We take the protection of your personal data very seriously and consider transparency in the handling of your data to be very important. Therefore, we would like to inform you about what data we collect, for what purpose we do so and how you can exercise control over your data at any time.
Responsible
Responsible for data processing is:
PTA Programmier-Technische Arbeiten GmbH
Weberstraße 2-4
68165 Mannheim
Categories of data, purposes, legal bases of processing
When we provide you with M365 guest access as part of a project, we process the following personal data from you: Your Microsoft profile data such as name, email address, and photo; activity data (access, usage, and content associated with your apps and resources within our M365 tenant); and usage data that occurs in the course of using Microsoft services. Without this data processing, we cannot provide you with the M365 account. The legal basis is the fulfillment of a contract according to Art. 6 para. 1 p. 1 lit. b GDPR.
Recipient of the data
Your data will not be disclosed to third parties unless there is a legal obligation to disclose the data. This processing is based on Article 6 (1) c) DSGVO and in connection with the respective order or legal obligation to which we are subject in the individual case.
According to Article 6 (1) c) DSGVO, it is permitted to process personal data if the processing is necessary for compliance with a legal obligation to which the controller is subject.
Categories of recipients of the data are public bodies in the event of a legal obligation and processors who process the data collected online on our behalf. Involved Processor is:
Microsoft Corporation
Storage duration
We store your data for the period necessary to fulfill the purposes described above. We delete your data 3 months after termination of your required access authorization.
Your rights
With regard to the processing of personal data, you have various rights, which we would like to inform you about below. You can also find details of your rights in Articles 15 to 21 of the GDPR and Sections 32 to 37 of the German Federal Data Protection Act (“BDSG”).
You have the right to obtain information about your personal data. You can also request the correction of incorrect data.
In addition, under certain conditions, you have the right to delete data, the right to restrict data processing and the right to data portability.
You may assert all of the aforementioned rights pursuant to Articles 15 to 21 of the GDPR against the controller informally by e-mail or post.
You also have the right to complain to the competent data protection supervisory authority if you consider that the processing of your data is unlawful. A list of data protection officers and their contact details can be found at:
If you have any questions regarding data protection, please feel free to contact our external data protection officer:
David Gabel – Email: datenschutz@pta.de
