Privacy Notice

Why is Falck processing your personal data related to MS Teams meeting recordings and transcriptions?

To provide you with MS Teams meeting recordings and transcriptions, Falck will for different purposes process your personal data.

Here you can see under what circumstances and to what purpose Falck will process your data:

1. Enable meeting participants and absent colleagues to review meeting content after the meeting has taken place
2. Support documentation and knowledge-sharing across teams and projects
3. Provide accessible meeting transcriptions for participants
4. Statistical purposes
5. Comply with legal obligations concerning the processing of personal data, if relevant, such as:
   1. Our obligations and your rights concerning the processing of your personal data
   2. Defend or prove a legal claim
   3. Secure the quality and IT-security around Falck’s processes and applications

Read more about Falck’s purposes to which Falck uses your personal data here

We collect and process personal data for the following purposes:

1. To enable meeting recordings and transcriptions within Microsoft Teams so that meeting content can be reviewed, referenced, or shared with colleagues who were unable to attend.
2. To be able to perform our business activities and functions and to provide best possible quality of customer service.
3. To provide accessible transcriptions of meetings for participants, including for accessibility purposes.
4. In order to comply with any law, rule, regulation, legal and binding provision, decision or dictate by a supervisory authority (such as EU’s regulation about data protection and other health law etc.) such as:
   1. Documentation requirements.
   2. Compliance with basic principles for processing of personal data and legal basis for processing.
   3. Implementation and maintenance of technical and organisational security measures, including but not limited to prevent unauthorised access to systems and information, prevent receipt or distribution of malicious code, termination of denial-of-service-attacks and damage to computer systems and electronical communication systems.
   4. Investigation of a suspected or known security breach and reporting of such breach to individuals and authorities.
   5. To process and respond to requests and complaints from data subjects and others.
   6. Handling of inspections and requests from authorities.
   7. Management of disputes with data subjects and third parties.
   8. Processing and transfer of your personal data for the purpose of yours or other individuals’ significant interests if such processing and transfer is based on a legal requirement.
   9. Processing and transfer of your personal data for purpose of ensuring the public safety and the public interests, insofar such processing and transfer is based on a legal requirement.

Your personal information will not be shared, sold, or disclosed other than as described in this Privacy Notice.

You are not obligated to provide any personal data to us. If you do not provide us with the personal data described below, the consequence will be no recording or transcription of the meeting will be available for later reference.

Which personal data does Falck process about you?

Falck exclusively processes personal data necessary to meet the purpose(s) described in section 1. This information is (in the scope of relevance for you):

1. Name and display name (as shown in MS Teams)
2. Address
3. Contact information, such as e-mail, phone number etc.

Read more about which data, Falck processes on you here

Ordinary personal data

• Name and display name
  • Received from: Microsoft Teams (via Falck’s Entra ID directory or your Teams/guest account for external participants)
• Address
• Phone number
• E-mail
  • Received from: Microsoft Teams (via Falck’s Entra ID directory or your Teams/guest account for external participants)
• Video and audio of the recorded meeting in question
• Personal data discussed, shared or otherwise processed during the meeting

Special categories of personal data (hereafter ‘sensitive personal data’)

• Health information is not intentionally processed but may be incidentally captured if discussed during a recorded meeting (psychological information, physical information, disability)
  • Received from: Directly from you during the meeting (incidental)

On what basis and for how long is Falck allowed to process your personal data?

Before Falck is allowed to process your information for the above stated purposes in section 1, Falck must first identify the legal basis of the processing of your personal data, including defining how long your personal data is stored at Falck.

According to the General Data Protection regulation (‘GDPR’) Falck is using the following legal basis for the processing of your information:

1. Legal obligations, art. 6(1)(c)
2. Consent and explicit consent, art. 6(1)(a) and art. 9(2)(a)
3. Legitimate interest, art. 6(1)(f)

The legislations used by Falck for the processing and storing of personal data are:

1. The General Data Protection Regulation (GDPR)
2. Applicable national implementations of the GDPR

Falck will process and store your personal data in different periods of time according to which law and legal basis is used. Recordings and transcriptions will be stored in Microsoft Teams for 90 days.

Read a more about the basis and for how long your information is processed by Falck here

1. Compliance with legal obligations in specific cases, such as transfer of personal data to public authorities (incl. police), other third parties in case of substantial interest, public interests etc. You will be informed of such cases should they occur unless this is prohibited by law.
   1. Retention and deletion criteria: Defined based on the specific legal basis for which we are required to transfer your information in the specific case.
   2. Legal basis: Varies depending on the specific case and circumstance.
2. Legal documentation, such as documentation of handling a request from you, storing personal data based on an ongoing or coming case at court, investigation of suspected or identified data breach etc.
   1. Retention and deletion criteria: Personal data in relation to legal documentation will only be stored in cases where it’s relevant and only for the time for which it’s required.
   2. Legal basis:
      Ordinary personal data: Legal requirement, GDPR art. 6(1)(c).
      Possible sensitive personal data: legal claims, GDPR art. 9(2)(f).
      Other legal bases dependent on the specific case.
3. Recording and transcriptions of MS Teams meetings for documentation and review purposes.

1. 1. Retention and deletion criteria: 90 days after the date of the recording. After this period, the recording and transcription are automatically and permanently deleted.
   2. Legal basis:
      Ordinary personal data: Legitimate interest, GDPR art. 6(1)(f).
      Falck’s legitimate interest is based on the need to enable employees and meeting participants to review, reference, and share meeting content for business purposes, including project documentation, knowledge management, and decision-tracking. This interest is balanced against the limited retention period of 90 days and the fact that all meeting participants are notified when a recording is taking place.
      Sensitive personal data: Explicit consent, GDPR art. 9(2)(a).
      Where sensitive personal data is incidentally captured, the recording will be based on your explicit consent and the recording may not be completed without this consent.

If a processing is based on your consent: You have a right to withdraw your consent, however this will not affect the processing already incurred prior to withdrawal of the consent.

You can withdraw your consent by contacting us on: dpo@falck.com or by notifying the meeting organiser before or during the meeting.

Automated, individual decision making

Your personal data is not used for automated, individual decision making or profiling. Microsoft Teams uses automated speech-to-text technology to generate meeting transcriptions. This is a technical processing step and does not constitute automated individual decision-making within the meaning of GDPR art. 22, as no decisions with legal or similarly significant effects are made based on the transcription.

Who is Falck sharing your personal data with?

Falck will, to the extent necessary and in certain cases only with your consent, share personal data about you to other recipients (‘third parties’), in order to offer you the services based on the purposes in section 1. These third parties will be independent data controllers and they will thereby be responsible for their processing of your personal data.

These third parties are:

1. Companies within the Falck Group

Apart from the third parties listed above, Falck will also share your personal data with suppliers (‘data processors’), who will process your personal data based on instruction from Falck.  These data processors are primarily located within the EU/EEA, but a transfer to countries outside the EU/EEA (‘third countries’), such as the US may occur, as Falck uses Microsoft cloud services with infrastructure in support multiple regions.  These data processors are all located within the EU/EEA, and there does on this basis not occur any transfer of personal data to a country outside the EU/EEA (‘third country’).

Read more about the parties Falck is sharing your personal data with here

Your personal information will – where relevant - be disclosed to and shared with the following third-party recipients:

Companies within the Falck Group

1. Country:
2. Sector: Intra-company.
3. Purpose with the transfer of data: Teams is a solution used across Falck’s individual business entities.
4. Reference to relevant data processing in section 3: I and II.

Independent data controllers in specific cases such as public authorities (incl. police), other individuals etc.

1. Country: May vary depending on the specific case and circumstance.
2. Sector: May vary depending on the specific case and circumstance.
3. Purpose with the transfer of data: compliance with legal obligations in specific circumstances where Falck is obligated to transfer the information to other controllers, such as public authorities (incl. police), for example for the protection of substantial public interests, legal requirement etc.
4. Reference to relevant data processing in section 3: I and II.

Beside the above-mentioned recipients, then your personal information will also be shared with the following categories of suppliers (“Data Processors”):

IT suppliers

1. Location: EU, India, USA and others.
2. Sector: IT
3. The category of suppliers includes the following processing chains: Microsoft, HCL
4. Purpose of the data processing: IT-support, server hosting, database support, supplying network infrastructure and IT-operations.
5. Industry: IT-operations, IT-support, and cloud.
6. Transfer basis: EU Standard Contractual Clauses (a)
7. Additional information: The location ‘others’ cover the services provided by Microsoft and its suppliers. A full list of locations for Microsoft can be found on this link: https://servicetrust.microsoft.com/ViewPage/TrustDocumentsV3?command=Download&downloadType=Document&downloadId=ede6342e-d641-4a9b-9162-7d66025003b0&tab=7f51cb60-3d6c-11e9-b2af-7bb9f5d2d913&docTab=7f51cb60-3d6c-11e9-b2af-7bb9f5d2d913_Subprocessor_List.

Additional information on the legal basis used to transfer your data to the third country/countries (see the reference next to the country in the above matrixes), can be seen here:

1. EU Standard Contractual Clauses: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de
2. Adequacy protection of personal data as of the EU commission’s decision: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en
3. Binding Corporate Rules: (Not implemented in Falck, so cannot be used)

What are your rights in connection with Falck’s processing of your personal data?

The personal data which Falck processes are yours alone. Because of this you have certain rights you can act upon in this regard, if you wish to do so. These rights are, amongst other:

• insight into a copy of which personal data Falck is processing about you;
• request Falck to delete the personal data processed about you with limitations in the legislation;
• correction of incorrect or incomplete personal data about you;
• within the limitations of the law, restrict Falck’s access to process your personal data;
• access to data portability, and;
• object to Falck’s processing of your personal data.

These rights can be limited on account of legal bases and legislations being used to process your personal data (see section 3).

You can exercise your rights by sending an e-mail to Falck’s Group Data Protection Officer on dpo@falck.com.

You also have the right to lodge a complaint with the supervisory authority in Denmark, Datatilsynet.

Read more about your rights here

You have – with the limitations of legislation – among other things:

• right to access to your personal data;
  • You have, with a few limitations in the legislation, the right to, free of charge, receive a copy of all your personal data processed by Falck in an easily readable and understandable way.
• right to rectify incorrect personal data;
  • You have the right to correct or complete any processed personal data which is incorrect or incomplete.
• right to deletion of personal data;
  • You have the right to request Falck to delete the personal data processed about you. The right to get your personal data deleted may, however, be limited based on national and European legislation. As an example, then your data cannot be deleted if Falck is required to process your personal data for a specific legal obligation or in cases where continual processing of your personal data is required to establish or defend a legal claim.
• right to limit the processing of your personal data;
  • You have the right in specific cases to limit Falck’s access to process your personal data, which would result in Falck only being able to store the data, but not used them for any other purposes. The right to limit the processing of your personal data may be used in case, where the correctness of the data is disputed, if you do not want your personal data deleted or if you want to object to the processing of your personal data.
• right to data portability;
  • You have the right to receive your processed personal data in a structured, commonly used and machine-readable format.
• right to object to the processing of personal data, including automated, individual decisions.
  • You have the right to object to Falck’s processing of your personal data, in which cases Falck only can continue the processing of the personal data, insofar it is possible to present a valid legal basis for the continual processing of your personal data. This can, as an example, be where Falck is required by law to process your personal data or in cases where continual processing of your personal data is necessary to establish or defend a legal claim.
  • The right to object to Falck’s processing of your personal data also includes your right to object to a processing which is based on automatic and individual decision-making on the basis of your personal data, insofar such a processing occurs in your specific circumstance.

Contact details

If you have any questions regarding the processing of your personal data or you wish to act on your rights in accordance with the law, you are asked to contact us on the details below or by e-mail to dpo@falck.com. You may also contact our data protection officer by sending an e-mail to dpo@falck.com.

Falck Digital Technology Denmark A/S
Sydhavnsgade 18, 2450 Copenhagen SV
Denmark

Version history

A need to update the processes may occur related to MS Teams meeting recordings and transcriptions, which will require the privacy notice to be updated. Such updates will be controlled versions, as seen here.

Your version will always be the newest version on the table below.

See the version history here

• Version 1.0
  • Date:05.2026
  • Changes: Privacy Policy prepared and implemented.