Protection of Data Privacy

Last updated: Juli 2024

 

Welcome to our website! We attach great importance to the protection of your data and your privacy. We therefore inform you below about the collection and use of personal data when you use our website.


Notes on data protection

 

Data protection is particularly important to our company. In the following, we provide information about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behavior. We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological progress.

 

1. Name and address of the data controller

 

Joint controllers pursuant to Art. 4 (7) of the EU General Data Protection Regulation (GDPR) for the website www.dc-software.de are

 

ALLPLAN GmbH
Konrad-Zuse-Platz 1
81829 Munich
Germany
info.frilo(at)allplan.com
P +49 711 81002-0

 

and the affiliated companies listed below:

 

  • ALLPLAN Deutschland GmbH

 

In the course of business, it is essential that data is also regularly exchanged between ALLPLAN’s subsidiaries and business operations in order to promote cooperation within the Group and use resources effectively. Central processes are therefore not limited to the area of a single Group company, but also extend to other Group companies and benefit from the processes established and resources available there. The ALLPLAN companies therefore work together in many areas and act as so-called joint controllers for this website in terms of data protection as stated above.

 

2. Contact details of the data protection officer

 

You can contact our data protection officer at dataprotectionofficer[at]allplan.com or at our postal address with the addition “the data protection officer”.

 

3. access data/server log files

 

The provider (or its web space provider) collects data about every access to the website (so-called server log files). The access data includes:

Name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.

The provider uses the log data only for statistical evaluations for the purpose of operation, security and optimisation of the website. However, the provider reserves the right to check the log data retrospectively if there is a justified suspicion of unlawful use based on concrete evidence.

 

4. handling of personal data

 

Personal data is information that can be used to identify a person, i.e. information that can be traced back to a person. This includes the name, email address or telephone number. However, personal data also includes data on memberships or which websites have been viewed by someone. Personal data is only collected, used and passed on by the provider if this is permitted by law or if the user consents to the collection of data

 

5. making contact

 

When contacting the provider (e.g. via contact form or e-mail), the user's details are stored for the purpose of processing the enquiry and in the event that follow-up questions arise.

 

6. newsletter

 

We use the newsletter to inform you about us and our offers. If you would like to receive the newsletter, we require a valid e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided or that the owner agrees to receive the newsletter. No further data is collected. This data is only used for sending the newsletter and is not passed on to third parties. When you register for the newsletter, we save your IP address and the date of registration. This storage serves solely as proof in the event that a third party misuses an email address and registers to receive the newsletter without the knowledge of the authorised person. The newsletter will only be sent after a further confirmation from you (double opt-in). You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time. The cancellation can be made via a link in the newsletters themselves or by sending a message to the contact options above.

 

7. cookies

 

When users access the website, one or more cookies are stored on their computer. A cookie is a small file that contains a specific character string and uniquely identifies your browser. The provider uses cookies to improve the convenience and quality of its services, for example by saving user settings. Cookies do not cause any damage to the user's computer and do not contain viruses. It is also possible to use the website without cookies. Users can deactivate the storage of cookies in their browser, restrict them to certain websites or set their browser to notify them before a cookie is stored. You can delete cookies from your computer's hard drive at any time using your browser's data protection functions. In this case, the functions and user-friendliness of the website may be restricted.

 

8. Google Analytics
 

This website uses Google Analytics, a web analytics service provided by Google Inc ("Google"). Google Analytics uses so-called "cookies", text files which are stored on the user's computer and which enable the use of the website to be analysed.The information generated by the cookie about the use of this website by users is usually transmitted to a Google server in the USA and stored there.However, if IP anonymisation is activated on this website, the IP address of Google users within member states of the European Union or in other signatory states to the Agreement on the European Economic Area will be shortened beforehand.Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.IP anonymisation is active on this website.On behalf of the operator of this website, Google will use this information to analyse the use of the website by users, to compile reports on website activity and to provide other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.Users may refuse the use of cookies by selecting the appropriate settings on their browser, however please note that if you do this you may not be able to use the full functionality of this website.Users can also prevent Google from collecting the data generated by the cookie and relating to their use of the website (including their IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link:

https://tools.google.com/dlpage/gaoptout

 

9. cancellation, changes, corrections and updates

 

The user has the right, upon request and free of charge, to receive information about the personal data that has been stored about him.In addition, the user has the right to correct incorrect data, block and delete their personal data, insofar as this does not conflict with any statutory retention obligation. You can contact us at any time using the e-mail address provided in the legal notice.

In the event of a breach of data protection law, you have the right to lodge a complaint with the competent supervisory authority, i.e. the state data protection officer of the federal state in which our company is based (Bavaria).You can find a list of data protection officers and their contact details via the following link

https://www.bfdi.bund.de/DE/Service/Anschriften/anschriften_table.html

 

10. Google Adwords Remarketing/Google Tag Manager

 

We use Google Remarketing Tags. These are services provided by Google Inc (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as "Google"). Google uses cookies, which are stored on your computer and enable your use of the website to be analysed. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.

The IP address is then shortened by Google by the last three digits, so that it is no longer possible to clearly assign the IP address. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Third-party providers, including Google, place adverts on websites on the Internet. Third-party providers, including Google, use stored cookies to place adverts based on a user's previous visits to this website. Google will not associate your IP address with any other data held by Google.You can object to the collection and storage of data at any time with effect for the future. You can deactivate the use of cookies by Google by visiting the page for deactivating Google advertising. However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. You can object to the collection and storage of data at any time with effect for the future. Further information on Google's provisions can be found at

https://policies.google.com/privacy Our website uses Google Tag Manager for the purpose of personalised, interest-based and location-based online advertising. The option to anonymise IP addresses is controlled by Google Tag Manager via an internal setting that is not visible in the source of this page. This internal setting is set in such a way that the required anonymisation of IP addresses is achieved.

https://adssettings.google.com/authenticated

 

Data protection information for business partners [1] (EEA/UK)

 

The ALLPLAN Group is part of the NEMETSCHEK Group. ALLPLAN GmbH (Konrad-Zuse-Platz 1, 81829 Munich, Germany) and its group companies [2] (together and individually "ALLPLAN", "we", "us", "our") take data protection very seriously. We have developed this Privacy Notice for Business Partners ("Notice") to transparently inform business partners in the EEA/UK about how we collect, use, disclose and otherwise process personal data and about your rights under applicable data protection laws, in particular the GDPR (for definitions not included in the text, see section 10).

 

[1] For reasons of better readability, the simultaneous use of masculine and/or feminine and/or diverse language forms is omitted in the following. All personal designations apply equally to all genders.

[2] "Group companies" are all companies that directly or indirectly control ALLPLAN or are controlled by ALLPLAN. "Control" means the direct or indirect ownership or control of more than 50 % of the voting rights of the respective company.

 

1. To whom does this Privacy Notice apply?

 

This Notice applies to the processing of personal data of individuals resident in the EEA/UK with whom ALLPLAN has a business relationship, including but not limited to agents and employees of customers, suppliers, service providers, external consultants and visitors to our premises ("Business Partners").

By providing you with this notice, we are fulfilling our information obligations under the GDPR. Please note that this notice does not grant you any rights or impose any obligations on you that are not granted or imposed by law.

 

2. Who are we and how can you contact us or our data protection officer?

 

The controller for the processing of your personal data is the ALLPLAN Group company with which you have a business relationship. A list with the company names of ALLPLAN and the group companies can be found here. You can contact us at any time at dataprotectionofficer[at]allplan.com. If you have any questions about this notice or about the processing of your personal data by our group companies or in general and to exercise your rights against ALLPLAN as set out in Section 8.

 

3. Where do we collect your data and what categories of personal data are involved?

 

We collect your personal data either directly from you (e.g. when you contact us) or receive it (i) from your employer/client or (ii) from another company with which you had a business relationship, including one of our group companies, e.g. in the context of a corporate transaction.

In general, we only process the following categories of personal data of our business partners:

  • Contact details such as name, company address, business email address and telephone number, business fax number;
  • Professional details such as company name, position, job title, authorisations (e.g. to receive notifications regarding the relationship between your employer/client and us or to conclude contracts);
  • Communication, e.g. by email or SMS;
  • Details of business transactions, such as orders, contracts, licence agreements.

In principle, you are not obliged to provide us with your personal data. However, we may not be able to carry out certain processes if you do not provide us with your personal data (e.g. we will not be able to call you back if you do not provide us with your business telephone number). In some cases, this may mean that we cannot fulfil your request (if we have entered into or wish to enter into a contract with you) or that your employer/client cannot appoint you as our contact person.

 

4. How is your personal data used (purposes and legal basis)?

 

We process your personal data in order to manage and control the relationship between us and you or your employer/client, to operate our business and to fulfil our legal obligations.

Specifically, we process your personal data for the following purposes and rely on the legal bases listed. Where relevant, the legitimate interest is also listed here in the table.

The relevant legal bases are:

  • Contract fulfilment (Art. 6 para. 1 lit. b) GDPR);
  • Fulfilment of legal obligations (Art. 6 para. 1 lit. c) GDPR);
  • Protection of your vital interests or those of another natural person (Art. 6 para. 1 lit. d) GDPR);
  • Legitimate interests (Art. 6 para. 1 lit. f GDPR); and
  • Consent (Art. 6 para. 1 lit. a, Art. 7 GDPR).

In some cases, your personal data may be processed on the basis of your voluntarily given consent (Art. 6 para. 1 lit. a, Art. 7 GDPR). You will be informed about the purposes of such processing before you are asked for your consent.

 

5. How is your personal data used (purposes and legal basis)?

 

Only authorised ALLPLAN employees with appropriate responsibility have access to your personal data. In addition, we may disclose your personal data to the following categories of recipients:

 

5.1 We may disclose your personal data to service providers who process personal data as so-called processors on our behalf and in accordance with our instructions in order to provide their professional services to us:

  • Customer Relationship Management System (CRM) provider (EEA)
  • Supplier management system provider (Supplier Management System) (EEA)
  • Provider of an enterprise resource planning ("ERP") tool (EEA )
  • Provider of e-mail services (EEA)
  • Inbound marketing and customer surveys (EEA)

 

5.2 We may share your personal data with the following third parties

  • Other group companies in our group of companies: we may share your personal data with group companies for the purposes set out in No. 4 above.
  • Other third parties:
    • Tax authorities and other government authorities (including law enforcement authorities) for the purposes of compliance with laws and regulations applicable to us;
    • Advisors (lawyers and auditors) to fulfil legal obligations, in the context of corporate transactions and to protect our rights;
    • Courts to protect our rights;
    • Potential purchasers or other acquirers (including lessees) of all or part of our assets and/or activities for the purpose of corporate transactions

 

The legal bases for the transfer of personal data to third parties are set out in section 4 above.

 

6. do we transfer your data internationally (transfer to third countries)?

 

Some recipients of personal data may be located outside the EEA and/or outside the UK in countries that do not provide an equivalent level of protection to the EEA/UK. If your personal data is transferred outside the EEA/UK, we will ensure, to the extent required by law, that your data protection rights are adequately protected, either because the European Commission (EEA) or the Information Commissioner's Office (UK) has decided that the country to which personal data is transferred ensures an adequate level of protection (Art. 45 GDPR), or because the transfer is subject to appropriate safeguards provided for by the conclusion of standard contractual clauses by the European Commission with the recipient or the UK Addendum (Art. 46 GDPR), unless the GDPR provides for an exception or you have given your express consent (Art. 49 GDPR).

If we transfer your personal data from the EEA and/or UK to a jurisdiction whose level of data protection has been recognised as adequate, we rely on the adequacy decision. When transferring personal data to recipients in the US, we may rely on the EU-U.S. Data Privacy Framework (EEA) or its UK Extension ("DPF"), which ensures an adequate level of protection for recipients certified under the DPF. A list of the European Commission's adequacy decisions can be found here.

Where we rely on the European Commission's Standard Contractual Clauses or the relevant UK Addendum, to the extent the transfer is to a service provider (including group companies acting as such) acting as a processor on our behalf, module two (transfers from controllers to processors) of the Standard Contractual Clauses is relevant; to the extent the transfer is to recipients who do not process personal data on our behalf but for their own purposes, module one (transfers from controllers to processors) is relevant. Copies of the appropriate safeguards (where we rely on them) can be requested from dataprotectionofficer[at]allplan.com. Please note that such copies may be redacted to the extent necessary to protect trade secrets or other confidential information.

 

7. How long do we store your data?

 

Your personal data will only be stored until it is no longer required for the purposes for which it was collected (or otherwise processed). As a rule, the personal data will be deleted at the latest when the contractual relationship with you or your employer/client has ended and the regular limitation period for this information in the respective country has expired.

Personal data that you have actively provided when registering for the newsletter will be stored for as long as the newsletter subscription is active; your consent will be stored for up to three further years, depending on the applicable limitation period.

Exceptionally, personal data may be stored for longer if its processing is necessary for compliance with a legal obligation - including compliance with statutory retention periods - to which we are subject, or for the establishment, exercise or defence of legal claims.

 

8. What rights do you have under the GDPR?

 

8.1 Right of access. You may request information about the processing of your personal data and a copy of the personal data that is the subject of the processing, provided that such a copy does not adversely affect the rights and freedoms of others. If you make the request electronically, we will provide you with the information in a commonly used electronic format, unless you request otherwise.

 

8.2 Right to rectification. You may at any time request the rectification of your inaccurate personal data and/or the completion of incomplete personal data.

 

8.3 Right to erasure. You may request the erasure of your personal data, in particular if (i) the personal data is no longer necessary for the purposes for which it was collected or otherwise processed, (ii) you have objected to the processing and there are no overriding legitimate interests for the processing, (iii) your personal data has been processed unlawfully or (iv) your personal data must be erased in order to comply with a legal obligation to which we are subject. However, the right to erasure does not apply in particular if the processing of your personal data is necessary for compliance with a legal obligation or for the establishment, exercise or defence of legal claims.

 

8.4 Right to restriction of processing. You may request the restriction of processing (i) for the period during which we verify the accuracy of your personal data if you have contested the accuracy of the personal data, (ii) if the processing is unlawful and you request the restriction of processing instead of erasure of the data, (iii) if we no longer need the personal data, but you need the data for the establishment, exercise or defence of legal claims or (iv) if you have objected to processing pending the verification whether our legitimate grounds override your interests, rights and freedoms. If the processing of your personal data has been restricted, we may only process your personal data, in addition to storing the data, with your consent in order to assert, exercise or defend legal claims or to defend the rights of others.

 

8.5 Right to data portability. You may request to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from us, where the processing is based on consent or on a contract and the processing is carried out by automated means; in such cases, you may also request that the personal data be transmitted directly to another controller, where technically feasible (data portability).

 

8.6 Right to withdraw consent. You can withdraw your consent at any time with effect for the future, insofar as processing is based on your consent, without affecting the lawfulness of processing up to the time of withdrawal of consent.

 

8.7 Right to object. You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on our legitimate interests or those of a third party.

We will then no longer process your personal data for the purpose to which you have objected, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

If we process your personal data for direct marketing purposes, you have the right to object to the processing of your personal data for such direct marketing purposes at any time. We will then no longer process your personal data for direct marketing purposes.

 

8.8 Right to lodge a complaint. You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of your personal data infringes applicable law.

 

Please address your requests to exercise your rights (with the exception of the right to lodge a complaint with a supervisory authority) to dataprotectionofficer[at]allplan.com.

 

9. changes to this notice

 

We reserve the right to amend or change this notice at any time to ensure compliance with applicable laws. Please check regularly to ensure that this notice has been updated. We will notify you if there are any material changes to this notice that affect you.

 

10. Definitions

 

"EEA" means the European Economic Area.

"EU" means the European Union.

"GDPR" means the General Data Protection Regulation (Regulation (EU) 2016/679) and any supplementary EU and EEA Member State data protection or privacy legislation in force in the EEA from time to time, or the UK GDPR where the UK GDPR is relevant.

"UK" means the United Kingdom.

"UK GDPR" means the GDPR as implemented into UK domestic law by section 3 of the European Union (Withdrawal) Act 2018, together with the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 and such other data protection laws as may be in force in the UK from time to time.