DATA PROTECTION

The protection of your personal data is our utmost concern, due to which we only collect, store and use those personal data that are necessary for the specified purposes. Below you will learn more about how your data is handled when using our website.


Notes on data protection

Data protection is a particularly important topic at our company. In the following, we will inform you about the collection of personal data when using our website. Personal data is all data related to you personally, such as name, address, e-mail addresses or user behavior. We have put in place extensive technical and operational safeguards to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. We regularly review our security measures and adapt them to technological progress.

 

1 Responsible party for data processing

Responsible party pursuant to Art. 4 (7) EU General Data Protection Regulation (GDPR) is

ALLPLAN Inc.
3401 Village Dr #110
Lincoln, Nebraska 68516
USA

E-mail:

 

2 Get in touch with our data protection officer

Please contact our data protection officer at or our postal address by adding “data protection officer”.

 

3 General data collection when accessing our website

If you use the website for informational purposes only, i.e., if you do not register or otherwise transmit information to us (e.g., via a contact form), we collect the following technical information (log file data):

Data

Purpose of processing

Duration of storage

Operating system used

Evaluation by devices in order to ensure an optimized display of the website

The data is deleted in log files for the purpose of operating the website and to protect against misuse in accordance with our security regulations, generally after 30 days

Information about the type of browser and the version used

Evaluation of the browser used in order to optimize our websites for this purpose

The Internet service provider of the user

Evaluation of the Internet service provider

IP address

Display of the website on the respective device

Date and time of access

Ensuring the proper operation of the website

If necessary, manufacturer and type designation of the smartphone, tablet or other end device

Evaluation of device manufacturers and types of mobile devices for statistical purposes

Name of accessed site

Ensuring proper operation of the website

Referrer URL (source URL from which you came to the website)

Ensuring proper operation of the website

We collect this data for technical reasons to display our website to you and to ensure stability and security. We (and our hosting service providers) are generally not aware of who is behind an IP address. We do not merge the above data with any other data.

The legal basis is the legitimate interest pursuant to Art. 6 (1) s. 1 lit. f GDPR. Within the framework of the balancing of interests pursuant to Art. 6 (1) lit. f GDPR, we have taken into account and weighed our interest in providing and your interest in processing your personal data in accordance with data protection. Since the following data is technically necessary for us to provide you with our service and also to ensure stability and security, in particular to protect from misuse, we have to process this data – while ensuring data security in line with the state of the art – taking due account of your interest in processing in line with data protection requirements. If the processing is based on another legal basis (e.g. consent according to Art. 6 (1) lit. a GDPR), this will be shown accordingly.

 

4 Legal basis of our data processing

The processing of personal data may be based on various legal grounds. If we need your data to honor a contract with you or to respond to inquiries from you regarding a contract, the legal basis for this data processing is Art. 6 (1) s. 1 lit. b GDPR.

If we obtain your consent for certain data processing, the legal basis is Art. 6 (1). s. 1 lit. a GDPR. We carry out some data processing on the basis of our legitimate interest, always weighing your interests worthy of protection against our legitimate interests. The legal basis is Art. 6 (1) lit. f GDPR. Insofar as the processing is necessary for the fulfillment of a legal obligation to which we are subject, the legal basis is Art. 6 (1) s. 1 lit. c GDPR.

We explain below how we process personal data via our website.

 

5 Cookies

Our website uses cookies. Cookies are files that are placed on your computer by a website you visit and allow your browser to be reassigned. Cookies transmit information to the entity that sets the cookie. Cookies can store various information, such as your language setting, the duration of your visit to our website or the entries you have made there. This ensures, for example, that you do not have to re-enter required form data each time you use it. The information stored in cookies can also be used to identify preferences and target content according to areas of interest.

There are different types of cookies: Session cookies are sets of data that are only temporarily held in memory and are deleted when you close your browser. Permanent or persistent cookies are automatically deleted after a predefined duration, which may differ depending on the cookie. With this type of cookies, the information can also be stored on your computer in text files. You can, however, also delete these cookies at any time via your browser settings.

First-party cookies are set by the website you are currently visiting. Only this website is allowed to read information from these cookies. Third-party cookies are set by organizations that are not operators of the website you are visiting. These cookies are used by marketing companies, for example.

The legal basis for possible processing of personal data by means of cookies and their storage period may vary. If you have given us your consent, the legal basis is Art. 6 (1) s. 1 lit. a GDPR. Insofar as the data processing is based on our overriding legitimate interests, the legal basis is Art. 6 (1) s. 1 lit. f GDPR. The stated purpose then corresponds to our legitimate interest.

We use cookies to ensure the proper operation of the website, to provide basic functionality, to measure reach and, with your consent, to tailor our services to preferred areas of interest.

You can delete cookies already stored on your mobile device at any time. If you want to prevent cookies from being stored, you can do so via the settings in your Internet browser. You can find instructions for popular browsers here: Internet Explorer, Firefox, Google Chrome, Google Chrome mobile, Microsoft Edge, Safari, Safari mobile. Alternatively, you can also install so-called ad blockers. Please note that individual functions of our website may not work if you have disabled the use of cookies.

When accessing our website, all users of our website are also informed by an information banner about our use of cookies and referred to this privacy policy. Here, as a user, you will also be asked for your consent to the use of certain cookies, in particular those relevant for the personalization of services and for marketing measures. Once you have given your consent, you can revoke it at any time with future effect by calling up the cookie administration via the icon (fingerprint) in the bottom left-hand corner of each page and unchecking the box next to processing to which you had consented. In the cookie manager you can also find more information about the cookies we use.

 

5.1 Usercentrics

We use the Usercentrics service to manage consent on our website. Usercentrics is software produced by Usercentrics GmbH, Rosental 4, 80331 Munich, Germany.

Usercentrics identifies the language used by your browser. They set a cookie to check whether you have already made a selection in our consent tool on a previous visit to our website. This cookie is necessary because it allows the website to recognize whether you have consented to tracking or not. Usercentrics also creates a log file in order to be able to prove that consent has been given. This file contains the IP address in anonymized form, information about the browser that was used, data about the scope of consent, and the date and time of the visit.

The legal basis for the processing is our legitimate interest pursuant to Art. 6 (1) s. 1 lit. f GDPR.

The purpose of data processing is a user-friendly and legally compliant design of our website. We want to make it as easy as possible for you to give or withdraw consent and to increase the transparency of data processing using cookies, pixels, tags or similar on our website. Our legitimate interest also lies in the purpose of processing data.

The cookie containing your consent or refusal to use cookies is stored on your device for one year. Consent data (consent given and consent revoked) will be retained for three years.

Cookies are stored on the user’s computer and transmitted from it to our site. Therefore, as a user, you also have full control over the use of cookies. By changing the settings of your Internet browser, you can disable or restrict the transfer of cookies. You can delete cookies that have already been saved at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.

 

5.2 Website analysis

To analyze and optimize our websites, we use various services described below. We use these services to analyze how many users visit our site, what information is most in demand, or how users find an offer. We also record data on which Internet page a user came to our website from (so-called referrer), which sub-pages of the Internet page were accessed or how often and for how long a sub-page was viewed. This helps us to design our offers in a user-friendly way, to find errors and to improve our offers.

 

5.2.1 Matomo

On our website, we use the open source web analytics software Matomo, a software of “InnoCraft Ltd”, a company located at 150 Willis St, 6011 Wellington, New Zealand. Since InnoCraft is located outside the EU, InnoCraft has appointed a representative in the EU (). The software is operated exclusively from our own servers.

They use cookies, to analyze the use of the website. For this purpose, the usage information collected in the cookie (including your shortened IP address) is transmitted to our server and stored for usage analysis purposes. Matomo does not transmit data to servers that are outside of our control. Your IP address is immediately anonymized during this process, so that you as a user are not identifiable to us. We do not share the information we collect about your use of this website with third parties. We use the collected data for statistical analysis of user behavior for the purpose of optimizing the functionality and stability of the website and for marketing purposes. Our interest in and purpose of data processing is to optimize our website, to adapt the content and to improve our offer. The user's interests are sufficiently protected by making the data anonymous.

We store the analysis data only as long as necessary for data processing purposes, but no longer than 14 months.

The legal basis for the described data processing is our legitimate interest pursuant to Art. 6 (1) s. 1 lit. a GDPR. Once you have given your consent, you can revoke it at any time with future effect by changing your selection in the cookie settings (see section 5 Cookies above). Alternatively, you can delete your cookies (all or only from this website). You will then see the banner with the options again.

 

5.2.2 Google Analytics

This website uses Google Analytics, a web analysis service of Google LLC, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The responsible entity for users in the EU/ EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. The use includes running Universal Analytics. This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and thereby analyze a user's activities across devices. 

Google Analytics uses cookies that enable an analysis of your use of the website. The information about your use of this website created by the cookie is usually transmitted to a server of Google in the US and saved there. However, due to the activation of IP anonymization on this website, your IP address will be shortened by Google within Member States of the European Union or in other states party to the Agreement on the European Economic Area. The complete IP address is transmitted to a server of Google in the US and shortened there only in exceptional cases. 

Insofar as data is processed outside the EU/ EEA, we have concluded the standard data protection clauses adopted by the EU Commission in accordance with Art. 46 GDPR with the service provider in order to establish a secure level of data protection; these clauses permit the transfer of personal data to a third country in individual cases.

The IP address that is transmitted by your browser within the frame of Google Analytics is not combined with other data of Google. On behalf of the operator of this website, Google will use such information for analyzing your use of the website, for compiling reports about the website activities and for rendering additional services that are related to the website use and internet use toward the website operator.

The data sent by us and linked to cookies or user IDs (e.g. user ID) are automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month.

The legal basis for the described data processing is our legitimate interest pursuant to Art. 6 (1) s. 1 lit. a GDPR. Once you have given your consent, you can revoke it at any time with future effect by changing your selection in the cookie settings (see section 5 Cookies above). Alternatively, you can delete your cookies (all or only from this website). You will then see the banner with the options again.

For more information on the terms of use of Google Analytics and on data protection at Google, please visit https://marketingplatform.google.com/about/analytics/terms/us/ or https://policies.google.com/?hl=en.

 

5.3 Advertising

We use cookies for marketing purposes to target our users with advertising tailored to their interests. In addition, we use cookies to limit the likelihood of an ad being shown and to measure the effectiveness of our advertising efforts. This information may also be shared with third parties, such as ad networks. The legal basis for this is Art. 6 (1) s. 1 lit. a GDPR.

 

5.3.1 HubSpot

This website uses HubSpot for online marketing activities. HubSpot is a software company from the USA with a branch in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland.

HubSpot offers an integrated software solution that covers various aspects of online marketing. These include e-mail marketing, social media publishing & reporting, contact management, landing pages and contact forms. Cookies are also stored on the device you are using.

Our sign-up service allows visitors to our website to learn more about our company, download content, and provide their contact information and other demographic information. This information as well as the content of our website is stored on servers of our software partner HubSpot. We can use them to contact visitors to our website and to determine which of our company's services are of interest to them. All information we collect is subject to this privacy policy. We use all collected information exclusively to optimize our marketing measures. You can find HubSpot's privacy policy at: https://legal.hubspot.com/privacy-policy.

Insofar as data is processed outside the EU/ EEA, we have concluded the standard data protection clauses adopted by the EU Commission in accordance with Art. 46 GDPR with the service provider in order to establish a secure level of data protection; these clauses permit the transfer of personal data to a third country in individual cases.

For more information from HubSpot regarding EU data protection regulations, please visit: https://legal.hubspot.com/data-privacy

You can find more information about the cookies used by HubSpot here and here.

The legal basis for the described data processing is our legitimate interest pursuant to Art. 6 (1) s. 1 lit. a GDPR. Once you have given your consent, you can revoke it at any time with future effect by changing your selection in the cookie settings (see section 5 Cookies above). Alternatively, you can delete your cookies (all or only from this website). You will then see the banner with the options again.

You can unsubscribe from e-mails sent by HubSpot via a link in the respective e-mail.

 

5.3.2 Google Ads, remarketing and conversion tracking

We use the service Google Ads. Google Ads is an online advertising program of Google LLC, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The responsible entity for users in the EU/ EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

This means we run Google Ads and also use Google remarketing and conversion tracking as part of this. The ads are displayed after search queries on web pages of the Google advertising network. In addition, we use ads remarketing lists for search ads. This allows us to customize search ad campaigns for users who have visited our website before. These services help us to combine our ads with certain search terms or to display ads for previous visitors, for example, advertising services that the visitors have viewed on our website. As a result, we can display interest-based advertising to users of our website on other websites within the Google advertising network (as a “Google Ad” within “Google Search” or on other websites).

For interest-based offers, we need to analyze online user behavior. Google uses cookies to perform this analysis. When clicking on an ad or visiting our website, Google sets a cookie on the user's computer. These cookies last for 90 days. The information collected by the respective cookie is used to target the visitor in a subsequent search query. For further information on the cookie technology used, please also see Google's notes on website statistics and the privacy policy. With the help of this technology, Google and we as a customer receive information that a user has clicked on an ad and been redirected to our websites. We only use the information obtained this way to analyze statistics and optimize advertisements We do not receive information that personally identifies visitors. Your IP address will be transmitted to Google, but since we use Google Analytics IP masking on this website, your IP address will be anonymized.

Log data is anonymized after 9 months, and cookie information is anonymized after 18 months.

The statistics provided to us by Google include the total number of users who clicked on one of our ads and, if applicable, whether they were redirected to a page on our website that was tagged with a conversion tag. Based on these statistics, we can track which search terms were clicked on our ad particularly often and which ads lead to users contacting us via the contact form.

You can find more information on data protection in the context of Google Ads at: https://policies.google.com/technologies/ads?hl=en-GB.

Insofar as data is processed outside the EU/ EEA, we have concluded the standard data protection clauses adopted by the EU Commission in accordance with Art. 46 GDPR with the service provider in order to establish a secure level of data protection; these clauses permit the transfer of personal data to a third country in individual cases.

The legal basis for the described data processing is our legitimate interest pursuant to Art. 6 (1) s. 1 lit. a GDPR. Once you have given your consent, you can revoke it at any time with future effect by changing your selection in the cookie settings (see section 5 Cookies above). Alternatively, you can delete your cookies (all or only from this website). You will then see the banner with the options again.

You can also select the types of Google ads or disable interest-based ads on Google via the ads setting (https://adssettings.google.com/authenticated?hl=en-GB).

 

5.3.3 Facebook custom audiences / conversion tracking pixels

In the context of usage-based online advertising, we use the Custom Audiences service of Facebook Inc. (1601 S. California Avenue, Palo Alto, CA 94304, USA). For us (as a company from the EU), the processor is also Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

In the context of usage-based online advertising via Custom Audiences, we define target groups of users in the Facebook Ads Manager based on certain characteristics; these groups will subsequently be shown ads within the Facebook network. Users are selected by Facebook based on the profile information they provide and other data provided through their use of Facebook. If a user clicks on an advertisement and subsequently arrives on our website, Facebook receives the information that the user has clicked on the advertising banner via the Facebook pixel embedded on our website.

Basically, a non-reversible and non-personal checksum (hash value) is generated from your usage data, which is transmitted to Facebook for analysis and marketing purposes. Facebook will set a cookie in the process. This cookie collects information about your activities on our website (e.g. surfing behavior, subpages visited, etc.). Your IP address is also stored and used for the geographic targeting of advertising.

We do not use Facebook Custom Audiences via the customer list, nor do we use the “advanced matching” function.

For more information about the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your settings options for protecting your privacy, please refer to Facebook's privacy policy. You can change the settings for which ads are displayed to you on Facebook under this link and in the Facebook account settings.

The legal basis for the described data processing is our legitimate interest pursuant to Art. 6 (1) s. 1 lit. a GDPR. Once you have given your consent, you can revoke it at any time with future effect by changing your selection in the cookie settings (see section 5 Cookies above). Alternatively, you can delete your cookies (all or only from this website). You will then see the banner with the options again.

Insofar as you consent to the data processing described, Facebook will of course also have access to your data. In particular, it is possible that Facebook Inc, 1601 Willow Road, Menlo Park, California 94025, USA, in addition to Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland has access to your data. Facebook Inc. is located in an insecure third country where the level of data protection is lower.

Facebook has made available online a “Facebook European Data Transfer Addendum” since 31/08/2020, which is intended to incorporate the standard contractual clauses in cases where Facebook Ireland Limited processes data from the EU/ EEA as a processor and transfers it to Facebook Inc. as a sub-processor.

For more information about Facebook's Custom Audiences service, please visit: https://en-gb.facebook.com/business/help/1711863145774142.

You can disable the “Facebook Custom Audiences” function for logged-in users at https://www.facebook.com/settings/?tab=ads#_.

 

5.3.4 LinkedIn Ads / conversion tracking (pixels)

We use the LinkedIn conversion tracking service of LinkedIn Corporation, 1000 W Maude Ave, Sunnyvale, CA, 94085-2810 USA as part of the evaluation of our online advertising. The responsible entity for users in the EU/ EEA and Switzerland is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

For this purpose, we define target groups of users based on certain characteristics in LinkedIn Campaign Manager, who are subsequently shown ads within LinkedIn's network. Users are selected by LinkedIn based on the profile information they provide as well as other data provided when using LinkedIn. If a user clicks on an advertisement and subsequently arrives on our website, LinkedIn receives the information that the user has clicked on the advertising banner via the conversion tag embedded on our website.

This way, the LinkedIn tag enables the collection of the following data:

  • visited website, including the URL,
  • referrers
  • IP address
  • device and browser properties (User Agent)
  • and timestamp.

The IP addresses are shortened or (in the case of cross-device use) hashed by LinkedIn. The direct identifiers of the members are removed within 7 days for pseudonymization of the data. The remaining pseudonymous data is then deleted within 180 days.

LinkedIn does not share the personal data with us as the website operator but only provides us with reports and notifications (which do not identify the user) about website visits and ad performance. LinkedIn also offers so-called retargeting, which allows us, as a website operator, to show personalized ads outside of our website using this data without identifying individual members. Data that does not identify you is also used to improve ad relevance and reach LinkedIn members across devices. LinkedIn members can manage the use of their personal data for advertising purposes in their account settings. LinkedIn refers to the following link to customize advertising preferences: https://www.linkedin.com/psettings/advertising/actions-that-showed-interest.

We process this data to evaluate our advertising campaigns. The legal basis for processing is your consent in accordance with Art. 6 (1) lit. a GDPR. Without your consent via our consent tool, we do not process any data for LinkedIn conversion tracking. Once you have given your consent, you can revoke it at any time with future effect by changing your selection in the cookie settings (see section 5 Cookies above).

As part of LinkedIn conversion tracking, LinkedIn naturally has access to the listed data. In particular, it is possible that in addition to LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, LinkedIn Corporation, 1000 W Maude Ave, Sunnyvale, CA, 94085-2810 USA may also have access to your data.

Insofar as data is processed outside the EU/ EEA, we have concluded the standard data protection clauses adopted by the EU Commission in accordance with Art. 46 GDPR with the service provider in order to establish a secure level of data protection; these clauses permit the transfer of personal data to a third country in individual cases.

For more information about the purpose and scope of the collected data and the further processing and use of the data by LinkedIn, as well as your settings options for protecting your privacy, please also refer to LinkedIn’s privacy policy.

For more information on LinkedIn Conversion Tracking, please visit: https://www.linkedin.com/help/lms/answer/a425606/set-up-linkedin-conversion-tracking?lang=en.

For more information on data processing and storage duration, please visit https://www.linkedin.com/help/linkedin/answer/a427660?lang=en.


5.3.5 Twitter advertising

We use services of Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA on our website. The responsible company for handling data subject rights within the EU/ EEA is Twitter International Company, Attn: Data Protection Officer, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland.

Twitter Ads allows us to collect data from users who visit our website. We use cookies and code that connect the website to another third-party platform such as Twitter. A checksum (hash value) is generated from your usage data and transmitted to Twitter for analysis and marketing purposes. In addition, we use a so-called “Twitter pixel”, which can be used to track the actions of users after they have seen or clicked on a Twitter advertisement.

We record user behavior, such as websites visited, content retrieved, time of visit, etc., as well as device-related data, such as applications and operating systems used. The user's IP address is stored and used for relevant geographical advertising. In “cross-device personalization”, Twitter also tries to identify and link all of a user’s devices. Since Twitter stores and processes the data, a connection to the respective user profile on twitter.com is also possible.

The legal basis for the described data processing is our legitimate interest pursuant to Art. 6 (1) s. 1 lit. a GDPR. Once you have given your consent, you can revoke it at any time with future effect by changing your selection in the cookie settings (see section 5 Cookies above). Alternatively, you can delete your cookies (all or only from this website). You will then see the banner with the options again.

In the course of processing, the data may be transmitted to a server of Twitter Inc. in the USA. Insofar as data is processed outside the EU/ EEA, we have concluded the standard data protection clauses adopted by the EU Commission in accordance with Art. 46 GDPR with the service provider in order to establish a secure level of data protection; these clauses permit the transfer of personal data to a third country in individual cases.

The data collected in this way will be deleted within 6 months. Data that makes it possible to identify a specific user on Twitter is deleted within 90 days. For more information on the duration of storage, please contact Twitter or visit https://legal.twitter.com/ads-terms/international.html.

For more information about the purpose and scope of data collection and the further processing and use of the data, as well as about possible privacy settings on Twitter, please refer to Twitter's privacy policy: https://twitter.com/en/privacy.

 

6 Google Tag Manager

For transparency reasons, we would like to point out that we use the Google Tag Manager of the provider Google Ireland Limited (registration number: 368047), Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager itself does not collect any personal data. Google Tag Manager makes it easy for us to integrate and manage our tags. Tags are small pieces of code used to measure traffic and visitor behavior, track the impact of online advertising and social channels, set up remarketing and audience targeting, and test and optimize websites, among other things. We use the Tag Manager for the Google Analytics service. If you have disabled it, this disabling will be taken into account by Google Tag Manager. For more information on Google Tag Manager, please see: https://www.google.com/intl/de/tagmanager/use-policy.html.

 

7 Register and participate in our webinars

You can register for our webinars.

Personal data that must be provided is marked as mandatory in the respective registration form; any additional information is voluntary.

If we do not know your e-mail address yet, i.e. you have not yet verified your e-mail address to us and we cannot sufficiently identify you when you register, we use the so-called double opt-in procedure for registration. This means that your registration is not complete until you have clicked on the link in a confirmation e-mail sent to you for this purpose. If you do not confirm in a timely manner, your registration will be deleted from our database. After successful registration you will receive your personal access to the webinar.

Furthermore, we store your IP addresses and the times of registration and confirmation each time you register and confirm. The purpose of the procedure is to be able to prove your registration as part of our accountability obligations and, if necessary, to clarify any possible misuse of your personal data. Based on the fulfillment of accountability, in accordance with Art. 6 (1) lit. f GDPR, we have a legitimate interest in processing the data of the double opt-in procedure.

For registration, we regularly collect, store and process the following personal data:

Data

Purpose of processing

Legal basis of processing

Duration of storage

IP address at registration

Proof of double opt-in (DOI)

Legitimate interest

3 years or in case of later objection

Date of registration

Proof of double opt-in

Legitimate interest

3 years or in case of later objection

IP address at double opt-in

Proof of double opt-in

Legitimate interest

3 years or in case of later objection

Time of double opt-in verification

Proof of double opt-in

Legitimate interest

3 years or in case of later objection

E-mail address

Sending the participation link, answering questions

Legitimate interest

3 years or in case of later objection

Form of address

Direct approach

Legitimate interest

3 years or in case of later objection

First name

Direct address, attendance check

Legitimate interest

3 years or in case of later objection

Last name

Direct address, attendance check

Legitimate interest

3 years or in case of later objection

Zip code

Possibility of direct advertising

Legitimate interest

3 years or in case of later objection

Address

Possibility of direct advertising

Legitimate interest

3 years or in case of later objection

Telephone number

Possibility of direct advertising

Legitimate interest

3 years or in case of later objection

Company

Possibility of direct advertising

Legitimate interest

3 years or in case of later objection

Country

Possibility of direct advertising

Legitimate interest

3 years or in case of later objection

Personal data that must be provided is marked as mandatory in the respective registration form; any additional information is voluntary.

In order to conduct our webinars via the Internet, we use the software solution GoToWebinar from the provider LogMeIn Ireland Limited (Bloodstone Building Block C70 Sir John Rogerson's Quay Dublin 2, Ireland). As part of the registration process, personal data is also transmitted to the service provider, who, as our order processor, may only use your data on an order-related basis for the purpose of conducting the webinar.

Unless you have expressly given us your consent to use your data for further promotional purposes, we will use it exclusively within the scope of the purposes outlined for the purpose of the webinar; the legal basis for this is Art. 6 (1) p. 1 lit. b GDPR. A transport-encrypted connection is established between you and GoToWebinar. Anonymous statistical data is collected during and after the webinar. We receive information about the duration of participation, joining and leaving times, questions asked and answers given in addition to your registration data for the purpose of further customer support.

You can find more information and LogMeIn’s privacy policy here.

 

8 Surveys

For survey purposes, we use the software “SurveyMonkey” of the provider SurveyMonkey Europe UC, 2nd Floor, 2 Shelbourne Buildings, Shelbourne Road, Dublin, Ireland. For this purpose, so-called “cookies” are used, which are stored on the device of the person concerned. These cookies are used to ensure that the survey service is fully operable and that the surveys run as intended and in the best possible way.

Further information on data processing by the provider can be found at https://www.surveymonkey.com/mp/legal/privacy/.

During this process, different data is transmitted to the service provider (IP address, operating system, device type, browser type). If you participate in the survey through a mobile device, SurveyMonkey also collects the device's UUID. In addition, SurveyMonkey uses third-party tracking services to collect usage data and user statistics. We have no influence on the scope of the data collected by SurveyMonkey. For more information about the cookies used by the provider, see: https://help.surveymonkey.com/articles/en_US/kb/legal-center-pages.

SurveyMonkey Europe UC is a subsidiary of SurveyMonkey Inc. based in the USA. In this respect, it cannot be ruled out that the information generated by the cookie is transmitted to a server of the provider in the USA and stored there in order to perform the analysis. Insofar as data is processed outside the EU/ EEA, we have concluded the standard data protection clauses adopted by the EU Commission in accordance with Art. 46 GDPR with the service provider in order to establish a secure level of data protection; these clauses permit the transfer of personal data to a third country in individual cases.

Personal data will be deleted as soon as the data is no longer required for the purpose for which it was collected, which is no later than 3 months after the survey has been completed. The legal basis for the data processing within the scope of the survey is your consent within the meaning of Art. 6 (1) s. 1 lit. a GDPR.

Please note that you may refuse the use of cookies by selecting the appropriate settings on your browser. You can also delete existing cookies. However, we would like to point out that in this case not all functions of this website can be used to their full extent.

 

9 Newsletter

9.1 General information

You can subscribe to various newsletters on our website; we use these to inform you about our company’s activities, current information about our services, special offers, promotions, events and competitions, and to invite you to take part in surveys. The content of each newsletter is briefly described during registration. The legal basis for sending the respective newsletter is your consent according to Art. 6 (1) s. 1 lit. a GDPR in conjunction with section 7 (2) no. 3 of the German Act against Unfair Competition (Gesetz gegen den unlauteren Wettbewerb, UWG) or the legal permission in accordance with section 7 (3) UWG.

For registration to our newsletters we use the so-called double-opt-in procedure. This means that after your registration, we will send you an e-mail to the e-mail address you provided, in which we will ask you to confirm that you wish to receive the newsletter. If you do not confirm in a timely manner, your registration will be deleted from our database.

The only mandatory information for sending the newsletter is your e-mail address. The provision of further data is voluntary: This data is used to be able to address you personally. Once you have confirmed, we will store your e-mail address for the purpose of sending you the newsletter and until you revoke it. We also store your current IP address at the time of registration, the time of registration and the confirmation for up to three years after registration (statute of limitations). The purpose of this procedure is to be able to prove your registration in case of doubt and, if necessary, to clarify any misuse of your personal data. The legal basis for logging the registration is our legitimate interest in accordance with Art. 6 (1) s. 1 lit. f GDPR in proving that consent was previously given, see also Art. 7 (1) GDPR.

You can revoke your consent to receive the newsletter and unsubscribe at any time. You can revoke your consent by clicking on the link provided in every newsletter e-mail.

Name of newsletter provider

Type of service provider

Data transfer to third country

Third country

Guarantees pursuant to Art. 44 et seq. GDPR

HubSpot, Inc., Cambridge, MA 02141, USA

Processor

YES

USA

EU standard contractual clauses

Data

Purpose of processing

Legal basis of processing

Duration of storage

IP address at registration

Proof of double opt-in (DOI)

Legitimate interest

up to 3 years after revocation/ objection

Date of registration

Proof of double opt-in

Legitimate interest

up to 3 years after revocation/ objection

IP address at double opt-in

Proof of double opt-in

Legitimate interest

up to 3 years after revocation/ objection

Time of double opt-in verification

Proof of double opt-in

Legitimate interest

up to 3 years after revocation/ objection

E-mail address

Newsletter dispatch

Consent

until revocation/ objection

Form of address*

Direct approach

Consent

until revocation/ objection

First name*

Direct approach

Consent

until revocation/ objection

Last name*

Direct approach

Consent

until revocation/ objection

* voluntary information

 

9.2 Newsletter tracking

We would like to point out that we evaluate your user behavior when sending the newsletter. For this evaluation, the e-mails sent contain so-called web beacons or tracking pixels that are stored on our website. This means that technical information such as browser type, time of opening and IP address are transmitted. For the evaluations, we link the aforementioned data and the web beacons with your e-mail address and an individual ID. Links received in the newsletter also contain this ID and allow us to analyze your click behavior.

With the data obtained in this way, we create a user profile in order to tailor the newsletter to your individual interests. We record when you read our newsletters, which links you click on in them and infer your personal interests accordingly. We link this data to your activities on our website. The legal basis for this data processing is your consent, Art. 6 (1) s. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by clicking the separate link provided in each e-mail.

You can revoke your consent at any time with effect for the future. Revocation in this case includes the entire newsletter, for technical reasons, tracking cannot be revoked separately. To do so, simply click the unsubscribe link provided in each e-mail.

Furthermore, tracking the opening of the newsletter is not possible if you have deactivated the display of images by default in your e-mail program. In this case, the newsletter will not be displayed to you in full and you may not be able to use all of its features. Tracking as mentioned above takes place when you display the images manually. However, if you click on links from the newsletter, your click behavior will still be analyzed, even if the display of images is disabled.

The tracking information is stored for as long as you are subscribed to the newsletter. Once you unsubscribe, the data is anonymized and used for purely statistical purposes.

We store the data you provide for the purpose of receiving the newsletter until you unsubscribe from the newsletter and delete it after you unsubscribe. Data stored by us for other purposes remains unaffected by this.

Data

Purpose of processing

Legal basis of processing

Duration of storage

IP address

Connection setup with e-mail evaluation tool

Consent

Until revocation

Personalized link

Measurement of click behavior

Consent

until revocation

Opening pixel

Measurement of opening behavior

Consent

until revocation

 

10 Direct advertising permission pursuant to 7 (3) of the German Act against Unfair Competition (Gesetz gegen den unlauteren Wettbewerb, UWG)

If you purchase a product or service from ALLPLAN, we use the e-mail address collected for direct advertising of our own and similar products and/or services, such as current product versions and helpful additional options. If you no longer wish to receive direct advertising, you can object to the use of your e-mail address at any time. For this purpose, there is a corresponding link in each newsletter.

Data

Purpose of processing

Legal basis of processing

Duration of storage

E-mail address

Contact for direct advertising

Possibility of direct advertising in accordance with UWG

until revocation / discontinuation of the legal requirements

Form of address

Contact for direct advertising

Possibility of direct advertising in accordance with UWG

until revocation / discontinuation of the legal requirements

First name

Contact for direct advertising

Possibility of direct advertising in accordance with UWG

until revocation / discontinuation of the legal requirements

Last name

Contact for direct advertising

Possibility of direct advertising in accordance with UWG

until revocation / discontinuation of the legal requirements

 

11 Postal advertising / print mailing

For postal advertising (print mailings), we use personal data of our existing customers and of interested parties (first and last name, title if applicable, function in the company, address) for the purpose of direct advertising to inform them about our products and/or services.

The legal basis for the processing is your consent according to Art. 6 (1) s. 1 lit. a GDPR, if you have given it. If we are legally entitled to use your personal data for the aforementioned advertising purposes, the legal basis for the processing of your data is Art. 6 (1) s. 1 lit. f GDPR, our so-called legitimate interest to use the data for advertising purposes. From our point of view, our interests in advertising use predominate if this is permissible within the narrow legal limits, in particular those of the UWG.

Your data will be deleted as soon as it is no longer required for the purpose for which it was collected, generally after 2 years from the last time it was used by us, unless its further processing is required to comply with retention obligations under commercial and tax law (e.g. retention periods under the German Commercial Code (HGB) or the German Fiscal Code (AO)) or to preserve evidence within the scope of statutory limitation provisions (e.g. the German Civil Code (BGB).

The personal data we process is data that we have received from our customers, service providers and suppliers themselves. In addition, data also comes from publicly accessible sources (Internet), such as membership registers and directories on websites of engineering chambers and industry associations.

 

12 Contact us by e-mail or contact form

When you contact us by e-mail or via various contact forms, the data you provide (your e-mail address, name and telephone number, if applicable) will be stored by us in order to answer your questions and process your requests. The legal basis for this is Art. 6 (1) s. 1 lit. f GDPR. Insofar as we request input via our contact form that is not required for contacting us, we have always marked this as optional. This information is used to specify your request and to improve the processing of your request. This information is provided expressly on a voluntary basis and with your consent, Art. 6 (1) lit. a GDPR. Insofar as this involves information on communication channels (e.g. e-mail address, telephone number), you also consent to us contacting you via this communication channel, if necessary, to respond to your request. Of course, you can revoke this consent at any time for the future.

Your data, which we have received in the course of contacting you, will be deleted as soon as it is no longer required to achieve the purpose for which it was collected, your request has been fully processed and no further communication with you is necessary or desired by you.

As the controller, our company has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, Internet-based data transmissions can always have security gaps. Absolute protection cannot be guaranteed; in any case, sending unencrypted e-mails is not secure. We therefore ask you not to send sensitive data by unencrypted e-mail, but to use either encrypted communication channels (e.g. our contact form) or the postal service.

 

13 Applications

You can apply to our company electronically via e-mail. Please note that unencrypted e-mails transmitted are not access-protected.

Your information will be used for the processing of your application and the decision on the establishment of an employment relationship. This is based on section 26 (1) in conjunction with section 8 (2) of the German Data Protection Act (BDSG). Furthermore, your personal data may be processed insofar as this is necessary for the defense of asserted legal claims against us arising from the application process. The legal basis for this is Art. 6 (1) s.1 lit. f GDPR. The stated purposes also constitute the legitimate interest in the processing.

Insofar as an employment relationship arises between you and us, we may, in accordance with section 26 (1) BDSG, further process the personal data already received from you for the purposes of the employment relationship if this is necessary for the performance or termination of the employment relationship or for the exercise or fulfillment of the rights and obligations of the employee representative body resulting from a law or a collective agreement, a works agreement or a service agreement (collective agreement).

Your application data will not be processed beyond the described use.

After completion of the application process, your personal data will be deleted after 6 months at the latest, unless there are other legitimate interests on our part that prevent deletion or you have given us permission to store it for a longer period. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Act on Equal Treatment (AGG.

For more information on how we handle your personal data, please refer to our applicant information.

 

14 Data transfer

Your personal data will not be transferred to third parties for purposes other than those listed.

We will only share your personal information with third parties if:

  • you have given your express consent to this,
  • the disclosure is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
  • there is a legal obligation for the disclosure, and
  • this is legally permissible and necessary for the processing of contractual relationships with you.

External service providers and partner companies receive your data only to the extent necessary to process your order. In these cases, however, the scope of the data transmitted is limited to the minimum required. Insofar as our service providers come into contact with your personal data, we ensure within the framework of commissioned processing pursuant to Art. 28 DSGVO that they comply with the provisions of the data protection laws in the same manner. Please also note the respective privacy notices of the providers. The respective service provider is responsible for the content of third-party services, whereby we check the services for compliance with the legal requirements within the scope of reasonableness.

We consider it important to process your data within the EU/ EEA. However, we may sometimes use service providers who process data outside the EU/ EEA. In these cases, we ensure that an adequate level of data protection is established at the recipient before transferring your personal data. This means that via EU standard contracts or an adequacy decision of the European Commission, a level of data protection is achieved that is comparable to the standards within the EU.

In the event of data transfer outside the European Union, the high European level of data protection does generally not exist. In the case of a transfer, it may be that there is currently no adequacy decision by the EU Commission within the meaning of Article 45 (1), (3) GDPR. This means that the EU Commission has not yet positively determined that the country-specific level of data protection corresponds to the level of data protection in the European Union based on the GDPR; therefore, we have put in place the aforementioned appropriate guarantees.

Possible risks that may not be completely excluded in connection with the transfer of data include, in particular:

  • Your personal data could possibly be processed beyond the actual purpose.
  • In addition, there is the possibility that you may not be able to assert and enforce your rights under data protection law, such as your right to information, correction, deletion or data portability, in the long term.
  • There may also be a higher probability that incorrect data processing may occur and that the protection of personal data does not fully comply with the requirements of the GDPR in terms of quantity and quality.

 

15 Data security

Your personal data is transferred securely at ALLPLAN using encryption. This applies to all form processes (including registration, login, ordering). ALLPLAN uses the SSL/TLS (Secure Socket Layer/Transport Layer Security) coding system. It is true that no one can guarantee absolute protection. However, ALLPLAN secures its website and other systems against loss, destruction, access, modification or distribution of your data by unauthorized persons by means of technical and organizational measures. We regularly review our security measures and adapt them to technological progress.

 

16 Your rights

You have the following rights with respect to us regarding personal data concerning you:

 

16.1 Basic permissions

You have a right to information, correction, deletion, restriction of processing, objection to processing and data portability. Insofar as processing is based on your consent, you have the right to revoke this consent with effect for the future.

To exercise your rights, please contact us by e-mail at or by mail at ALLPLAN Inc., 3401 Village Dr #110, Lincoln, Nebraska 68516, USA. The exercise of your rights described in this point is free of charge for you.

 

16.2 Rights in data processing according to the legitimate interest

Pursuant to Article 21 (1) GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6 (1) s. 1 lit. e GDPR (data processing in the public interest) or on the basis of Article 6 (1) s.1 lit. f GDPR (data processing for the purposes of safeguarding a legitimate interest); this also applies to profiling based on this provision. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.

 

16.3 Rights in case of direct advertising

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing pursuant to Art. 21 (2) DSGVO; this also applies to profiling, insofar as it is associated with such direct advertising.

In the event of your objection to processing for the purpose of direct advertising, we will no longer process your personal data for these purposes.

 

16.4 Right to complain to a supervisory authority

Without prejudice to these rights and the possibility of seeking any other administrative or judicial remedy, you may at any time exercise your right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes data protection law (Article 77 GDPR).

The supervisory authority responsible for us is:

Bayerisches Landesamt für Datenschutzaufsicht
Promenade 27 (Schloss)
D-91522 Ansbach
Germany

 

17 Links to other websites

Our websites may contain links to websites of other providers. We would like to point out that this information on data protection applies exclusively to the website www.allplan.com. We have no influence on and do not control that other providers comply with the applicable data protection regulations.

 

18 Changes to the privacy policy

We reserve the right to change or adapt this information on data protection at any time in compliance with the applicable data protection regulations.

 

As of 3/1/2022