2.3 Other Processing
a. Video conferences (Microsoft Teams)
- Data: Name, e-mail address, communication content (chat, audio, video, files), technical data (IP, device information)
- Legal basis: Art. 6(1)(b),(f) GDPR; Art. 6(1)(a) GDPR for recordings
- Recipient: Microsoft Ireland Operations Ltd., affiliated companies
- Retention: no storage, except when recordings are expressly consented to
- Third-country transfer: USA; EU-U.S. Data Privacy Framework, Standard Contractual Clauses
b. Security (Limit Login Attempts Reloaded)
- Data: IP address, username, login events
- Legal basis: Art. 6(1)(f) GDPR
- Recipient: none
- Retention: max. 30 days
- Third-country transfer: none
c. User management (When Last Login)
- Data: Timestamps of user logins
- Legal basis: Art. 6(1)(f) GDPR
- Recipient: none
- Retention: until deletion of user account
- Third-country transfer: none
e. Other plugins
Other plugins (e.g. WPBakery Page Builder, Slider Revolution, The7 Theme) are used exclusively for layout and functionality. They do not process personal data.
f. Data processing by third parties
Aside from hosting by Strato AG, no external processors are currently engaged. All maintenance, security, and IT services are performed internally by HKM Consulting GmbH. If external processors are engaged in the future, this will only take place on the basis of a data processing agreement pursuant to Art. 28 GDPR.