Since the coronavirus pandemic, video conferencing has become an integral part of everyday working life. Personal data is also transmitted here, more than you might think at first glance:

• Image and sound of a person
• Connection data
• Data on the other participants in the meeting, such as name, organisation and technical data
• Duration of the meeting
• Detailed information on the software and hardware used 

In most cases, this data is transferred to the operator of the video conferencing solution and may even be stored.

To ensure that as little data as possible is collected or stored when using a video conferencing solution, you should check the settings of the solution before using it for the first time. There are often options for data protection-friendly settings, but these must first be activated. 

Basic ideas on the use of video conferencing

As a project manager or employee, you will probably not decide for yourself which video conferencing solution to use. As a rule, an organisation or company already has a solution that you use for your project. In this case, the data protection issues should already have been clarified. If you have to choose a solution yourself, consider the following points:

(1) Is it a free or a paid service? 

In the case of free services, you should check the provider's terms and conditions in detail to ensure that the data collected will not be used for other purposes or even passed on to third parties. 

(2) In which country is the data processed?

(3) Has a data processing agreement been concluded with the service provider? 

Conclude an order processing contract with the service provider. These contracts are usually available for download on the provider's website. Check the contract to see which technical and organisational measures the provider has implemented to ensure that the processed data is adequately protected. You should also check the contract for the list of companies with which the provider works and exchanges data. Data protection must also be guaranteed for these companies.  

(4) Is the system configured with data protection-friendly default settings? 

Video conferencing solutions offer a range of settings. Go through all the settings once before you start using them and check whether everything is set in compliance with data protection regulations. For example, switch off tracking and statistics functions as far as possible, as a lot of personal data is usually processed for this purpose. 

(5) Has the new tool been included in the privacy policy? 

Refer to the use of the video conferencing solution in your data protection notices in order to fulfil your duty to inform employees and partners.

DISCLAIMER: The list does not claim to be exhaustive. It is intended solely as a guide and is in no way a substitute for testing by trained specialists.