1. General remarks
This page summarizes and outlines the policies that govern the operation of Microsoft Teams ("Teams") as a collaboration platform for Pestalozzi Attorneys at Law, Löwenstrasse 1, 8001 Zurich, or Cours de Rive 13, 1204 Geneva ("Pestalozzi", "we", "us"). Pestalozzi uses Teams as a central hub for workplace conversations, collaborative teamwork, video chats, and document sharing both internally within the company organization and externally with clients, authorities, and other third parties.
3.1 Microsoft processes your personal data based on a data processing agreement
With regard to Microsoft's processing of your personal data in the context of Teams, we have concluded a written data processing agreement with Microsoft that complies with Swiss and European standards.
Microsoft is contractually committed to complying with all laws, regulations and other legal requirements, including, without limitation, the European General Data Protection Regulation ("GDPR") and the Federal Act on Data Protection ("FADP"), regarding (i) data privacy and security, and (ii) the use, collection, retention, storage, security, disclosure, transfer, disposal and other processing of your personal data.
3.2 Personal data collected by Microsoft
To provide, improve, develop, advertise and personalize Teams, Microsoft may process, amongst others, the following personal data from you:
- Contact data: Information that you share within Teams about you, e.g. your first and last name, email address, postal address, phone number and profile picture;
- Access data: Passwords, password hints, and similar security information used for Teams authentication and account access;
- Content data: To enable interaction via Teams, information about meetings and conversations chats (including audio, video, text), voicemail (including voice data), shared files and documents, recordings and transcriptions; and
- Usage data: Information about your device and the product and features you use, including information about your hardware and software.
As far as technically possible, we have deactivated all Microsoft services that are not required for our needs in order to minimize the transmission of your personal data to Microsoft. Further, we have set all default settings so that Microsoft has as few access rights to your personal data as possible.
3.3 Transfer of personal data to third parties abroad
In general, Microsoft stores your personal data on servers in Switzerland. However, based on the European standard contractual clauses, Microsoft may transfer your personal data to recipients abroad, including in countries without adequate legal data protection (e.g. the United States).
By using Teams, and to the extent permitted by the Term of Use and Privacy Statement, you expressly consent to Microsoft's transfer of your data, including data subject to attorney-client privilege, to foreign countries, including countries without adequate legal data protection. In the event of data disclosure abroad, it is possible that foreign authorities will access this data and use it, for example, in foreign legal proceedings.
For the avoidance of doubt, please be aware that all data you transfer to us via our email addresses @pestalozzilaw.com will remain in Switzerland.
3.4 Data security
Microsoft is committed to implementing and maintaining appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to your data that is transmitted, stored, or otherwise processed. In addition, your personal data is encrypted by default when transmitted over public networks.
Pestalozzi disclaims all warranties and liabilities of whatever nature for the use of Teams and any resulting breach of attorney-client privilege.
We recommend that all data subject to attorney-client privilege be sent to us only via our email addresses @pestalozzilaw.com.
If you have concerns, complaints or questions regarding the use of Teams, please contact us at:
Pestalozzi Attorneys at Law
Data Protection Contact
Löwenstrasse 1, 8001 Zurich
Zurich, 1 January 2021