Privacy Policy for Polytel

Welcome to the website of Polytel International GmbH. This Privacy Policy contains information about the processing of personal data in connection with the use of our website and our services. Services can be both websites on the Internet and our social media pages.

1. Contact persons

The contact person and ‘controller’ for the processing of your personal data within the meaning of the EU General Data Protection Regulation (GDPR) is

Polytel International GmbH
Neuer Wall 71
20354 Hamburg

If you have any concerns about data protection, please email datenschutz@polytel.de.

2. Visit to our website

Whenever you use our website, we collect access data, which is automatically transmitted by your browser, to allow you to use the website. The access data comprise in particular:

  • IP address of the requesting device
  • Date and time of request
  • Content of the request (specific page)
  • Status of access/HTTP status code
  • Website from which the request was made
  • Browser (e.g. Google Chrome)
  • Operating system and its interface (e.g. Windows 10)
  • Language and version of the browser software.

The processing of this access data is technically necessary to enable you use the website and to ensure the stability and security of our systems (the legal basis for this is Article 6 [1] [f] of the GDPR). The information stored in the log files cannot be directly traced back to you personally and is automatically erased after seven days.

3. Getting in touch

There are various ways for you to get in touch with us. They include contact by email or through the contact form on our website. In this regard, we shall collect the data you transmit to us for purposes of processing your request, which includes your first name, surname, email address, telephone number, subject matter, etc. The legal basis is Article 6 (1) (b) of the GDPR, insofar as your data is required to respond to your request or to initiate or implement a contract, and otherwise is Article 6 (1) (f) of the GDPR due to our legitimate interest in you getting in touch with us and us being able to respond to your request. Data collected for this purpose will be erased after the need for its storage ceases to exist, or, if there are statutory retention requirements for storing it, we shall limit the processing.

4. Using cookies and similar technologies

Our website uses ‘cookies’ or similar technologies. A cookie is a small text file which is stored by the browser on your device. Cookies are not used to run programmes or install viruses on your computer. Instead, the main purpose of our own cookies is to analyse how our website is used and to design it in the best possible way for you.
The cookie banner that appears when you visit our website gives you the option of accepting or rejecting the use of cookies. Cookies that are required to provide our service (see Section 4.1 below) cannot be rejected.

4.1 Technically necessary cookies

Technically necessary cookies enable basic features and are necessary for the website to function properly. They cannot be rejected or the website will no longer function properly. The legal basis for this is Article 6 (1) (f) of the GDPR, based on our legitimate interest in being able to provide you with a functioning website. Access to and storage of information in your device is absolutely necessary in these cases and takes place on the basis of the implementation laws of the ePrivacy Directive of the EU member states, in Germany in accordance with Section 25 (2) TTDSG. 

This also includes cookie management via the cookie settings tool we use (Usercentrics). You can view and change your settings at any time in Cookie Settings.

We use all other non-essential (optional) cookies and similar technologies that provide additional functions on the basis of your consent pursuant to Art. 6 (1) (a) of the GDPR. The access to and storage of information in your device is then based on the implementation laws of the ePrivacy Directive of the EU member states, in Germany according to Section 25 (1) TTDSG.

4.2 Using Google Analytics

If you provide your consent, this website uses Google Analytics, a web analysis service offered for users from Europe, the Middle East and Africa (EMEA) by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland and, for all other users, by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (collectively ‘Google’).

The cookies used by Google Analytics allow us to analyse your use of our website. In this way, we can evaluate the use behaviour on our website and, with the help of the statistics obtained, design our content in a more interesting way. Data arising in this context can be sent by Google to a server in the USA for evaluation and be stored there.

The legal basis for the use of Google Analytics is your consent. In the event that personal data is transferred to the USA or other third countries, your consent expressly also covers the data transfer (Art. 49 (1) (a) GDPR). Your consent can be withdrawn at any time with effect for the future. You can also make changes at any time in Cookie Settings.

  • We have the following data protection settings for Google Analytics:
  • IP anonymisation (IP address is shortened before evaluation so that no conclusions can be drawn about your identity)
  • Automatic erasure for old logs/storage period limitation
  • Disabled advertising function (including target group remarketing through GA Audience)
  • Disabled personalised ads
  • Disabled measurement protocol
  • Disabled cross-page tracking (Google signals)
  • Disabled data sharing with other Google products and services

The following data is shared by Google Analytics:

  • Anonymised IP address;
  • referrer URL (page previously visited);
  • pages accessed (date, time, URL, title, length of stay);
  • files downloaded;
  • links to other websites clicked on;
  • achievement of certain goals (conversions), if applicable;
  • technical information: operating system; browser type, version and language; device type, brand, model and resolution; and
  • approximate location (country and possibly also town/city, based on the anonymous IP address).

We have concluded a data processing agreement with Google Ireland Limited for the use of Google Analytics. In the event that personal data is transferred from Google Ireland Limited to the USA, Google Ireland Limited and Google LLC have concluded standard contractual clauses (Implementing Decision (EU) 2021/914, Module 3) pursuant to Art. 46 (2) (c) GDPR.

You can find more information about this in Google’s Privacy Policy.

5. Social networks

We have online presences on social networks such as LinkedIn and XING in order to communicate with users and interested parties there and to inform them about our offerings. If you visit our respective online presence and are signed in to the respective social network with your username and password, the fact that you are visiting the online presence is transmitted there and this information can be assigned to your user account. If you are not a member of the respective social network or have signed out there before visiting our online presence, there is still the possibility that at least your IP address will be transmitted to the respective social network and stored there.

We have no control over data processing by social networks. However, as part of running our online presences, there is sometimes the possibility that we can access information such as statistics on the use of our online presences, which are provided by the social networks. These statistics are aggregated and may in particular contain demographic information and data on the interaction with our online presence and the posts and content shared through it. Details and links for data relating to the social networks that we can access as the operator of the online presences can be found in the list below.

The legal basis for data processing is Article 6 (1) (f) of the GDPR, based on our legitimate interest in effectively informing users and communicating with users, or Article 6 (1) (b) of the GDPR to stay in touch with customers and inform them, and carry out steps with future customers and interested parties prior to entering into a contract.

The legal basis for the data processing carried out by the social networks for which they are responsible can be found in the privacy policy information for the respective social network. The links below also provide you with further information on the respective data processing and opt-out options.

We would like to point out that data protection requests are most effectively sent to the respective provider of the social network, as only these providers have access to the data and can take appropriate measures directly. Below is a list of information regarding the social networks on which we operate online:

6. Use of service providers and data sharing

The data we collect will only be shared if:

  • you have explicitly consented to this under Article 6 (1) (a) of the GDPR;
  • data must be shared pursuant to Article 6 (1) (f) of the GDPR in order to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in your data not being shared with third parties;
  • we are legally obliged to share your data under Article 6 (1) (c) of the GDPR; or
  • if this is legally permissible and required in order to process contractual relationships pursuant to Article 6 (1) (b) of the GDPR or is necessary to take steps at your request prior to entering into a contract.

Some of the data processing undertaken by us may be carried out by our service providers. Apart from the service providers mentioned in this Privacy Policy, computer centres which store our website and databases, IT service providers that service our systems, and consultancy companies are particularly ranked among them. If we do share data with our service providers, these may use the data exclusively for the fulfilment of their tasks. The service providers have been carefully selected and engaged by us. They are contractually bound by our instructions and have suitable technical and organisational measures to protect the rights of data subjects.

Furthermore, data can be shared with third parties in connection with official enquiries, court decisions and legal proceedings, if this is required for purposes of prosecution or enforcement, or if there is any other legal basis for such sharing.

7. Links to other websites

In some sections of our website, we have links to other websites or offer the possibility of sharing content via ‘Share’ buttons. Please note that this Privacy Policy does not apply to these other websites. We ask that you visit those websites directly to find out about their privacy policies.

8. Data transfers to third countries

As outlined in this Privacy Policy, we use services where the providers are partly located in ‘third countries’ (outside the European Union or the European Economic Area) or process personal data there, i.e. countries where the data protection level does not correspond to that of the European Union. If this is the case and the European Commission has not issued an adequacy decision (Article 45 of the GDPR) for these countries, we have taken appropriate precautions to ensure an appropriate level of data protection for any data transfers. These include, but are not limited to, the standard contractual clauses of the European Union or binding internal data protection regulations.

Where this is not possible, we base the data transfer on the exceptions of Article 49 of the GDPR, in particular your explicit consent or the necessity of the transfer to fulfil the contract or to take steps prior to entering into a contract.

If a third country transfer is planned and there is no adequacy decision or suitable guarantees, it is possible and there is a risk that authorities in the respective third country (e.g. secret services) could gain access to the data sent in order to collect and analyse it, and that the enforceability of your data subject rights may not be guaranteed.

9. Storage period

We only store personal data for as long as necessary to fulfil the purposes for which we collected the data. We then immediately erase the data, unless we still need the data until the end of the statutory limitation period for evidence purposes for claims under civil law or due to statutory retention requirements.

For evidence purposes, we must keep contract data for three years from the end of the year in which the business relationship with you ends. After the statutory limitation period ends, any claims become time-barred at this point in time at the earliest.

We still have to store some of your data for accounting purposes after this point in time. We are obliged to do so because of legal documentation obligations that may result from the Commercial Code (Handelsgesetzbuch), the Tax Code (Abgabenordnung), the Banking Act (Kreditwesengesetz), the Money Laundering Act (Geldwäschegesetz) or the Securities Trading Act (Wertpapierhandelsgesetz). The periods specified there for the retention of documents are two to ten years.

10. Your rights

You have the following legal data protection rights subject to the respective legal prerequisites:

  • Right of access (Article 15 of the GDPR, § 34 of the German Data Protection Regulation [BDSG])
  • Right to erasure of data (‘right to be forgotten’) (Article 17 of the GDPR, § 35 of the BDSG)
  • Right to rectification (Article 16 of the GDPR, § 34 of the BDSG)
  • Right to restriction of processing (Article 18 of the GDPR)
  • Right to data portability (Article 20 of the GDPR)
  • Right to right to lodge a complaint with the responsible supervisory authority (Article 77 of the GDPR, § 19 of the BDSG)
  • Right to withdraw consent (Article 7 [3] of the GDPR)
  • Right to object to certain data processing measures (Article 21 of the GDPR)

11. Contact

If you have any questions or concerns regarding data protection, please get in touch with us using the contact details provided above (in Section 1).

Date: August 2021