account with "Gravatar", these terms and conditions apply.
Data processing outside the European Union
Data processing outside the European Union (EU) does not take place. However, we cannot exclude the possibility that data is routed via Internet servers located outside the EU. This may be the case in particular if participants in "online meetings" are in a third country.
However, the data is encrypted during transport over the Internet and thus protected against unauthorized access by third parties.
If you have provided an e-mail address in the "Online Meeting", the "Gravatar" service of Automattic Inc. (USA) is called. Automattic Inc.'s servers may be located outside the EU. The appropriate level of data protection is ensured by Automattic Inc.'s Privacy Shield certification.
Privacy Officer
We have appointed a data protection officer. You can reach him at:
Mr. Sebastian Feik, Dipl.-WJur. (FH)
legitimis GmbH Dellbrücker Straße 116
51469 Bergisch Gladbach
Phone: +49 2202 28 941 - 0
Fax: +49 2202 28 941 - 47
e-mail : Datenschutz-iwkoeln.de@legitimis.com
Your rights as data subject
You have the right to be informed about the personal data regarding you. You can contact us for information at any time.
In the case of a request for information that is not made in writing, we ask for your understanding that we may require you to provide evidence that proves that you are the person you claim to be.
Furthermore, you have the right to correction or deletion or to restriction of processing, as far as you are legally entitled to do so.
Finally, you have the right to object to the processing within the scope of the statutory provisions.
You also have a right to data transferability within the framework of the data protection regulations.
Deletion of data
As a matter of principle, we delete personal data when there is no need for further storage. A requirement can exist in particular if the data is still needed to fulfil contractual services, to check and grant or ward off warranty and guarantee claims. In the case of legal storage obligations, deletion only comes into consideration after expiry of the respective storage obligation.
Right of complaint to a supervisory authority
You have the right to complain about the processing of personal data by us to a data protection supervisory authority.