Privacy Notice

We (Polycular) are always open on what we do & why we do what we do.
And we make no exception for your personal data.

Personal data we are collecting

We have two different scenarios collecting personal data.
– Directly from our clients
– Indirectly from our service end users

From clients & end users we may collect:
– User ID
– Name
– Address
– Phone number
– E-mail address
– Messenger ID
– Public keys (for encrypted communication)
– Bank account details
– Service usage activities

Additionally only from end users we may collect:
– Birthday
– Predefined locations with timestamp of visit (Geocaching)

Purpose (clients):
– Business activities (e.g. appointments)
– Business communication (e.g. offers & bills)
– Marketing (e.g. newsletter)
– Service notifications (e.g. maintenance announcements)

Purpose (end users):
We do collect end user data only in the purpose of our clients & to improve services.

We do not use end user data in any way for ourselves.
We do not process any end user data without our clients assignment.

Duration of storage

We only store the data as long as needed or at least as long as business activity is ongoing.
Only in the case of legal requirements we have to store the necessary data longer.

The data can be included in automatic backups for another 3 weeks after deletion.

Your rights

You have the right
– to be informed
– of access
– to rectification
– to erasure
– to restrict processing
– to data portability
– to object
regarding your personal data we have stored.

In case you believe we infringe data protection law, we please you to contact us.
But you also have the right to complain at the relevant data protection authority.
Austria: data-protection-authority.gv.at/contact (en) / dsb.gv.at/kontakt (de)
Find your National Data Protection Authority: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

Data protection

Internal:
– all digital media are at least password protected
– bypassing password protection by e.g. booting a different operating system is always hardened
– non physical access is only allowed by public key authentication or with an additional secure second factor
– all analog media is at least locked within the office, if nobody is present

External:
– all external data storage providers are audited to meet our requirements and to be compliant with GDPR

Dangers

– during processing data could possibly be accessed by unallowed third parties
e.g. unencrypted data in memory during development efforts
This danger is caused by security holes in software, operating systems & hardware due to several activities of different states.
e.g. due to supporting security holes for own trojan horses for crime investigations.
– during transport data could be targeted to encrypt by third parties
Transport lanes could be protocolled with available metadata to profile a person.

Contact

Any questions left – feel free to visit or write us any time.

Address:
Polycular, Salzgasse 2, 5400 Hallein, AUSTRIA
privacy@polycular.com

Responsible & legal identity
Polycular OG / polycular.com/imprint

Version: 2020-07-07