Terms of Use Microsoft 365 (DSGVO)
Please note:
Declaration of Consent According to DSGVO Art. 6 (1) a for the Use of the Cloud Service Microsoft 365
All students can use the IT infrastructure of RWTH Aachen University. In addition to the local infrastructure of the university, you can voluntarily use Microsoft 365. Microsoft 365 is a cloud service offered by Microsoft for students of RWTH Aachen University. Via this service, various Microsoft products and online services* can be used for the purposes of student self-organization and communication:
The offered services are provided on servers that are not located at RWTH Aachen University data centers and to which RWTH Aachen University has no physical access. Microsoft alone is responsible for the offered services.
The authentication for Microsoft 365 is realized via Single Sign-On Account (Shibboleth). By using it, you confirm the following:
- Acknowledgement of the transmission of personal data to Microsoft. The following data is transmitted: first and last name and email address. These data serve exclusively for the authentication of the user.
- Since Microsoft 365 is a software with US origin, the US export control law must be adhered to in addition to the directly applicable national and supranational law.
- If the student status is lost or the checkbox in the Selfservice is deactivated, access to the information stored in M365 is also lost (e.g. Office, OneDrive, OneNote, SharePoint, etc.). After a standard period of 30 days, the account will be automatically deleted and with it the informatione in M365. The BitLocker recovery key that is saved in the Cloud is also affected. In this case the users will not be able to access the encrypted hard disk. The IT Center cannot take over the respobsibilty for the wrong or incomplete backup of the data in the cloud
- Students who are also employees of the RWTH are not allowed to use M365 in a business context. Exception is the use of teams via the tenant m365.rwth-aachen.de: Microsoft Teams
It is contractually assured that your usage information does not leave the EU area and that it cannot be evaluated or read by Microsoft in any way. The use of Microsoft 365 is in compliance with the basic data protection regulation, provided that its use is voluntarily. The transmission of personal data for the necessary user account at Microsoft 365 has been checked by our data protection officer.
The following obligations exist for the users:
- The user is responsible for securing the data stored in the cloud
- The valid license and usage conditions of Microsoft which can be found at https://www.microsoft.com/de-de/rechtliche-hinweise/nutzungsbedingungen and https://www.microsoft.com/de-DE/useterms must be complied with.
Further information on Microsoft 365 and the data protection regulations can be found at https://privacy.microsoft.com/de-de/privacy and https://privacy.microsoft.com/de-de/privacystatement.
The use of Microsoft 365 is voluntarily. In accordance with § 17 DSGVO you can request the IT Center (servicedesk@itc.rwth-aachen.de) to rectify, erase or restrict the processing of your personal data at any time. Furthermore, you can change or completely revoke the given declaration of consent at any time without stating reasons by removing the check mark in the self-service: www.rwth-aachen.de/selfservice.
By agreeing to the terms of use and by using the Service, the user consents to the following data being transmitted to Microsoft:
- First and last name
- Contact email address
This is necessary to enable authentication with the RWTH Single-Sign-On and to identify users. This information is visible to other members of RWTH Aachen University who have user accounts in the same M365 instance.
*Outlook, Word, Excel, PowerPoint, OneNote, OneDrive, SharePoint and Teams
