Privacy policy

As of: 25th May, 2018

 

Preamble

In the following privacy policy, you will be informed about the collection of personal data when using our website. Personal data is all data related to you personally, such as name, address, e-mail address or user behavior.

Responsible party / DSB

Responsible party
for the data processing

Data protection officer
of the responsible party

ALLPLAN Deutschland GmbH
Konrad-Zuse-Platz 1
81829 München
Deutschland

Legal representative:
Joffrey Spinetti and Dr. Detlef Schneider, Managing Director

Mrs. Jana Heinze
Consultant for data protection and attorney
intersoft consulting services AG
Marsstraße 37
80335 München
Deutschland

Can be reached by e-mail at:
datenschutzbeauftragter@allplan.com

 

General data collection when accessing our website

Data must be collected to provide the website and the data must be stored in log files to operate the website. However, the user has no option to object. Every time ALLPLAN's website is accessed, usage data is determined by the respective Internet browser and stored in server log files. The data sets saved here contain the following data: The date and time of access, name of the site accessed, IP address, referrer URL (origin URL from which you came to the website), the transferred amount of data as well as the product and version information of the browser used.

The user’s IP addresses are deleted or anonymized after the end of usage. During an anonymization, the IP addresses are changed so that the details of personal or professional relationships can no longer be assigned to a certain or identifiable natural person or it cannot be done without a disproportionately large amount of time, money and effort.

ALLPLAN analyzes these log file data sets in anonymized form to improve the website further and make it more user-friendly, to find and correct errors faster and to control server capacities. In addition, analyzing the log files makes it possible to identify and correct errors on the website faster.

As part of the consideration of interests as per article 6 (1) lit. f GDPR, we have taken into consideration and weighed our interest in the provision and your interest in a data protection-compliant processing of your personal data. Since the data below is sometimes technically required to provide our service so that we can offer you our website and also ensure stability and safety, especially in order to offer protection against misuse, we have come to the conclusion that this data (with a state-of-the-art guarantee of data security) can be processed, whereby your interest in a data protection-compliant processing is reasonably taken into consideration.

Data

Purpose of processing

Duration of storage

Operating system used

Evaluation by devices in order to ensure an optimized display of the website

The data is deleted or anonymized (change the IP address so that individual information can no longer be assigned to a certain or identifiable natural person or it cannot be done without a disproportionately large amount of time, money and effort) once the respective session is over.

Information about the type of browser and the version used

Evaluation of the browser used in order to optimize our websites for this purpose

The Internet service provider of the user

Evaluation of the Internet service provider

IP address

Display of the website on the respective device

The data and time of the access

Ensuring the proper operation of the website.

If necessary, the manufacturer and type designation of the smartphone, tablet or other end devices

Evaluation of the device manufacturer and types of mobile end devices for statistical purposes

Name of the site accessed

Ensuring the proper operation of the website

Referrer URL (source URL from which you came to the website)

Ensuring the proper operation of the website

Log files

Ensuring the proper operation of the website

 

Collection, Processing and Use of Your Personal Data

ALLPLAN strictly complies with the statutory provisions, especially the General Data Protection Regulation (GDPR), when collecting, processing and using your personal data. ALLPLAN collects, stores and processes your data to fully complete your registration, application or shop order, including any subsequent warranties, for services, technical administrator and their own marketing purposes.

Your personal data is only disclosed to third parties or otherwise if this is required for the purpose of contract execution or billing or you have consented otherwise. As part of the order processing, the service providers (sales partners) utilized by ALLPLAN, for example, will receive the necessary data for the order processing. The data disclosed in this way may only be used by service providers to fulfill their task. Any other use of the information is not permitted.

For registration, ALLPLAN requires your correct name and address information. Additional payment information is required for your shop order. Your e-mail address is required so that ALLPLAN can confirm the registration or order entry, provide services (e.g. product downloads) and communicate with you. In addition, the e-mail address is required for identification (customer login).

Your personal data is then deleted if not opposed by retention obligations and if you have made a claim for deletion if the data is no longer required for the purpose intended with the data storage or if its storage is not permitted for other legal reasons.

The following personal data is generally collected and stored as part of the provision of services by ALLPLAN: Address data (name and address), email address as well as optionally the telephone number.

Personal data is also used to:

  • provide content requiring registration, including product downloads, webinars, shop orders;
  • conduct market research and provide information about news, offers and promotions, if consent for this was granted;
  • improve services on the website for users, which measure the interest in different services,
  • offer other services described during the collection of data.

Registration

You can register with us and create a customer account. We collect and save the following data from you for the registration:

Data

Purpose of processing

Legal basis for processing

Duration of storage

User name

Creation of the customer account

Execution of a user contract

Until revocation / objection

E-mail address

Creation of the customer account

Execution of a user contract

Until revocation / objection

Password

Creation of the customer account

Execution of a user contract

Until revocation / objection

IP address when logging in

Data transfer when registering on the web server

Execution of a user contract

Until revocation / objection

*Title

Direct approach

Consent

Until revocation / objection

First name

Direct approach / proper invoicing and proof of collected taxes

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Last name

Direct approach / proper invoicing and proof of collected taxes

Consent / initiation / execution of the contractual relationship

Until revocation / objection

*Telephone number

Communication with the customer

Consent

Until revocation / objection

Address

Direct approach / proper invoicing and proof of collected taxes

Consent / initiation / execution of the contractual relationship

Until revocation / objection

*Company address

Direct approach / proper invoicing and proof of collected taxes

Consent / initiation / execution of the contractual relationship

Until revocation / objection

* optional information

Cookies – General Information

Our website uses cookies. Cookies are text files that are stored in the Internet browser or that are stored by the Internet browser on the user's computer system. If a user accesses a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string that makes it possible to uniquely identify the browser the next time the website is accessed.

 

Cookies – Different Types of Cookies

a) Technically required cookies

We use cookies to make our website more user-friendly. Some elements of our website require the accessing browser to be identifiable after switching sites.

Technically required cookies are not mandatory at all to show this website. But some functionalities like basket, contact form, login, etc. cannot be used properly without these cookies. You can change your browser settings to deactivate these cookies.

Forms

You can contact us via our contact form or receive free content (including test version) via our forms. We will of course only use the personal data sent to us in this way for the purpose you provide us when you contacted us.

Data

Purpose of processing

Legal basis for processing

Duration of storage

IP address when logging in

Transmission of the form content to the web server

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Title

Direct approach

Consent / initiation / execution of the contractual relationship

Until revocation / objection

First name

Direct approach

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Last name

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Issue

Response to the issue

Consent / initiation / execution of the contractual relationship

Until revocation / objection

E-mail address

Response to the issue

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Telephone number

Response to the issue

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Address

Improved processing of the inquiry

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Company address

Improved processing of the inquiry

Consent / initiation / execution of the contractual relationship

Until revocation / objection

 

Applications

You can apply to our company electronically.

We will only use your information for the purposes of processing your application and will not disclose it to third parties.

Please note that unencrypted sent e-mails are sent without access protection. Unfortunately we do not currently offer an encryption for e-mail applications.

After the application process has been completed, your personal data will be deleted immediately or after a maximum of 6 months, unless you have given us your express consent to save your data for longer.

 

Secure data transmission

Your personal data is securely transmitted at ALLPLAN through encryption. This applies to all form processes (including registration, application, ordering). ALLPLAN uses the coding system SSL (Secure Socket Layer). However, no one can guarantee absolute protection. ALLPLAN uses technical and organizational measures to protect its website and other systems from loss, destruction, access, modification or dissemination of your data by unauthorized persons.

Disclosure of Data

Your personal data is not sent to third parties for purposes other than those listed.

We only disclose your personal data to third parties if:

  • you have given your express consent to do so,
  • the disclosure is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominant legitimate interest in the non-disclosure of your data,
  • in the event that there is a legal obligation to disclose, as well as
  • this is legally permissible and is required to implement contractual relationships with you.

The high European level of data protection generally does not exist for data transmission outside of the European Union. During data transmission, it may occur that there is currently no adequacy decision of the EU Commission in the sense of article 45 (1) (3) GDPR. In other words, the EU Commission has so far not positively determined that the country-specific data protection level corresponds to the data protection level of the European Union based on the GDPR, which is why we have created the aforementioned appropriate guarantees.

Possible risks that cannot be completely ruled out in connection with the data transfer in particular are:

  • Your personal data could possibly be processed beyond its intended purpose.
  • In addition, it is possible that you may not be able to sustainably assert or enforce your data protection rights, such as your right to information, correction, deletion or data transferability.
  • There may also be a greater likelihood that there can be an incorrect data processing and the protection of the personal data does not fully quantitatively and qualitatively correspond to the requirements of the GDPR.

 

Full Payment Service Provider Novalnet AG

The data controller has included in this website components of the Novalnet AG integrated. Novalnet AG is a Full Payment Service Provider, which among other things payment processing takes over.

If the person concerned selects a payment method during the ordering process in the online store, data of the person concerned will be automatically transmitted to Novalnet AG. With the If a payment option is selected, the person concerned consents to it for the processing of the payment, transmission of personal data.

The personal data transmitted to Novalnet are usually First name, last name, address, date of birth, gender, email address, IP address, telephone number, cell phone number and other data necessary for the processing of a payment are necessary. For the processing of the purchase contract are also necessary such personal Data that are related to the respective order. In particular, it can be used for mutual exchange of payment information, such as bank details, card number, Validity date and CVC code, data on goods and services, prices come.

The transmission of the data is intended in particular for identity verification, which Payment administration and fraud prevention. The data controller will the Novalnet AG personal data in particular if an authorized interest in the transmission is given. The agreement between Novalnet AG and the personal data exchanged with the data controller may be processed by the Novalnet AG to credit agencies. The purpose of this transmission is the identity- and credit assessment.

Novalnet AG also gives personal data to service providers or subcontractor, insofar as this is necessary for the fulfilment of the contractual obligations or the data are to be processed.

The data subject has the possibility to withdraw his or her consent to the processing of personal data. data to Novalnet AG at any time. A revocation has no effect on personal data, which is processed for the (contractual) payment processing, must be used or transmitted.

 

Briefing on the rights of the party concerned

Each party concerned has the right to information as per article 15 GDPR, the right to correction as per article 16 GDPR, the right to deletion as per article 17 GDPR, the right to restriction of processing as per article 18 GDPR, the right to object as per article 21 GDPR as well as the right to data transferability as per article 20 GDPR. The restrictions as per §§ 34 and 35 BDSG [Federal Data Protection Act] apply for the right to information and the right to deletion.

 

Briefing on the option to complain

You also have the right to complain to the competent data supervisory authority about our processing of your personal data.

 

Briefing on the revocation of consent

You can always revoke your consent given to us to process personal data. This also applies to the revocation of declarations of consent, which have been given to us before the General Data Protection Regulation came into effect, i.e. before May 25, 2018. Please note that this revocation only be effective for the future. It does not affect processing that has occurred prior to the revocation.

 

Rights in the event of data processing for direct mail advertising

As per article 21 (2) GDPR, you have the right to object to the processing of personal data concerning you at any time. If you do object to the processing for the purposes of direct mail advertising, we will no longer process your personal data for these purposes. Please note that this objection only be effective for the future. It does not affect processing that has occurred prior to the objection.

 

Note on the right to object in the case of a consideration of interests

If we base the processing of your personal data on a consideration of interests, you can object to the processing. If such an objection is exercised, we ask you to explain the reasons why we should not process your personal data as we have described it. In the case of your justified objection, we will check the situation and either stop or adjust the data processing or explain to you our compelling legitimate reasons.

 

Links to other websites

Our websites may contain links to websites of other providers. Please note that this privacy policy only applies to the websites of ALLPLAN Deutschland GmbH. We have no influence over this and do not control whether other providers comply with the applicable data protection regulations.

 

Changes to the privacy policy

We reserve the right to modify or adjust this privacy policy at any time while observing the applicable data protection regulations.

Usage of cookies:
Allplan Shop uses essential cookies to run this website in a proper way.
You can see the used cookies on the data protection page. - More informations

Close

Allplan Shop | Privacy policy

Privacy policy

As of: 25th May, 2018

 

Preamble

In the following privacy policy, you will be informed about the collection of personal data when using our website. Personal data is all data related to you personally, such as name, address, e-mail address or user behavior.

Responsible party / DSB

Responsible party
for the data processing

Data protection officer
of the responsible party

ALLPLAN Deutschland GmbH
Konrad-Zuse-Platz 1
81829 München
Deutschland

Legal representative:
Joffrey Spinetti and Dr. Detlef Schneider, Managing Director

Mrs. Jana Heinze
Consultant for data protection and attorney
intersoft consulting services AG
Marsstraße 37
80335 München
Deutschland

Can be reached by e-mail at:
datenschutzbeauftragter@allplan.com

 

General data collection when accessing our website

Data must be collected to provide the website and the data must be stored in log files to operate the website. However, the user has no option to object. Every time ALLPLAN's website is accessed, usage data is determined by the respective Internet browser and stored in server log files. The data sets saved here contain the following data: The date and time of access, name of the site accessed, IP address, referrer URL (origin URL from which you came to the website), the transferred amount of data as well as the product and version information of the browser used.

The user’s IP addresses are deleted or anonymized after the end of usage. During an anonymization, the IP addresses are changed so that the details of personal or professional relationships can no longer be assigned to a certain or identifiable natural person or it cannot be done without a disproportionately large amount of time, money and effort.

ALLPLAN analyzes these log file data sets in anonymized form to improve the website further and make it more user-friendly, to find and correct errors faster and to control server capacities. In addition, analyzing the log files makes it possible to identify and correct errors on the website faster.

As part of the consideration of interests as per article 6 (1) lit. f GDPR, we have taken into consideration and weighed our interest in the provision and your interest in a data protection-compliant processing of your personal data. Since the data below is sometimes technically required to provide our service so that we can offer you our website and also ensure stability and safety, especially in order to offer protection against misuse, we have come to the conclusion that this data (with a state-of-the-art guarantee of data security) can be processed, whereby your interest in a data protection-compliant processing is reasonably taken into consideration.

Data

Purpose of processing

Duration of storage

Operating system used

Evaluation by devices in order to ensure an optimized display of the website

The data is deleted or anonymized (change the IP address so that individual information can no longer be assigned to a certain or identifiable natural person or it cannot be done without a disproportionately large amount of time, money and effort) once the respective session is over.

Information about the type of browser and the version used

Evaluation of the browser used in order to optimize our websites for this purpose

The Internet service provider of the user

Evaluation of the Internet service provider

IP address

Display of the website on the respective device

The data and time of the access

Ensuring the proper operation of the website.

If necessary, the manufacturer and type designation of the smartphone, tablet or other end devices

Evaluation of the device manufacturer and types of mobile end devices for statistical purposes

Name of the site accessed

Ensuring the proper operation of the website

Referrer URL (source URL from which you came to the website)

Ensuring the proper operation of the website

Log files

Ensuring the proper operation of the website

 

Collection, Processing and Use of Your Personal Data

ALLPLAN strictly complies with the statutory provisions, especially the General Data Protection Regulation (GDPR), when collecting, processing and using your personal data. ALLPLAN collects, stores and processes your data to fully complete your registration, application or shop order, including any subsequent warranties, for services, technical administrator and their own marketing purposes.

Your personal data is only disclosed to third parties or otherwise if this is required for the purpose of contract execution or billing or you have consented otherwise. As part of the order processing, the service providers (sales partners) utilized by ALLPLAN, for example, will receive the necessary data for the order processing. The data disclosed in this way may only be used by service providers to fulfill their task. Any other use of the information is not permitted.

For registration, ALLPLAN requires your correct name and address information. Additional payment information is required for your shop order. Your e-mail address is required so that ALLPLAN can confirm the registration or order entry, provide services (e.g. product downloads) and communicate with you. In addition, the e-mail address is required for identification (customer login).

Your personal data is then deleted if not opposed by retention obligations and if you have made a claim for deletion if the data is no longer required for the purpose intended with the data storage or if its storage is not permitted for other legal reasons.

The following personal data is generally collected and stored as part of the provision of services by ALLPLAN: Address data (name and address), email address as well as optionally the telephone number.

Personal data is also used to:

  • provide content requiring registration, including product downloads, webinars, shop orders;
  • conduct market research and provide information about news, offers and promotions, if consent for this was granted;
  • improve services on the website for users, which measure the interest in different services,
  • offer other services described during the collection of data.

Registration

You can register with us and create a customer account. We collect and save the following data from you for the registration:

Data

Purpose of processing

Legal basis for processing

Duration of storage

User name

Creation of the customer account

Execution of a user contract

Until revocation / objection

E-mail address

Creation of the customer account

Execution of a user contract

Until revocation / objection

Password

Creation of the customer account

Execution of a user contract

Until revocation / objection

IP address when logging in

Data transfer when registering on the web server

Execution of a user contract

Until revocation / objection

*Title

Direct approach

Consent

Until revocation / objection

First name

Direct approach / proper invoicing and proof of collected taxes

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Last name

Direct approach / proper invoicing and proof of collected taxes

Consent / initiation / execution of the contractual relationship

Until revocation / objection

*Telephone number

Communication with the customer

Consent

Until revocation / objection

Address

Direct approach / proper invoicing and proof of collected taxes

Consent / initiation / execution of the contractual relationship

Until revocation / objection

*Company address

Direct approach / proper invoicing and proof of collected taxes

Consent / initiation / execution of the contractual relationship

Until revocation / objection

* optional information

Cookies – General Information

Our website uses cookies. Cookies are text files that are stored in the Internet browser or that are stored by the Internet browser on the user's computer system. If a user accesses a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string that makes it possible to uniquely identify the browser the next time the website is accessed.

 

Cookies – Different Types of Cookies

a) Technically required cookies

We use cookies to make our website more user-friendly. Some elements of our website require the accessing browser to be identifiable after switching sites.

Technically required cookies are not mandatory at all to show this website. But some functionalities like basket, contact form, login, etc. cannot be used properly without these cookies. You can change your browser settings to deactivate these cookies.

Forms

You can contact us via our contact form or receive free content (including test version) via our forms. We will of course only use the personal data sent to us in this way for the purpose you provide us when you contacted us.

Data

Purpose of processing

Legal basis for processing

Duration of storage

IP address when logging in

Transmission of the form content to the web server

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Title

Direct approach

Consent / initiation / execution of the contractual relationship

Until revocation / objection

First name

Direct approach

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Last name

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Issue

Response to the issue

Consent / initiation / execution of the contractual relationship

Until revocation / objection

E-mail address

Response to the issue

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Telephone number

Response to the issue

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Address

Improved processing of the inquiry

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Company address

Improved processing of the inquiry

Consent / initiation / execution of the contractual relationship

Until revocation / objection

 

Applications

You can apply to our company electronically.

We will only use your information for the purposes of processing your application and will not disclose it to third parties.

Please note that unencrypted sent e-mails are sent without access protection. Unfortunately we do not currently offer an encryption for e-mail applications.

After the application process has been completed, your personal data will be deleted immediately or after a maximum of 6 months, unless you have given us your express consent to save your data for longer.

 

Secure data transmission

Your personal data is securely transmitted at ALLPLAN through encryption. This applies to all form processes (including registration, application, ordering). ALLPLAN uses the coding system SSL (Secure Socket Layer). However, no one can guarantee absolute protection. ALLPLAN uses technical and organizational measures to protect its website and other systems from loss, destruction, access, modification or dissemination of your data by unauthorized persons.

Disclosure of Data

Your personal data is not sent to third parties for purposes other than those listed.

We only disclose your personal data to third parties if:

  • you have given your express consent to do so,
  • the disclosure is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominant legitimate interest in the non-disclosure of your data,
  • in the event that there is a legal obligation to disclose, as well as
  • this is legally permissible and is required to implement contractual relationships with you.

The high European level of data protection generally does not exist for data transmission outside of the European Union. During data transmission, it may occur that there is currently no adequacy decision of the EU Commission in the sense of article 45 (1) (3) GDPR. In other words, the EU Commission has so far not positively determined that the country-specific data protection level corresponds to the data protection level of the European Union based on the GDPR, which is why we have created the aforementioned appropriate guarantees.

Possible risks that cannot be completely ruled out in connection with the data transfer in particular are:

  • Your personal data could possibly be processed beyond its intended purpose.
  • In addition, it is possible that you may not be able to sustainably assert or enforce your data protection rights, such as your right to information, correction, deletion or data transferability.
  • There may also be a greater likelihood that there can be an incorrect data processing and the protection of the personal data does not fully quantitatively and qualitatively correspond to the requirements of the GDPR.

 

Full Payment Service Provider Novalnet AG

The data controller has included in this website components of the Novalnet AG integrated. Novalnet AG is a Full Payment Service Provider, which among other things payment processing takes over.

If the person concerned selects a payment method during the ordering process in the online store, data of the person concerned will be automatically transmitted to Novalnet AG. With the If a payment option is selected, the person concerned consents to it for the processing of the payment, transmission of personal data.

The personal data transmitted to Novalnet are usually First name, last name, address, date of birth, gender, email address, IP address, telephone number, cell phone number and other data necessary for the processing of a payment are necessary. For the processing of the purchase contract are also necessary such personal Data that are related to the respective order. In particular, it can be used for mutual exchange of payment information, such as bank details, card number, Validity date and CVC code, data on goods and services, prices come.

The transmission of the data is intended in particular for identity verification, which Payment administration and fraud prevention. The data controller will the Novalnet AG personal data in particular if an authorized interest in the transmission is given. The agreement between Novalnet AG and the personal data exchanged with the data controller may be processed by the Novalnet AG to credit agencies. The purpose of this transmission is the identity- and credit assessment.

Novalnet AG also gives personal data to service providers or subcontractor, insofar as this is necessary for the fulfilment of the contractual obligations or the data are to be processed.

The data subject has the possibility to withdraw his or her consent to the processing of personal data. data to Novalnet AG at any time. A revocation has no effect on personal data, which is processed for the (contractual) payment processing, must be used or transmitted.

 

Briefing on the rights of the party concerned

Each party concerned has the right to information as per article 15 GDPR, the right to correction as per article 16 GDPR, the right to deletion as per article 17 GDPR, the right to restriction of processing as per article 18 GDPR, the right to object as per article 21 GDPR as well as the right to data transferability as per article 20 GDPR. The restrictions as per §§ 34 and 35 BDSG [Federal Data Protection Act] apply for the right to information and the right to deletion.

 

Briefing on the option to complain

You also have the right to complain to the competent data supervisory authority about our processing of your personal data.

 

Briefing on the revocation of consent

You can always revoke your consent given to us to process personal data. This also applies to the revocation of declarations of consent, which have been given to us before the General Data Protection Regulation came into effect, i.e. before May 25, 2018. Please note that this revocation only be effective for the future. It does not affect processing that has occurred prior to the revocation.

 

Rights in the event of data processing for direct mail advertising

As per article 21 (2) GDPR, you have the right to object to the processing of personal data concerning you at any time. If you do object to the processing for the purposes of direct mail advertising, we will no longer process your personal data for these purposes. Please note that this objection only be effective for the future. It does not affect processing that has occurred prior to the objection.

 

Note on the right to object in the case of a consideration of interests

If we base the processing of your personal data on a consideration of interests, you can object to the processing. If such an objection is exercised, we ask you to explain the reasons why we should not process your personal data as we have described it. In the case of your justified objection, we will check the situation and either stop or adjust the data processing or explain to you our compelling legitimate reasons.

 

Links to other websites

Our websites may contain links to websites of other providers. Please note that this privacy policy only applies to the websites of ALLPLAN Deutschland GmbH. We have no influence over this and do not control whether other providers comply with the applicable data protection regulations.

 

Changes to the privacy policy

We reserve the right to modify or adjust this privacy policy at any time while observing the applicable data protection regulations.

Privacy policy

As of: 25th May, 2018

 

Preamble

In the following privacy policy, you will be informed about the collection of personal data when using our website. Personal data is all data related to you personally, such as name, address, e-mail address or user behavior.

Responsible party / DSB

Responsible party
for the data processing

Data protection officer
of the responsible party

ALLPLAN Deutschland GmbH
Konrad-Zuse-Platz 1
81829 München
Deutschland

Legal representative:
Joffrey Spinetti and Dr. Detlef Schneider, Managing Director

Mrs. Jana Heinze
Consultant for data protection and attorney
intersoft consulting services AG
Marsstraße 37
80335 München
Deutschland

Can be reached by e-mail at:
datenschutzbeauftragter@allplan.com

 

General data collection when accessing our website

Data must be collected to provide the website and the data must be stored in log files to operate the website. However, the user has no option to object. Every time ALLPLAN's website is accessed, usage data is determined by the respective Internet browser and stored in server log files. The data sets saved here contain the following data: The date and time of access, name of the site accessed, IP address, referrer URL (origin URL from which you came to the website), the transferred amount of data as well as the product and version information of the browser used.

The user’s IP addresses are deleted or anonymized after the end of usage. During an anonymization, the IP addresses are changed so that the details of personal or professional relationships can no longer be assigned to a certain or identifiable natural person or it cannot be done without a disproportionately large amount of time, money and effort.

ALLPLAN analyzes these log file data sets in anonymized form to improve the website further and make it more user-friendly, to find and correct errors faster and to control server capacities. In addition, analyzing the log files makes it possible to identify and correct errors on the website faster.

As part of the consideration of interests as per article 6 (1) lit. f GDPR, we have taken into consideration and weighed our interest in the provision and your interest in a data protection-compliant processing of your personal data. Since the data below is sometimes technically required to provide our service so that we can offer you our website and also ensure stability and safety, especially in order to offer protection against misuse, we have come to the conclusion that this data (with a state-of-the-art guarantee of data security) can be processed, whereby your interest in a data protection-compliant processing is reasonably taken into consideration.

Data

Purpose of processing

Duration of storage

Operating system used

Evaluation by devices in order to ensure an optimized display of the website

The data is deleted or anonymized (change the IP address so that individual information can no longer be assigned to a certain or identifiable natural person or it cannot be done without a disproportionately large amount of time, money and effort) once the respective session is over.

Information about the type of browser and the version used

Evaluation of the browser used in order to optimize our websites for this purpose

The Internet service provider of the user

Evaluation of the Internet service provider

IP address

Display of the website on the respective device

The data and time of the access

Ensuring the proper operation of the website.

If necessary, the manufacturer and type designation of the smartphone, tablet or other end devices

Evaluation of the device manufacturer and types of mobile end devices for statistical purposes

Name of the site accessed

Ensuring the proper operation of the website

Referrer URL (source URL from which you came to the website)

Ensuring the proper operation of the website

Log files

Ensuring the proper operation of the website

 

Collection, Processing and Use of Your Personal Data

ALLPLAN strictly complies with the statutory provisions, especially the General Data Protection Regulation (GDPR), when collecting, processing and using your personal data. ALLPLAN collects, stores and processes your data to fully complete your registration, application or shop order, including any subsequent warranties, for services, technical administrator and their own marketing purposes.

Your personal data is only disclosed to third parties or otherwise if this is required for the purpose of contract execution or billing or you have consented otherwise. As part of the order processing, the service providers (sales partners) utilized by ALLPLAN, for example, will receive the necessary data for the order processing. The data disclosed in this way may only be used by service providers to fulfill their task. Any other use of the information is not permitted.

For registration, ALLPLAN requires your correct name and address information. Additional payment information is required for your shop order. Your e-mail address is required so that ALLPLAN can confirm the registration or order entry, provide services (e.g. product downloads) and communicate with you. In addition, the e-mail address is required for identification (customer login).

Your personal data is then deleted if not opposed by retention obligations and if you have made a claim for deletion if the data is no longer required for the purpose intended with the data storage or if its storage is not permitted for other legal reasons.

The following personal data is generally collected and stored as part of the provision of services by ALLPLAN: Address data (name and address), email address as well as optionally the telephone number.

Personal data is also used to:

  • provide content requiring registration, including product downloads, webinars, shop orders;
  • conduct market research and provide information about news, offers and promotions, if consent for this was granted;
  • improve services on the website for users, which measure the interest in different services,
  • offer other services described during the collection of data.

Registration

You can register with us and create a customer account. We collect and save the following data from you for the registration:

Data

Purpose of processing

Legal basis for processing

Duration of storage

User name

Creation of the customer account

Execution of a user contract

Until revocation / objection

E-mail address

Creation of the customer account

Execution of a user contract

Until revocation / objection

Password

Creation of the customer account

Execution of a user contract

Until revocation / objection

IP address when logging in

Data transfer when registering on the web server

Execution of a user contract

Until revocation / objection

*Title

Direct approach

Consent

Until revocation / objection

First name

Direct approach / proper invoicing and proof of collected taxes

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Last name

Direct approach / proper invoicing and proof of collected taxes

Consent / initiation / execution of the contractual relationship

Until revocation / objection

*Telephone number

Communication with the customer

Consent

Until revocation / objection

Address

Direct approach / proper invoicing and proof of collected taxes

Consent / initiation / execution of the contractual relationship

Until revocation / objection

*Company address

Direct approach / proper invoicing and proof of collected taxes

Consent / initiation / execution of the contractual relationship

Until revocation / objection

* optional information

Cookies – General Information

Our website uses cookies. Cookies are text files that are stored in the Internet browser or that are stored by the Internet browser on the user's computer system. If a user accesses a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string that makes it possible to uniquely identify the browser the next time the website is accessed.

 

Cookies – Different Types of Cookies

a) Technically required cookies

We use cookies to make our website more user-friendly. Some elements of our website require the accessing browser to be identifiable after switching sites.

Technically required cookies are not mandatory at all to show this website. But some functionalities like basket, contact form, login, etc. cannot be used properly without these cookies. You can change your browser settings to deactivate these cookies.

Forms

You can contact us via our contact form or receive free content (including test version) via our forms. We will of course only use the personal data sent to us in this way for the purpose you provide us when you contacted us.

Data

Purpose of processing

Legal basis for processing

Duration of storage

IP address when logging in

Transmission of the form content to the web server

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Title

Direct approach

Consent / initiation / execution of the contractual relationship

Until revocation / objection

First name

Direct approach

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Last name

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Issue

Response to the issue

Consent / initiation / execution of the contractual relationship

Until revocation / objection

E-mail address

Response to the issue

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Telephone number

Response to the issue

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Address

Improved processing of the inquiry

Consent / initiation / execution of the contractual relationship

Until revocation / objection

Company address

Improved processing of the inquiry

Consent / initiation / execution of the contractual relationship

Until revocation / objection

 

Applications

You can apply to our company electronically.

We will only use your information for the purposes of processing your application and will not disclose it to third parties.

Please note that unencrypted sent e-mails are sent without access protection. Unfortunately we do not currently offer an encryption for e-mail applications.

After the application process has been completed, your personal data will be deleted immediately or after a maximum of 6 months, unless you have given us your express consent to save your data for longer.

 

Secure data transmission

Your personal data is securely transmitted at ALLPLAN through encryption. This applies to all form processes (including registration, application, ordering). ALLPLAN uses the coding system SSL (Secure Socket Layer). However, no one can guarantee absolute protection. ALLPLAN uses technical and organizational measures to protect its website and other systems from loss, destruction, access, modification or dissemination of your data by unauthorized persons.

Disclosure of Data

Your personal data is not sent to third parties for purposes other than those listed.

We only disclose your personal data to third parties if:

  • you have given your express consent to do so,
  • the disclosure is required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominant legitimate interest in the non-disclosure of your data,
  • in the event that there is a legal obligation to disclose, as well as
  • this is legally permissible and is required to implement contractual relationships with you.

The high European level of data protection generally does not exist for data transmission outside of the European Union. During data transmission, it may occur that there is currently no adequacy decision of the EU Commission in the sense of article 45 (1) (3) GDPR. In other words, the EU Commission has so far not positively determined that the country-specific data protection level corresponds to the data protection level of the European Union based on the GDPR, which is why we have created the aforementioned appropriate guarantees.

Possible risks that cannot be completely ruled out in connection with the data transfer in particular are:

  • Your personal data could possibly be processed beyond its intended purpose.
  • In addition, it is possible that you may not be able to sustainably assert or enforce your data protection rights, such as your right to information, correction, deletion or data transferability.
  • There may also be a greater likelihood that there can be an incorrect data processing and the protection of the personal data does not fully quantitatively and qualitatively correspond to the requirements of the GDPR.

 

Full Payment Service Provider Novalnet AG

The data controller has included in this website components of the Novalnet AG integrated. Novalnet AG is a Full Payment Service Provider, which among other things payment processing takes over.

If the person concerned selects a payment method during the ordering process in the online store, data of the person concerned will be automatically transmitted to Novalnet AG. With the If a payment option is selected, the person concerned consents to it for the processing of the payment, transmission of personal data.

The personal data transmitted to Novalnet are usually First name, last name, address, date of birth, gender, email address, IP address, telephone number, cell phone number and other data necessary for the processing of a payment are necessary. For the processing of the purchase contract are also necessary such personal Data that are related to the respective order. In particular, it can be used for mutual exchange of payment information, such as bank details, card number, Validity date and CVC code, data on goods and services, prices come.

The transmission of the data is intended in particular for identity verification, which Payment administration and fraud prevention. The data controller will the Novalnet AG personal data in particular if an authorized interest in the transmission is given. The agreement between Novalnet AG and the personal data exchanged with the data controller may be processed by the Novalnet AG to credit agencies. The purpose of this transmission is the identity- and credit assessment.

Novalnet AG also gives personal data to service providers or subcontractor, insofar as this is necessary for the fulfilment of the contractual obligations or the data are to be processed.

The data subject has the possibility to withdraw his or her consent to the processing of personal data. data to Novalnet AG at any time. A revocation has no effect on personal data, which is processed for the (contractual) payment processing, must be used or transmitted.

 

Briefing on the rights of the party concerned

Each party concerned has the right to information as per article 15 GDPR, the right to correction as per article 16 GDPR, the right to deletion as per article 17 GDPR, the right to restriction of processing as per article 18 GDPR, the right to object as per article 21 GDPR as well as the right to data transferability as per article 20 GDPR. The restrictions as per §§ 34 and 35 BDSG [Federal Data Protection Act] apply for the right to information and the right to deletion.

 

Briefing on the option to complain

You also have the right to complain to the competent data supervisory authority about our processing of your personal data.

 

Briefing on the revocation of consent

You can always revoke your consent given to us to process personal data. This also applies to the revocation of declarations of consent, which have been given to us before the General Data Protection Regulation came into effect, i.e. before May 25, 2018. Please note that this revocation only be effective for the future. It does not affect processing that has occurred prior to the revocation.

 

Rights in the event of data processing for direct mail advertising

As per article 21 (2) GDPR, you have the right to object to the processing of personal data concerning you at any time. If you do object to the processing for the purposes of direct mail advertising, we will no longer process your personal data for these purposes. Please note that this objection only be effective for the future. It does not affect processing that has occurred prior to the objection.

 

Note on the right to object in the case of a consideration of interests

If we base the processing of your personal data on a consideration of interests, you can object to the processing. If such an objection is exercised, we ask you to explain the reasons why we should not process your personal data as we have described it. In the case of your justified objection, we will check the situation and either stop or adjust the data processing or explain to you our compelling legitimate reasons.

 

Links to other websites

Our websites may contain links to websites of other providers. Please note that this privacy policy only applies to the websites of ALLPLAN Deutschland GmbH. We have no influence over this and do not control whether other providers comply with the applicable data protection regulations.

 

Changes to the privacy policy

We reserve the right to modify or adjust this privacy policy at any time while observing the applicable data protection regulations.

Usage of cookies:
Allplan Shop uses essential cookies to run this website in a proper way.
You can see the used cookies on the data protection page. - More informations

Close