1033-help-privacy

Data protection is a particularly important topic at our company. In the following, we will inform you about the collection of personal data when using our website. Personal data is all data related to you personally, such as name, address, e-mail addresses or user behavior. We have put in place extensive technical and operational safeguards to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. We regularly review our security measures and adapt them to technological progress.

Responsible party pursuant to Art. 4 (7) EU General Data Protection Regulation (GDPR) is

Please contact our data protection officer at dataprotectionofficer@allplan.com or our postal address by adding “data protection officer”.

The processing of personal data can be based on various legal grounds. If we need your data to fulfil a contract with you or to respond to enquiries from you regarding a contract, the legal basis for this data processing is Art. 6 para. 1 p. 1 lit. b GDPR. If we obtain your consent for certain data processing, the legal basis is Art. 6 para. 1 p. 1 lit. a GDPR. We carry out some data processing on the basis of our legitimate interest, whereby a balancing of your interests worthy of protection and our legitimate interests is always carried out. The legal basis for this is Art. 6 (1) sentence 1 lit. f GDPR. If processing is necessary to fulfil a legal obligation to which we are subject, the legal basis is Art. 6 (1) sentence 1 lit. c GDPR.

According to Section 25 TTDSG, the storage of information in the end user's terminal equipment or access to information already stored in the terminal equipment is only permissible if the end user has consented on the basis of clear and comprehensive information, i.e. has consented to the data processing.

For the storage of information on your device or access to information already stored on your device, we therefore obtain your consent in accordance with Section 25 (1) TTDSG and consequently also process purely technical data only after consent.

In our information to you and in obtaining consent, we follow the specifications of the TTDSG in accordance with the design specifications of the GDPR.

According to Section 25 (2) TTDSG, consent is not required in exceptional cases,

If you use the website for informational purposes only, i.e., if you do not register or otherwise transmit information to us (e.g., via a contact form), we collect the following technical information (log file data):

Data	Purpose of processing	Duration of storage
Operating system used	Evaluation by devices in order to ensure an optimized display of the website	The data is deleted in log files for the purpose of operating the website and to protect against misuse in accordance with our security regulations, generally after 30 days
Information about the type of browser and the version used	Evaluation of the browser used in order to optimize our websites for this purpose
The Internet service provider of the user	Evaluation of the Internet service provider
IP address	Display of the website on the respective device
Date and time of access	Ensuring the proper operation of the website
If necessary, manufacturer and type designation of the smartphone, tablet or other end device	Evaluation of device manufacturers and types of mobile devices for statistical purposes
Name of accessed site	Ensuring proper operation of the website
Referrer URL (source URL from which you came to the website)	Ensuring proper operation of the website

The collection of this data is technically necessary in order to display our website to you and to ensure stability and security. We (and our hosting service providers) do not regularly know who is behind an IP address. We do not merge the data listed above with other data.

The legal basis is the legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, as well as § 25 para. 2 no. 2 TTDSG. As part of the balancing of interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, we have considered and weighed up our interest in the provision and your interest in processing your personal data in accordance with data protection regulations. Since the following data is technically necessary for the provision of our service in order to be able to offer you our website and also to ensure stability and security, in particular to offer protection against misuse, we have come to the conclusion that this data - with a state-of-the-art guarantee of data security - must be processed, taking due account of your interest in data protection-compliant processing. If the processing is based on another legal basis (e.g. consent pursuant to Art. 6 para. 1, sentence 1 lit. a GDPR, § 25 para. 1 TTDSG), this will be indicated accordingly.

The processing of personal data may be based on various legal grounds. If we need your data to honor a contract with you or to respond to inquiries from you regarding a contract, the legal basis for this data processing is Art. 6 (1) s. 1 lit. b GDPR.

If we obtain your consent for certain data processing, the legal basis is Art. 6 (1). s. 1 lit. a GDPR. We carry out some data processing on the basis of our legitimate interest, always weighing your interests worthy of protection against our legitimate interests. The legal basis is Art. 6 (1) lit. f GDPR. Insofar as the processing is necessary for the fulfillment of a legal obligation to which we are subject, the legal basis is Art. 6 (1) s. 1 lit. c GDPR.

Our website uses cookies. Cookies are files that are placed on your computer by a website you visit and allow your browser to be reassigned. Cookies transmit information to the entity that sets the cookie. Cookies can store various information, such as your language setting, the duration of your visit to our website or the entries you have made there. This ensures, for example, that you do not have to re-enter required form data each time you use it. The information stored in cookies can also be used to identify preferences and target content according to areas of interest.

There are different types of cookies: Session cookies are sets of data that are only temporarily held in memory and are deleted when you close your browser. Permanent or persistent cookies are automatically deleted after a predefined duration, which may differ depending on the cookie. With this type of cookies, the information can also be stored on your computer in text files. You can, however, also delete these cookies at any time via your browser settings.

First-party cookies are set by the website you are currently visiting. Only this website is allowed to read information from these cookies. Third-party cookies are set by organizations that are not operators of the website you are visiting. These cookies are used by marketing companies, for example.

The legal basis for possible processing of personal data by means of cookies and their storage period may vary. If you have given us your consent, the legal basis is Art. 6 (1) s. 1 lit. a GDPR. Insofar as the data processing is based on our overriding legitimate interests, the legal basis is Art. 6 (1) s. 1 lit. f GDPR. The stated purpose then corresponds to our legitimate interest.

We use cookies to ensure the proper operation of the website, to provide basic functionality, to measure reach and, with your consent, to tailor our services to preferred areas of interest.

You can delete cookies already stored on your mobile device at any time. If you want to prevent cookies from being stored, you can do so via the settings in your Internet browser. You can find instructions for popular browsers here: Internet Explorer, Firefox, Google Chrome, Google Chrome mobile, Microsoft Edge, Safari, Safari mobile. Alternatively, you can also install so-called ad blockers. Please note that individual functions of our website may not work if you have disabled the use of cookies.

When accessing our website, all users of our website are also informed by an information banner about our use of cookies and referred to this privacy policy. Here, as a user, you will also be asked for your consent to the use of certain cookies, in particular those relevant for the personalization of services and for marketing measures. Once you have given your consent, you can revoke it at any time with future effect by calling up the cookie administration via the icon (fingerprint) in the bottom left-hand corner of each page and unchecking the box next to processing to which you had consented. In the cookie manager you can also find more information about the cookies we use.

We use the Usercentrics service to manage consent on our website. Usercentrics is software produced by Usercentrics GmbH, Rosental 4, 80331 Munich, Germany.

Usercentrics identifies the language used by your browser. They set a cookie to check whether you have already made a selection in our consent tool on a previous visit to our website. This cookie is necessary because it allows the website to recognize whether you have consented to tracking or not. Usercentrics also creates a log file in order to be able to prove that consent has been given. This file contains the de-identified IP address, information about the browser that was used, data about the scope of consent, and the date and time of the visit.

The legal basis for the processing is our legitimate interest pursuant to Art. 6 (1) s. 1 lit. f GDPR.

The purpose of data processing is a user-friendly and legally compliant design of our website. We want to make it as easy as possible for you to give or withdraw consent and to increase the transparency of data processing using cookies, pixels, tags or similar on our website. Our legitimate interest also lies in the purpose of processing data.

The cookie containing your consent or refusal to use cookies is stored on your device for one year. Consent data (consent given and consent revoked) will be retained for three years.

Cookies are stored on the user’s computer and transmitted from it to our site. Therefore, as a user, you also have full control over the use of cookies. By changing the settings of your Internet browser, you can disable or restrict the transfer of cookies. You can delete cookies that have already been saved at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.

To analyze and optimize our websites, we use various services described below. We use these services to analyze how many users visit our site, what information is most in demand, or how users find an offer. We also record data on which Internet page a user came to our website from (so-called referrer), which sub-pages of the Internet page were accessed or how often and for how long a sub-page was viewed. This helps us to design our offers in a user-friendly way, to find errors and to improve our offers.

On our website, we use the open source web analytics software Matomo, a software of “InnoCraft Ltd”, a company located at 150 Willis St, 6011 Wellington, New Zealand. Since InnoCraft is located outside the EU, InnoCraft has appointed a representative in the EU (privacy@innocraft.com). The software is operated exclusively from our own servers.

They use cookies, to analyze the use of the website. For this purpose, the usage information collected in the cookie (including your shortened IP address) is transmitted to our server and stored for usage analysis purposes. Matomo does not transmit data to servers that are outside of our control. Your IP address is immediately de-identified during this process, so that you as a user are not identifiable to us. We do not share the information we collect about your use of this website with third parties. We use the collected data for statistical analysis of user behavior for the purpose of optimizing the functionality and stability of the website and for marketing purposes. Our interest in and purpose of data processing is to optimize our website, to adapt the content and to improve our offer. The user's interests are sufficiently protected by de-identifying the data.

We store the analysis data only as long as necessary for data processing purposes, but no longer than 14 months.

The legal basis for the described data processing is our legitimate interest pursuant to Art. 6 (1) s. 1 lit. a GDPR. Once you have given your consent, you can revoke it at any time with future effect by changing your selection in the cookie settings (see section 5 Cookies above). Alternatively, you can delete your cookies (all or only from this website). You will then see the banner with the options again.

If you have given your consent, this website also uses Google Analytics 4, a web analytics service provided by Google LLC. The responsible entity for users in the EU/ EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, (“Google“) Ireland.

Google Analytics 4 uses cookies that analyze how you use our websites. The information about your use of this website created by the cookie is usually transmitted to a server of Google in the U.S. and saved there.

Google Analytics 4 de-identifies IP addresses by default. When de-itentifying your IP address, Google will truncate your IP address within Member States of the European Union or in other countries that are party to the Agreement on the European Economic Area. The complete IP address is transmitted to a server of Google in the U.S. and shortened there only in exceptional cases. The IP address that is transmitted by your browser within the frame of Google Analytics is not combined with other data of Google.

During your website visit, your user behavior is recorded in the form of "events". Such events can include but must not be limited to:

On behalf of Allplan, Google will use this information for the purpose of evaluating your (pseudonymous) use of the website and compiling reports on website activity. The reports provided by Google Analytics are used to analyze the performance of our website and the success of our marketing campaigns.

It cannot be ruled out that U.S. authorities will access the data stored by Google.

Insofar as data is processed outside the EU/EEA and there is no level of data protection corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to establish an appropriate level of data protection. The parent company of Google Ireland, Google LLC, is based in California, U.S. A transmission of data to the U.S. and access by U.S. authorities to the data stored by Google cannot be ruled out. From a data protection perspective, the U.S. is currently considered a third country. You do not have the same rights there as within the EU/EEA. You may not be entitled to any legal remedies against access by authorities.

The data sent by us and linked to cookies is automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month.

The legal basis for this data processing is your consent pursuant to Art. 6 (1) p.1 lit.a GDPR. Once you have given your consent, you can revoke it at any time with future effect by changing your selection in the tracking settings (cf. Cookies above). Alternatively, you can delete your cookies (all or only from this website). You will then see the banner with the options again.

Alternatively, you can prevent the storage of cookies from the outset by selecting the appropriate settings in your browser software. However, if you configure your browser to reject all cookies, you may experience limited functionality on this and other websites. You can also prevent cookies from collecting data relating to your use of the website (including your IP address) and prevent Google from processing this data by

For transparency reasons, we would like to point out that we use the Google Tag Manager of the provider Google Ireland Limited (registration number: 368047), Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager itself does not collect any personal data. Google Tag Manager makes it easy for us to integrate and manage our tags. Tags are small pieces of code used to measure traffic and visitor behavior, track the impact of online advertising and social channels, set up remarketing and audience targeting, and test and optimize websites, among other things. We use the Tag Manager for the Google Analytics service. If you have disabled it, this disabling will be taken into account by Google Tag Manager. For more information on Google Tag Manager, please see: https://www.google.com/intl/de/tagmanager/use-policy.html.

Your personal data will not be transferred to third parties for purposes other than those listed.

External service providers and partner companies receive your data only to the extent necessary to process your order. In these cases, however, the scope of the data transmitted is limited to the minimum required. Insofar as our service providers come into contact with your personal data, we ensure within the framework of commissioned processing pursuant to Art. 28 DSGVO that they comply with the provisions of the data protection laws in the same manner. Please also note the respective privacy notices of the providers. The respective service provider is responsible for the content of third-party services, whereby we check the services for compliance with the legal requirements within the scope of reasonableness.

We consider it important to process your data within the EU/ EEA. However, we may sometimes use service providers who process data outside the EU/ EEA. In these cases, we ensure that an adequate level of data protection is established at the recipient before transferring your personal data. This means that via EU standard contracts or an adequacy decision of the European Commission, a level of data protection is achieved that is comparable to the standards within the EU.

In the event of data transfer outside the European Union, the high European level of data protection does generally not exist. In the case of a transfer, it may be that there is currently no adequacy decision by the EU Commission within the meaning of Article 45 (1), (3) GDPR. This means that the EU Commission has not yet positively determined that the country-specific level of data protection corresponds to the level of data protection in the European Union based on the GDPR; therefore, we have put in place the aforementioned appropriate guarantees.

Possible risks that may not be completely excluded in connection with the transfer of data include, in particular:

Your personal data is transferred securely at ALLPLAN using encryption. This applies to all form processes (including registration, login, ordering). ALLPLAN uses the SSL/TLS (Secure Socket Layer/Transport Layer Security) coding system. It is true that no one can guarantee absolute protection. However, ALLPLAN secures its website and other systems against loss, destruction, access, modification or distribution of your data by unauthorized persons by means of technical and organizational measures. We regularly review our security measures and adapt them to technological progress.

You have the following rights with respect to us regarding personal data concerning you:

You have a right to information, correction, deletion, restriction of processing, objection to processing and data portability. Insofar as processing is based on your consent, you have the right to revoke this consent with effect for the future.

To exercise your rights, please contact us by email at dataprotectionofficer@allplan.com or by mail at Allplan Deutschland GmbH, Konrad-Zuse-Platz 1, 81829 Munich, Germany. The exercise of your rights described in this point is free of charge for you.

Pursuant to Article 21 (1) GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6 (1) (e) GDPR (data processing in the public interest) or on the basis of Article 6 (1) (f) GDPR (data processing for the purposes of safeguarding a legitimate interest); this also applies to profiling based on this provision. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing pursuant to Art. 21 (2) GDPR; this also applies to profiling, insofar as it is associated with such direct advertising.

In the event of your objection to processing for the purpose of direct advertising, we will no longer process your personal data for these purposes.

Without prejudice to these rights and the possibility of seeking any other administrative or judicial remedy, you may at any time exercise your right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes data protection law (Article 77 GDPR).

Our websites may contain links to websites of other providers. We would like to point out that this information on data protection applies exclusively to the website https://help.allplan.com/. We have no influence on and do not control that other providers comply with the applicable data protection regulations.

We reserve the right to change or adapt this information on data protection at any time in compliance with the applicable data protection regulations.