Chat and collaboration platforms are becoming central to the way we work.
If you share any identifiable data about anybody at the University (via chat or file-sharing), you will need to ensure that any chat platform you use is compliant with GDPR.
You can use any chat platform to share general information or allow people to contact you, as long as no personally-identifiable information is sent. For example, you might use social media to share announcements or invite people to contact your department.
However, it is easy to accidentally share personal data in a conversation. The best approach is to work in a GDPR-compliant platform.
Chat platform |
GDPR Compliant? |
Details |
YES – Teams is covered by our agreement with Microsoft |
Microsoft’s flagship collaboration platform. We recommend you use this. |
|
YES – Skype for Business is covered by our agreement with Microsoft |
A simple chat platform for Sussex staff. Interfaces with email and telephony system for staff in some teams. |
|
Skype |
NO - you sign in with a private account. Skype is not the same as Skype for Business and is not covered by GDPR assurances. |
Skype is provided on Sussex computers, but its chat and file-sharing features are not GDPR compliant. |
Slack |
NO - The free version of Slack is not GDPR compliant. |
Teams who currently use Slack should transition to using Microsoft Teams instead. |
Google chat systems |
NO - if you log in to Google products with a private account. YES - if you log in using your Sussex credentials. |
|
Facebook Messenger |
NO |
Fine for chatting with your Facebook friends but not for sharing personal data or work information. |
|
NO |
Fine for chatting with your friends but not for sharing personal data or work information. |
Please suggest an improvement
(login needed, link opens in new window)
Your views are welcome and will help other readers of this page.
This is question number 2902, which appears in the following categories: