The protection of personal data is an important concern for us. For this reason, telegra GmbH (hereinafter referred to as “telegra”) only collects, processes and uses your personal data on the basis of and within the framework of the applicable legal provisions. These include in particular the EU General Data Protection Regulation (GDPR), the Telecommunications Act (TKG), the Telecommunications Telemedia Data Protection Act (TTDSG) and the Federal Data Protection Act (BDSG).
These notes inform you about the processing of your personal data by telegra GmbH and the rights to which you are entitled under data protection law in the case of contact, interested party, service provider and customer relationships, participation in audio and video conferences and when visiting our website www.telegra.com.
Responsible for data processing:
Managing Director: Christian Plätke, Holger Jansen
The Data Protection Officer can be reached at:
Data collection and origin of data:
We collect personal data from
- Prospects, business customers, suppliers and service providers
- End users
- Participants in audio and telephone conferences
- Website visitors
Within the scope of the initiation, establishment, content-related structuring, amendment or termination of a contractual relationship of an interested party, supplier, service or business customer relationship, the following personal data, among others, may be collected in accordance with Art. 6 para. 1 b) DSGVO, depending on the contact and contractual relationship:
- Company and contact details (address, telephone numbers, e-mail address, fax number)
- Connection number of callers
- Account information data
- Payment details
- Login data for the online customer portal
- Further product-related data can be added
So-called traffic data is processed from business customers who order telecommunication services from telegra and from end users who call telephone numbers or are called from telephone numbers that are switched for business customers with a telegra service provider. Traffic data is data that is generated during a call and is required, among other things, for the billing of the call. In particular, this involves the following personal data:
- Called number (outgoing calls), caller’s number (incoming calls), date, time and duration of call
In connection with participation in audio and/or video conferences (e.g. team meetings, training courses, seminars), the following personal data in particular are processed, depending on the type and insofar as disclosed by the participant:
- Details of the participant: First name, last name, email address, profile picture
- Meeting metadata: Theme, participant IP addresses
- For dial-up by telephone: Dial-in number, time, start and end of the call, IP address of the termination device, if applicable.
- When recording audio or video conferences: voice recordings, presentation recordings, text file of the online meeting chat
If, in connection with the use of the audio and/or video conferencing tool, personal data is not required for data processing, but is nevertheless an elementary component of use, the legal basis for data processing is Art. 6 (1) f) GDPR. In these cases, our interest lies in the effective implementation of audio and video conferences. For other participants in audio and video conferences – insofar as the meetings are conducted in the context of contractual relationships – Art. 6 (1) lit. b) GDPR is the legal basis for data processing. If there is no contractual relationship, the legal basis is Art. 6 para. 1 lit. f) GDPR. Here, too, our interest is in the effective conduct of audio and video conferencing. Recordings are made, where necessary, with the consent of the participants.
In the context of customer service and support requests, if the customer completes the registration process for the use of the ticket system used by telegra, we process customer master data, e-mail addresses and access data of the customer, the user name (if specified) and the content of the customer concern in the context of the tickets. From customers who do not complete the registration process, we process the e-mail address of the customer employee and the respective concern. The processing is carried out for the effective, fast and adequate handling of customer service and support concerns in accordance with Art. 6 para. 1 f) GDPR.
In addition, in individual cases we collect data from publicly accessible sources (e.g. commercial register, your websites, press articles, etc.) and in individual cases obtain data (company information) from credit agencies within the scope of permissibility according to Art. 6 lit f) GDPR.
Furthermore, we collect data that you provide to us as part of a consent pursuant to Art. 6 para. 1 lit a) GDPR for a specific purpose, for example to receive blog newsletters and whitepapers. In order to be able to send you the requested information regularly and in a process-optimised manner, we collect your name and email address and use Hubspot’s analytics software and tracking pixel software.
All personal data is only collected within the scope of a legal permission or if you have given us your consent.
Purposes and legal bases of data processing:
We process personal data in compliance with the German Data Protection Act (GDPR), the German Federal Data Protection Act (BDSG), the relevant provisions of the German Telecommunications Act (TKG), the German Telecommunications Data Protection Act (TTDSG) and other relevant laws.
For the fulfilment of pre-contractual or contractual obligations (Art. 6 para. 1 lit. b) GDPR)
We process data to carry out pre-contractual measures, i.e. to initiate customer, supplier and service provider relationships or comparable contact relationships as well as to fulfil existing contracts with us (purchase and sales contracts). The necessity and purpose of the data processing depend in each case on the specific contractual relationship. This includes, in particular, the establishment of the contractual relationship, arrangement, fulfilment, advice and the invoicing of services in the customer relationship. But also the exchange of personal data with participating business partners for the realisation and billing of telecommunications and other services.
Processing within the framework of a balancing of interests (Art. 6 para. 1 lit f) GDPR)
We also process your data beyond the actual performance of the preliminary contract or agreement in order to safeguard legitimate interests of us or of third parties, unless rights of the data subjects to refrain from data processing prevail. This may be necessary in particular:
- for the establishment and fulfilment of contact relationships within the scope of expediency
- for the verification of addresses, credit rating and shareholdings
- for the recovery of outstanding debts
- to adequately handle customer service and support requests
- for efficiently conducting audio and video conferences with external participants
- for the detection, containment and effective handling of attacks (fraud prevention) and disruptions
- for the prevention and investigation of criminal offences
Processing within the scope of your consent (Art. 6 para. 1 lit a) GDPR)
If you give us consent to process personal data for a specific purpose in accordance with the existing requirements, we process this data within the consent. Consent given can be revoked at any time for the future by e-mail. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
Processing due to legal requirements (Art. 6 para. 1 lit c) GDPR)
We process your personal data insofar as we are subject to a legal obligation, such as statutory retention obligations or information or monitoring obligations vis-à-vis state institutions within the scope of the law.
Necessity of providing the data:
Categories of recipients of personal data:
Innerhalb des Unternehmens erhalten im Rahmen der Erforderlichkeit oder angemessener Zweckmäßigkeit die Mitarbeiter Zugriff auf Ihre Daten, die mit der Bearbeitung des jeweiligen Vorgangs betraut sind.
telegra sometimes uses external service providers to fulfil its legal and contractual obligations. These also receive access to personal data for specific purposes. Insofar as the service providers do not process this data under their own law (e.g. tax advisors, lawyers), the processing is carried out within the framework of concluded order processing agreements.
The technical provision of services contractually agreed with telegra (including number-based interpersonal telecommunications services, software as a service) is carried out with the involvement of IN-telegence GmbH, Oskar-Jäger-Str. 125, 50825 Cologne, as platform operator and technical service provider of telegra. IN-telegence is an ISO27001 certified commercial provider of public ICT services with its own switching platforms, switches and an NGN network. Furthermore, IN-telegence has been certified as effectively applying ISO27701 for the management of information on data protection (declaration of conformity).
Cooperation partners who provide services for you or in connection with your telegra contract on their own responsibility receive personal data if you order services from such partners from us or if you consent to the integration of the partner or if we integrate the partner on the basis of a legal permission.
In addition, telegra retrieves data from a credit agency in individual cases within the permission according to Art. 6 Para. 1 lit. f) GDPR, stating the company name/company address, if this is necessary or appropriate for the justification of a contract or the enforcement of claims. Personal data is neither sold to third parties nor marketed in any other way.
In addition, within the framework of the realisation of telecommunications and services for business customers, data is exchanged with participating network operators and other service providers in accordance with the statutory provisions. This applies in particular to the billing of services in the intercarrier relationship. The details of the data exchange and data processing depend on the type of service used and whether the service is called from the fixed or mobile network.
Insofar as the collection of an outstanding debt becomes necessary as a result of the contractual relationship or in any other way within the framework of the exercise of legitimate interests – and the interests of the fundamental rights and freedoms of the data subject, which require the protection of personal data, do not outweigh this – we shall commission a legal collection service provider with the collection of the debt. The data required for the collection will be transmitted to the commissioned service provider. The legal basis is Art. 6 para. 1 lit. b) and 6 para. 1 lit. f) of the GDPR.
telegra uses “Microsoft Teams” as an internal company communication tool and also to conduct audio and video conferences with external participants (e.g. business customers) (hereinafter: “online meetings”). Insofar as the “Microsoft Teams” website is called up, the “Microsoft Teams” provider is responsible for data processing. However, calling up the website is only necessary for the use of “Microsoft Teams” in order to download the software for the use of “Microsoft Teams”. You can also use “Microsoft Teams” if you enter the respective meeting ID and, if applicable, further access data for the meeting directly in the “Microsoft Teams” app. If you do not want to or cannot use the “Microsoft Teams” app, the basic functions can also be used via a browser version. The service is then also provided via the “Microsoft Teams” website.
“Microsoft Teams” is a service of Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399 USA and part of the cloud application Office 365. Data processing in relation to the use of “Microsoft Teams” by Microsoft takes place in Germany, as we have restricted the storage location to data centres in Germany. Nevertheless, it cannot be ruled out that personal data will be processed in a third country. This may be the case in particular if participants are located outside the EU and the routing of data takes place via internet servers that are located outside the EU. The data is encrypted during transport over the internet and to that extent protected from unauthorised access. For the USA, there is no adequacy decision by the European Commission. However, the EU standard contractual clauses have been concluded with Microsoft Corporation on Office 365 and MS Teams to guarantee an adequate level of data protection.
Personal data processed in connection with the use of Microsoft Teams will not be disclosed to third parties unless it is intended for disclosure. It should be noted that the content of online meetings, as well as face-to-face meetings, is often used to communicate information to customers, interested parties or third parties and is therefore intended for disclosure. The provider of “Microsoft Teams” necessarily obtains knowledge of the above-mentioned data insofar as this is provided for within the framework of the EU standard contractual clauses and “Microsoft Teams”.
In addition, personal data may be transferred to other recipients, such as authorities (e.g. Federal Network Agency, law enforcement agencies) for the purpose of fulfilling legal obligations to provide information and notification pursuant to Art. 6 (c) GDPR.
When contacting us via a contact form on our website or when giving consent, e.g. to receive blog newsletters, we use the marketing automation software Hubspot, in particular for process optimisation purposes, via which the processing of your data is carried out on behalf.
Ein Verkauf oder eine sonstige geschäftsmäßige Übermittlung Ihrer personenbezogenen Daten an Dritte, insbesondere zum Zwecke der Werbung oder des Adresshandels, erfolgt grundsätzlich nicht.
Data transmission to a third country:
If we transfer personal data to service providers outside the European Economic Area (EEA), we do so insofar as the third country has been confirmed by the EU Commission to have an adequate level of data protection or other appropriate data protection guarantees (including binding internal company data protection regulations or EU standard contractual clauses) are in place.
telegra uses “Jira Service Management” a cloud product from Atlassian Inc., 350 Bush Street, Floor 13, San Francisco, CA 94104 to process customer service and support requests. The data may be stored in a third country. telegra has concluded standard contractual clauses with Atlassian.
When using our website, data is transmitted to Google depending on the browser settings of the website visitor.
Duration of data storage:
The data is stored within the scope of the statutory retention periods (e.g. TTDSG, HGB, AO), beyond that only if the data is still required.
We store inventory data (e.g. company, name, address) that are required for the establishment, structuring and fulfilment of the contract with business customers, suppliers and service providers until the end of the calendar year following the year in which the contract was terminated, unless there is a further storage obligation under commercial and tax law. Data that we collect from you from public sources belong to the inventory data and are treated accordingly.
In the context of an interested party or other contact relationship, the contact data as well as the communication data are stored and used insofar as this is necessary for the respective communication purpose or is appropriate within the framework of reasonableness.
We store the traffic data on which the accounts are based for a maximum period of six calendar months.
In connection with the performance of audio and video conferences, data processed for the purpose of providing a user account, as well as created and shared content, comments, chat messages, voice messages, assigned, edited and given content and calendar entries are stored until the contractual relationship between the user and telegra is terminated (e.g. leaving the company, termination of the business relationship). The same applies if consent is revoked or processing is objected to. The deletion of a user account or content from the system by Microsoft is completed after 90 days. The same period also applies to the deletion of files by the user himself.
The deletion of data stored by customers in the ticket system takes place with the deletion of the customer’s inventory data.
Automated decision making
Data subjects shall not be subject to a decision based solely on automated processing (by technical means without human intervention) which produces legal effects concerning them or similarly significantly affects them, unless the decision is necessary for entering into, or the performance of, a contract between the data subject and the controller, is permitted by law, or has the data subject’s explicit consent.
Rights as a data subject
Provided that the respective legal requirements are met, you as the data subject have the following rights:
- Request information on the categories of data processed, the purposes of processing, any recipients of the data, the planned storage period (Article 15 of the GDPR).
- request the correction of inaccurate or incomplete data (Art. 16 GDPR)
- revoke a given consent at any time with effect for the future (Art. 7 3 GDPR)
- object to data processing which is to be carried out on the basis of a legitimate interest for reasons arising from your particular situation (Art 21 1 GDPR)
- in certain cases, within the framework of Art. 17 GDPR, to demand the deletion of data – in particular insofar as the data is no longer required for the intended purpose or is processed unlawfully, or you have revoked your consent in accordance with (c) above or declared an objection in accordance with (d) above
- under certain conditions, to demand the restriction of data, insofar as deletion is not possible the obligation to delete is disputed (Art. 18 GDPR)
- to data portability, i.e. you can receive data provided to us in a common machine-readable format and transmit it to others (Art. 20 GDPR)
- complain about data processing to the competent supervisory authority (Art. 77 GDPR).
Special notes on visiting our website: Links and third-party content
telegra also uses links to other websites. These are opened in separate browsers.
We do not provide any guarantee for links, nor do we accept any responsibility or liability for the content of other providers. Insofar as we learn of legal violations on linked websites, we will delete the link.
Use and application of cookies
We use our own cookies and third-party cookies on our website. Cookies are small files that are automatically created by your browser and stored on your end device (laptop, smartphone, etc.) when you visit our site. Cookies do not cause any damage to your end device and do not contain viruses. Cookies are small text files that are stored on your computer and saved by your browser. Cookies serve to make offers more user-friendly, effective and secure.
The cookies we use are so-called session cookies (essential cookies), which are set while you are accessing our website in order to be able to provide the service you have called up safely. Session cookies are automatically deleted at the end of your visit to our website.
The data processed by essential cookies is necessary for the aforementioned purposes to protect our legitimate interests as well as those of third parties in accordance with Art. 6 (1) sentence 1 lit. f) GDPR.
The processing of data by e.g. advertising or tracking cookies (non-essential cookies) is only activated if you consent to such via the cookie banner. In this case, the data processing is carried out in accordance with Art. 6 sentence 1 lit. a) DSGVO. You can revoke your consent at any time for the future using the following buttons:
Advertising and tracking cookies will only be set again after a renewed consent after a revocation.Cookie settings
Use and application of Google Analytics
This website uses Google Analytics, a web analytics service provided by Google, Inc (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of our website is usually transmitted to a Google server in the USA and stored there. However, due to IP anonymisation on this website, your IP address will be truncated by Google within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there.
On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. For this purpose Google uses Pseudonyms. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
Objection to data collection by Google Analytics:
You can prevent the collection of the data generated by the cookie and related to your use of the website (incl. your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link https://tools.google.com/dlpage/gaoptout?hl=en. An opt-out cookie will be placed on your terminal device. However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. If you delete your cookies, you must click the link again.Cookie settings
Use and application of Hubspot
We use Hubspot marketing automation software on our website to ensure a faster, more customer-friendly and customised marketing and communication process. It ensures the automatic processing of requested downloads, the sending of marketing emails, the provision of all electronic forms on the website, as well as the integration of clickable buttons. Data is collected via Hubspot and stored on Hubspot servers. All data collected via Hubspot is used exclusively for internal lead generation and processing and is never made available to third parties.
Hubspot Inc. is a U.S. company that provides marketing automation software. The company is located at 25 First Street, 2nd Floor, Cambridge, MA 02141, United States. HubSpot, Inc. with whom the EU-US standard contractual clauses have been concluded.
Personal data is only collected by Hubspot on our websites if users voluntarily provide it or actively select it, whether in the form of a checkbox to be selected, filling out forms, registering for email services (e.g. blog newsletters) or using onsite chat functions. When registering, filling out forms or using chat functions, users may be asked to enter their name, e-mail address, telephone numbers, gender-specific form of address, company data and information regarding their own function or product wishes.
All data entries on our websites are made exclusively via an encrypted connection. This data is stored on secure servers in monitored data centres that meet recognised security standards.
IP addresses are stored for the duration of the usage process. In addition, the IP address is stored as far as this is appropriate for data security and clarification or prevention of security or data protection breaches, whereby the appropriateness depends on the specific threat situation. In this case, the IP addresses are only stored for as long as is reasonable for the aforementioned purposes. In the event of a criminal complaint or prosecution or the enforcement of claims against
Hubspot, the data processed on behalf of Hubspot are necessary for the aforementioned purposes to protect our legitimate interests as well as those of third parties in accordance with Art. 6 (1) sentence 1 lit. f) GDPR.
Use and application of tracking pixels
We use a software technology called a tracking pixel. This tells us what content is effective in delivering targeted and personalised content to users of our information services, and helps us to continually improve it. Tracking pixels are tiny graphics with a unique identifier. Their function is similar to that of cookies, and they are used to track the online movements of web users. Unlike cookies, which are stored on a user’s computer hard drive, tracking pixels are embedded invisibly on web pages or in emails and are about the size of the dot at the end of this sentence. We use tracking pixels in our HTML-based emails to track which emails have been opened by recipients. We link the data collected by tracking pixels in emails to the personal data of our customers.
The data processed by the tracking pixels is necessary for the aforementioned purposes to protect our legitimate interests as well as those of third parties pursuant to Art. 6 (1) sentence 1 lit. f) GDPR.
This data protection notice is regularly checked to ensure that it is up to date and updated in the event of significant changes.