As of: 25th May, 2018
Preamble
In the following privacy policy, you will be informed about the collection of personal data when using our website. Personal data is all data related to you personally, such as name, address, e-mail address or user behavior.
Responsible party / DSB
|
Responsible party |
Data protection officer |
|---|---|
|
ALLPLAN Deutschland GmbH
Legal representative: |
Mrs. Jana Heinze
Can be reached by e-mail at: |
General data collection when accessing our website
Data must be collected to provide the website and the data must be stored in log files to operate the website. However, the user has no option to object. Every time ALLPLAN's website is accessed, usage data is determined by the respective Internet browser and stored in server log files. The data sets saved here contain the following data: The date and time of access, name of the site accessed, IP address, referrer URL (origin URL from which you came to the website), the transferred amount of data as well as the product and version information of the browser used.
The user’s IP addresses are deleted or anonymized after the end of usage. During an anonymization, the IP addresses are changed so that the details of personal or professional relationships can no longer be assigned to a certain or identifiable natural person or it cannot be done without a disproportionately large amount of time, money and effort.
ALLPLAN analyzes these log file data sets in anonymized form to improve the website further and make it more user-friendly, to find and correct errors faster and to control server capacities. In addition, analyzing the log files makes it possible to identify and correct errors on the website faster.
As part of the consideration of interests as per article 6 (1) lit. f GDPR, we have taken into consideration and weighed our interest in the provision and your interest in a data protection-compliant processing of your personal data. Since the data below is sometimes technically required to provide our service so that we can offer you our website and also ensure stability and safety, especially in order to offer protection against misuse, we have come to the conclusion that this data (with a state-of-the-art guarantee of data security) can be processed, whereby your interest in a data protection-compliant processing is reasonably taken into consideration.
|
Data |
Purpose of processing |
Duration of storage |
|---|---|---|
|
Operating system used |
Evaluation by devices in order to ensure an optimized display of the website |
The data is deleted or anonymized (change the IP address so that individual information can no longer be assigned to a certain or identifiable natural person or it cannot be done without a disproportionately large amount of time, money and effort) once the respective session is over. |
|
Information about the type of browser and the version used |
Evaluation of the browser used in order to optimize our websites for this purpose |
|
|
The Internet service provider of the user |
Evaluation of the Internet service provider |
|
|
IP address |
Display of the website on the respective device |
|
|
The data and time of the access |
Ensuring the proper operation of the website. |
|
|
If necessary, the manufacturer and type designation of the smartphone, tablet or other end devices |
Evaluation of the device manufacturer and types of mobile end devices for statistical purposes | |
|
Name of the site accessed |
Ensuring the proper operation of the website | |
|
Referrer URL (source URL from which you came to the website) |
Ensuring the proper operation of the website | |
|
Log files |
Ensuring the proper operation of the website |
Collection, Processing and Use of Your Personal Data
ALLPLAN strictly complies with the statutory provisions, especially the General Data Protection Regulation (GDPR), when collecting, processing and using your personal data. ALLPLAN collects, stores and processes your data to fully complete your registration, application or shop order, including any subsequent warranties, for services, technical administrator and their own marketing purposes.
Your personal data is only disclosed to third parties or otherwise if this is required for the purpose of contract execution or billing or you have consented otherwise. As part of the order processing, the service providers (sales partners) utilized by ALLPLAN, for example, will receive the necessary data for the order processing. The data disclosed in this way may only be used by service providers to fulfill their task. Any other use of the information is not permitted.
For registration, ALLPLAN requires your correct name and address information. Additional payment information is required for your shop order. Your e-mail address is required so that ALLPLAN can confirm the registration or order entry, provide services (e.g. product downloads) and communicate with you. In addition, the e-mail address is required for identification (customer login).
Your personal data is then deleted if not opposed by retention obligations and if you have made a claim for deletion if the data is no longer required for the purpose intended with the data storage or if its storage is not permitted for other legal reasons.
The following personal data is generally collected and stored as part of the provision of services by ALLPLAN: Address data (name and address), email address as well as optionally the telephone number.
Personal data is also used to:
- provide content requiring registration, including product downloads, webinars, shop orders;
- conduct market research and provide information about news, offers and promotions, if consent for this was granted;
- improve services on the website for users, which measure the interest in different services,
- offer other services described during the collection of data.
Registration
You can register with us and create a customer account. We collect and save the following data from you for the registration:
|
Data |
Purpose of processing |
Legal basis for processing |
Duration of storage |
|---|---|---|---|
|
User name |
Creation of the customer account |
Execution of a user contract |
Until revocation / objection |
|
E-mail address |
Creation of the customer account |
Execution of a user contract |
Until revocation / objection |
|
Password |
Creation of the customer account |
Execution of a user contract |
Until revocation / objection |
|
IP address when logging in |
Data transfer when registering on the web server |
Execution of a user contract |
Until revocation / objection |
|
*Title |
Direct approach |
Consent |
Until revocation / objection |
|
First name |
Direct approach / proper invoicing and proof of collected taxes |
Consent / initiation / execution of the contractual relationship |
Until revocation / objection |
|
Last name |
Direct approach / proper invoicing and proof of collected taxes |
Consent / initiation / execution of the contractual relationship |
Until revocation / objection |
|
*Telephone number |
Communication with the customer |
Consent |
Until revocation / objection |
|
Address |
Direct approach / proper invoicing and proof of collected taxes |
Consent / initiation / execution of the contractual relationship |
Until revocation / objection |
|
*Company address |
Direct approach / proper invoicing and proof of collected taxes |
Consent / initiation / execution of the contractual relationship |
Until revocation / objection |
* optional information
Cookies – General Information
Our website uses cookies. Cookies are text files that are stored in the Internet browser or that are stored by the Internet browser on the user's computer system. If a user accesses a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string that makes it possible to uniquely identify the browser the next time the website is accessed.
Cookies – Different Types of Cookies
a) Technically required cookies
We use cookies to make our website more user-friendly. Some elements of our website require the accessing browser to be identifiable after switching sites.
Technically required cookies are not mandatory at all to show this website. But some functionalities like basket, contact form, login, etc. cannot be used properly without these cookies. You can change your browser settings to deactivate these cookies.
Forms
You can contact us via our contact form or receive free content (including test version) via our forms. We will of course only use the personal data sent to us in this way for the purpose you provide us when you contacted us.
|
Data |
Purpose of processing |
Legal basis for processing |
Duration of storage |
|---|---|---|---|
|
IP address when logging in |
Transmission of the form content to the web server |
Consent / initiation / execution of the contractual relationship |
Until revocation / objection |
|
Title |
Direct approach |
Consent / initiation / execution of the contractual relationship |
Until revocation / objection |
|
First name |
Direct approach |
Consent / initiation / execution of the contractual relationship |
Until revocation / objection |
|
Last name |
|
Consent / initiation / execution of the contractual relationship |
Until revocation / objection |
|
Issue |
Response to the issue |
Consent / initiation / execution of the contractual relationship |
Until revocation / objection |
|
E-mail address |
Response to the issue |
Consent / initiation / execution of the contractual relationship |
Until revocation / objection |
|
Telephone number |
Response to the issue |
Consent / initiation / execution of the contractual relationship |
Until revocation / objection |
|
Address |
Improved processing of the inquiry |
Consent / initiation / execution of the contractual relationship |
Until revocation / objection |
|
Company address |
Improved processing of the inquiry |
Consent / initiation / execution of the contractual relationship |
Until revocation / objection |
Applications
You can apply to our company electronically.
We will only use your information for the purposes of processing your application and will not disclose it to third parties.
Please note that unencrypted sent e-mails are sent without access protection. Unfortunately we do not currently offer an encryption for e-mail applications.
After the application process has been completed, your personal data will be deleted immediately or after a maximum of 6 months, unless you have given us your express consent to save your data for longer.
Secure data transmission
Your personal data is securely transmitted at ALLPLAN through encryption. This applies to all form processes (including registration, application, ordering). ALLPLAN uses the coding system SSL (Secure Socket Layer). However, no one can guarantee absolute protection. ALLPLAN uses technical and organizational measures to protect its website and other systems from loss, destruction, access, modification or dissemination of your data by unauthorized persons.
Disclosure of Data
Your personal data is not sent to third parties for purposes other than those listed.
We only disclose your personal data to third parties if:
- you have given your express consent to do so,
- the disclosure is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominant legitimate interest in the non-disclosure of your data,
- in the event that there is a legal obligation to disclose, as well as
- this is legally permissible and is required to implement contractual relationships with you.
The high European level of data protection generally does not exist for data transmission outside of the European Union. During data transmission, it may occur that there is currently no adequacy decision of the EU Commission in the sense of article 45 (1) (3) GDPR. In other words, the EU Commission has so far not positively determined that the country-specific data protection level corresponds to the data protection level of the European Union based on the GDPR, which is why we have created the aforementioned appropriate guarantees.
Possible risks that cannot be completely ruled out in connection with the data transfer in particular are:
- Your personal data could possibly be processed beyond its intended purpose.
- In addition, it is possible that you may not be able to sustainably assert or enforce your data protection rights, such as your right to information, correction, deletion or data transferability.
- There may also be a greater likelihood that there can be an incorrect data processing and the protection of the personal data does not fully quantitatively and qualitatively correspond to the requirements of the GDPR.
Full Payment Service Provider Novalnet AG
The data controller has included in this website components of the Novalnet AG integrated. Novalnet AG is a Full Payment Service Provider, which among other things payment processing takes over.
If the person concerned selects a payment method during the ordering process in the online store, data of the person concerned will be automatically transmitted to Novalnet AG. With the If a payment option is selected, the person concerned consents to it for the processing of the payment, transmission of personal data.
The personal data transmitted to Novalnet are usually First name, last name, address, date of birth, gender, email address, IP address, telephone number, cell phone number and other data necessary for the processing of a payment are necessary. For the processing of the purchase contract are also necessary such personal Data that are related to the respective order. In particular, it can be used for mutual exchange of payment information, such as bank details, card number, Validity date and CVC code, data on goods and services, prices come.
The transmission of the data is intended in particular for identity verification, which Payment administration and fraud prevention. The data controller will the Novalnet AG personal data in particular if an authorized interest in the transmission is given. The agreement between Novalnet AG and the personal data exchanged with the data controller may be processed by the Novalnet AG to credit agencies. The purpose of this transmission is the identity- and credit assessment.
Novalnet AG also gives personal data to service providers or subcontractor, insofar as this is necessary for the fulfilment of the contractual obligations or the data are to be processed.
The data subject has the possibility to withdraw his or her consent to the processing of personal data. data to Novalnet AG at any time. A revocation has no effect on personal data, which is processed for the (contractual) payment processing, must be used or transmitted.
Briefing on the rights of the party concerned
Each party concerned has the right to information as per article 15 GDPR, the right to correction as per article 16 GDPR, the right to deletion as per article 17 GDPR, the right to restriction of processing as per article 18 GDPR, the right to object as per article 21 GDPR as well as the right to data transferability as per article 20 GDPR. The restrictions as per §§ 34 and 35 BDSG [Federal Data Protection Act] apply for the right to information and the right to deletion.
Briefing on the option to complain
You also have the right to complain to the competent data supervisory authority about our processing of your personal data.
Briefing on the revocation of consent
You can always revoke your consent given to us to process personal data. This also applies to the revocation of declarations of consent, which have been given to us before the General Data Protection Regulation came into effect, i.e. before May 25, 2018. Please note that this revocation only be effective for the future. It does not affect processing that has occurred prior to the revocation.
Rights in the event of data processing for direct mail advertising
As per article 21 (2) GDPR, you have the right to object to the processing of personal data concerning you at any time. If you do object to the processing for the purposes of direct mail advertising, we will no longer process your personal data for these purposes. Please note that this objection only be effective for the future. It does not affect processing that has occurred prior to the objection.
Note on the right to object in the case of a consideration of interests
If we base the processing of your personal data on a consideration of interests, you can object to the processing. If such an objection is exercised, we ask you to explain the reasons why we should not process your personal data as we have described it. In the case of your justified objection, we will check the situation and either stop or adjust the data processing or explain to you our compelling legitimate reasons.
Links to other websites
Our websites may contain links to websites of other providers. Please note that this privacy policy only applies to the websites of ALLPLAN Deutschland GmbH. We have no influence over this and do not control whether other providers comply with the applicable data protection regulations.
Changes to the privacy policy
We reserve the right to modify or adjust this privacy policy at any time while observing the applicable data protection regulations.