Privacy Statement according to Art.13 and 14 GDPR (General Data Protection Regulation)
Protection of your personal data is important to us (ALLPLAN GmbH). We process your personal data exclusively on the basis of the statutory provisions: GDPR - General Data Protection Regulation and TKG 2003 - Telecommunications Act. Data is categorized as personal when it can be clearly assigned to a specific natural person. Following regulations inform you about the most important aspects of data processing. Information regarding data protection for our employees and applicants is directly addressed to these groups.
Possibilities to Contact Us
When you contact us (via the online contact form, via e-mail or personally), we store your data to process your enquiry.
In the framework of our business relations we save your contact data in our internal contact database. This data is not forwarded to third parties without your consent. We store your data in our database for the following purposes: managing our contractual relationships, informing our clients and partners about important changes as well as our legitimate interest in carrying out customer events efficiently. Contacts, which are neither necessary for current requests nor attributable to active business relations, will be deleted after three years at the latest.
Data Processing: Our Website
It is possible to navigate on our website without indicating any personal data. Different regulations may apply to the use of individual services on our site, which are explained in the following.
The legal basis is our legitimate interest according to Art. 6 para 1 GDPR to provide a user-friendly website.
We point out that any internet-based data transmission may have security gaps, a full protection against access by third parties is thus impossible.
Cookies are small text files that your Internet browser stores and saves on your computer. They serve to optimize our Internet presence and our offers. Our homepage uses only a consent-free PHPSESSID cookie. This session cookie indicates that an anonymous user is currently actively using the Website; it also counts how many anonymous users visit the site at any given time. This cookie will be deleted as soon as you close your browser.
Stored information in the server log:
The storage is based on our legitimate interests, as well as the user's protection against misuse and other unauthorized use.
For technical reasons following data, which your Internet browser transmits to us or to our web space provider, is recorded (so-called server log files) anonymously:
• Browser type and version
• used operating system
• Website from which you visit us (Referrer URL)
• Website you visit
• Date and time of your access
• Your Internet Protocol (IP) address.
Currently, we do not send Newsletters.
Data Processing: Accounting and Business Transactions
In order to enable our project- and business transactions as well as our accounting activities we process the following data categories:
- Master- and Contact Data
- Contractual data
- Accounting and Payment data
- Excerpts from Company Registers
- Project- and Proposal data (including personal data: contact data, Curriculum Vitae (CVs) and description of experts).
The above-mentioned data refer to clients and suppliers (including sub-consultants) as well as employees of ALLPLAN.
The purpose of this data processing (accounting and business transactions) are:
- Processing the data in the framework of obligatory documentation requirements of the Commercial Law and Tax Law
- Management of contracts
- Carrying out monetary transactions
- General business transactions
- Project implementation
Maximum Storage Duration/Deletion
The data is stored until the termination of a business relation or until the end of one of the following terms relating to the client: guarantee, defects liability, limitation and legal retention periods. Beyond these periods, the data is kept until the end of any legal dispute settlement for which the data is needed as proof.
For this type of data processing we cooperate with Processors and conclude corresponding agreements.
Categories of recipients of personal data:
- Banks for the processing of monetary transactions
- Legal representatives in the case of disputes
- Certified Accountant and Tax Accountant
- Courts of Justice
- Appropriate administration authorities (especially tax authorities)
- Debt collection agencies
- Debt financers (Leasing, Factoring Companies or Cessionary) – if applicable
- Contract- or business partners relevant for the delivery or service, clients as recipients of services
- Insurance companies (when entering into an insurance contract or occurrence of an insuring event
- Provide (IT Service Provider)
International Data Transfer
As an internationally active Consultant, we carry out projects in countries outside the European Union and work together with international organisations. Possibly the data protection levels in these countries do not correspond to those in Austria. For data transfer in such countries we ask the data subject for their explicit consent to the proposed transfer (Art 49 Para 1 GDPR, derogations for specific situations).
On the basis of the GDPR, you can contact us free-of-charge with questions regarding the collection, processing or use of your personal data and their correction, blocking, deletion or revocation of any given consent. We point out that you are entitled to a correction of incorrect data or deletion of personal data should this claim not be prevented by a statutory retention obligation.
In case you believe that processing of your data contradicts to data privacy laws or your rights regarding data protection are violated, you have the right to make a complaint to the supervisory authority. In Austria it is the Datenschutzbehörde.
Contact details of the Controller:
DI Dr. Helmut Berger (Managing Director)
Phone: +43 1 5053707-94
Prepared on: 23 May 2018 - valid as of: 25 May 2018