1. Contact persons
The contact person and ‘controller’ for the processing of your personal data within the meaning of the EU General Data Protection Regulation (GDPR) is
Polytel International GmbH
Neuer Wall 71
If you have any concerns about data protection, please email firstname.lastname@example.org.
2. Visit to our website
Whenever you use our website, we collect access data, which is automatically transmitted by your browser, to allow you to use the website. The access data comprise in particular:
- IP address of the requesting device
- Date and time of request
- Content of the request (specific page)
- Status of access/HTTP status code
- Website from which the request was made
- Browser (e.g. Google Chrome)
- Operating system and its interface (e.g. Windows 10)
- Language and version of the browser software.
The processing of this access data is technically necessary to enable you use the website and to ensure the stability and security of our systems (the legal basis for this is Article 6  [f] of the GDPR). The information stored in the log files cannot be directly traced back to you personally and is automatically erased after seven days.
3. Getting in touch
There are various ways for you to get in touch with us. They include contact by email or through the contact form on our website. In this regard, we shall collect the data you transmit to us for purposes of processing your request, which includes your first name, surname, email address, telephone number, subject matter, etc. The legal basis is Article 6 (1) (b) of the GDPR, insofar as your data is required to respond to your request or to initiate or implement a contract, and otherwise is Article 6 (1) (f) of the GDPR due to our legitimate interest in you getting in touch with us and us being able to respond to your request. Data collected for this purpose will be erased after the need for its storage ceases to exist, or, if there are statutory retention requirements for storing it, we shall limit the processing.
4. Using cookies and similar technologies
Our website uses ‘cookies’ or similar technologies. A cookie is a small text file which is stored by the browser on your device. Cookies are not used to run programmes or install viruses on your computer. Instead, the main purpose of our own cookies is to analyse how our website is used and to design it in the best possible way for you.
4.1 Technically necessary cookies
Technically necessary cookies enable basic features and are necessary for the website to function properly. They cannot be rejected or the website will no longer function properly. The legal basis for this is Article 6 (1) (f) of the GDPR, based on our legitimate interest in being able to provide you with a functioning website. Access to and storage of information in your device is absolutely necessary in these cases and takes place on the basis of the implementation laws of the ePrivacy Directive of the EU member states, in Germany in accordance with Section 25 (2) TTDSG.
This also includes cookie management via the cookie settings tool we use (Borlabs). You can view and change your settings at any time in Cookie-Settings.
We use all other non-essential (optional) cookies and similar technologies that provide additional functions on the basis of your consent pursuant to Art. 6 (1) (a) of the GDPR. The access to and storage of information in your device is then based on the implementation laws of the ePrivacy Directive of the EU member states, in Germany according to Section 25 (1) TTDSG.
4.2 Using Google Analytics
If you provide your consent, this website uses Google Analytics, a web analysis service offered for users from Europe, the Middle East and Africa (EMEA) by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland and, for all other users, by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (collectively ‘Google’).
The cookies used by Google Analytics allow us to analyse your use of our website. In this way, we can evaluate the use behaviour on our website and, with the help of the statistics obtained, design our content in a more interesting way. Data arising in this context can be sent by Google to a server in the USA for evaluation and be stored there.
The legal basis for the use of Google Analytics is your consent. In the event that personal data is transferred to the USA or other third countries, your consent expressly also covers the data transfer (Art. 49 (1) (a) GDPR). Your consent can be withdrawn at any time with effect for the future. You can also make changes at any time in Cookie-Settings.
- We have the following data protection settings for Google Analytics:
- IP anonymisation (IP address is shortened before evaluation so that no conclusions can be drawn about your identity)
- Automatic erasure for old logs/storage period limitation
- Disabled advertising function (including target group remarketing through GA Audience)
- Disabled personalised ads
- Disabled measurement protocol
- Disabled cross-page tracking (Google signals)
- Disabled data sharing with other Google products and services
The following data is shared by Google Analytics:
- Anonymised IP address;
- referrer URL (page previously visited);
- pages accessed (date, time, URL, title, length of stay);
- files downloaded;
- links to other websites clicked on;
- achievement of certain goals (conversions), if applicable;
- technical information: operating system; browser type, version and language; device type, brand, model and resolution; and
- approximate location (country and possibly also town/city, based on the anonymous IP address).
We have concluded a data processing agreement with Google Ireland Limited for the use of Google Analytics. In the event that personal data is transferred from Google Ireland Limited to the USA, Google Ireland Limited and Google LLC have concluded standard contractual clauses (Implementing Decision (EU) 2021/914, Module 3) pursuant to Art. 46 (2) (c) GDPR.
5. Social networks
We have online presences on social networks such as LinkedIn and XING in order to communicate with users and interested parties there and to inform them about our offerings. If you visit our respective online presence and are signed in to the respective social network with your username and password, the fact that you are visiting the online presence is transmitted there and this information can be assigned to your user account. If you are not a member of the respective social network or have signed out there before visiting our online presence, there is still the possibility that at least your IP address will be transmitted to the respective social network and stored there.
We have no control over data processing by social networks. However, as part of running our online presences, there is sometimes the possibility that we can access information such as statistics on the use of our online presences, which are provided by the social networks. These statistics are aggregated and may in particular contain demographic information and data on the interaction with our online presence and the posts and content shared through it. Details and links for data relating to the social networks that we can access as the operator of the online presences can be found in the list below.
The legal basis for data processing is Article 6 (1) (f) of the GDPR, based on our legitimate interest in effectively informing users and communicating with users, or Article 6 (1) (b) of the GDPR to stay in touch with customers and inform them, and carry out steps with future customers and interested parties prior to entering into a contract.
We would like to point out that data protection requests are most effectively sent to the respective provider of the social network, as only these providers have access to the data and can take appropriate measures directly. Below is a list of information regarding the social networks on which we operate online:
- The LinkedIn company page is jointly run on the basis of an agreement on the joint processing of personal data (‘Page Insights Joint Controller Addendum’)
- Information on Page Insights data processed and contact options if there are any data protection requests: https://legal.linkedin.com/pages-joint-controller-addendum
- Xing (XING SE)
6. Use of service providers and data sharing
The data we collect will only be shared if:
- you have explicitly consented to this under Article 6 (1) (a) of the GDPR;
- data must be shared pursuant to Article 6 (1) (f) of the GDPR in order to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in your data not being shared with third parties;
- we are legally obliged to share your data under Article 6 (1) (c) of the GDPR; or
- if this is legally permissible and required in order to process contractual relationships pursuant to Article 6 (1) (b) of the GDPR or is necessary to take steps at your request prior to entering into a contract.
Furthermore, data can be shared with third parties in connection with official enquiries, court decisions and legal proceedings, if this is required for purposes of prosecution or enforcement, or if there is any other legal basis for such sharing.
7. Links to other websites
8. Data transfers to third countries
Where this is not possible, we base the data transfer on the exceptions of Article 49 of the GDPR, in particular your explicit consent or the necessity of the transfer to fulfil the contract or to take steps prior to entering into a contract.
If a third country transfer is planned and there is no adequacy decision or suitable guarantees, it is possible and there is a risk that authorities in the respective third country (e.g. secret services) could gain access to the data sent in order to collect and analyse it, and that the enforceability of your data subject rights may not be guaranteed.
9. Storage period
We only store personal data for as long as necessary to fulfil the purposes for which we collected the data. We then immediately erase the data, unless we still need the data until the end of the statutory limitation period for evidence purposes for claims under civil law or due to statutory retention requirements.
For evidence purposes, we must keep contract data for three years from the end of the year in which the business relationship with you ends. After the statutory limitation period ends, any claims become time-barred at this point in time at the earliest.
We still have to store some of your data for accounting purposes after this point in time. We are obliged to do so because of legal documentation obligations that may result from the Commercial Code (Handelsgesetzbuch), the Tax Code (Abgabenordnung), the Banking Act (Kreditwesengesetz), the Money Laundering Act (Geldwäschegesetz) or the Securities Trading Act (Wertpapierhandelsgesetz). The periods specified there for the retention of documents are two to ten years.
10. Your rights
You have the following legal data protection rights subject to the respective legal prerequisites:
- Right of access (Article 15 of the GDPR, § 34 of the German Data Protection Regulation [BDSG])
- Right to erasure of data (‘right to be forgotten’) (Article 17 of the GDPR, § 35 of the BDSG)
- Right to rectification (Article 16 of the GDPR, § 34 of the BDSG)
- Right to restriction of processing (Article 18 of the GDPR)
- Right to data portability (Article 20 of the GDPR)
- Right to right to lodge a complaint with the responsible supervisory authority (Article 77 of the GDPR, § 19 of the BDSG)
- Right to withdraw consent (Article 7  of the GDPR)
- Right to object to certain data processing measures (Article 21 of the GDPR)
If you have any questions or concerns regarding data protection, please get in touch with us using the contact details provided above (in Section 1).
Date: August 2021