Declaration of Consent According to DSGVO Art. 6 (1) a for the Use of the Cloud Service Microsoft 365
All students can use the IT infrastructure of RWTH Aachen University. In addition to the local infrastructure of the university, you can voluntarily use Microsoft 365. Microsoft 365 is a cloud service offered by Microsoft for students of RWTH Aachen University. Via this service, various Microsoft products and online services* can be used for the purposes of student self-organization and communication:
The offered services are provided on servers that are not located at RWTH Aachen University data centers and to which RWTH Aachen University has no physical access. Microsoft alone is responsible for the offered services.
The authentication for Microsoft 365 is realized via Single Sign-On Account (Shibboleth). By using it, you confirm the following:
- Acknowledgement of the transmission of personal data to Microsoft. The following data is transmitted: first and last name and email address. These data serve exclusively for the authentication of the user.
- Since Microsoft 365 is a software with US origin, the US export control law must be adhered to in addition to the directly applicable national and supranational law.
- If the student status is lost or the self-service checkbox is deactivated, access to the content stored in M365 is also lost (e.g. Office, OneDrive, OneNote, SharePoint, etc.). After a standard period of 30 days, the account will be automatically deleted and with it the content in M365.
- Students who are also employees of the RWTH are not allowed to use M365 in a business context. Exception is the use of teams via the tenant m365.rwth-aachen.de: Microsoft Teams
It is contractually assured that your usage information does not leave the EU area and that it cannot be evaluated or read by Microsoft in any way. The use of Microsoft 365 is in compliance with the basic data protection regulation, provided that its use is voluntarily. The transmission of personal data for the necessary user account at Microsoft 365 has been checked by our data protection officer.
The following obligations exist for the users:
- The user is responsible for securing the data stored in the cloud
- The valid license and usage conditions of Microsoft which can be found at https://www.microsoft.com/de-de/rechtliche-hinweise/nutzungsbedingungen and https://www.microsoft.com/de-DE/useterms must be complied with.
Further information on Microsoft 365 and the data protection regulations can be found at https://privacy.microsoft.com/de-de/privacy and https://privacy.microsoft.com/de-de/privacystatement.
The use of Microsoft 365 is voluntarily. In accordance with § 17 DSGVO you can request the IT Center (firstname.lastname@example.org) to rectify, erase or restrict the processing of your personal data at any time. Furthermore, you can change or completely revoke the given declaration of consent at any time without stating reasons by removing the check mark in the self-service: www.rwth-aachen.de/selfservice.
- First and last name
- Contact email address
This is necessary to enable authentication with the RWTH Single-Sign-On and to identify users. This information is visible to other members of RWTH Aachen University who have user accounts in the same M365 instance.
*Outlook, Word, Excel, PowerPoint, OneNote, OneDrive, SharePoint and Teams