Privacy policy

With the following privacy policy, we inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data, insofar as we decide either alone or together with others on the purposes and means of processing. In addition, we inform you below about the third-party components we use for optimization purposes and to increase the quality of use, insofar as third parties process data on their own responsibility.

Our privacy policy is structured as follows:

I. Information about us as the controller

II Terminology

III Rights of users and data subjects

IV. Information on data processing

---

I. Information about us as the controller

The responsible provider of this website in terms of data protection law is:
Elena Herrmann | ePlan consult GmbH
Mittagstraße 16p
39124 Magdeburg

Phone:	+49 (0) 391 – 288 989 58
Fax:	+49 (0) 391 – 288 776 70
E-Mail:	service@eplan-consult.de

Link to the imprint: http://eplan-consult.de/impressum/

---

II Terminology

In our privacy policy, we use terms that are used and defined in the GDPR. We would like to explain the most important terms so that you know what they mean.

Personal data

Personal data means any information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. IP address or cookies) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing

Processing is any operation or set of operations which is performed on personal data, whether or not by automated means. This basically includes any handling of personal data such as collection, storage, modification, use, transmission, dissemination, erasure or destruction, etc.

Person responsible

The controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. The controller must ensure the permissibility of data processing through the use of technical and organizational measures that are regularly reviewed.

Pseudonymization

Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

Processor

A processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Receiver

Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

Third

Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

Consent

Consent is an expression of self-determination under data protection law. It is the voluntary, informed and unambiguous expression of will in the form of a statement or other unambiguous affirmative act by which the data subject indicates that they consent to the processing of their personal data. Consent that has been given can be revoked at any time.

---

III Rights of users and data subjects

With regard to the data processing described in more detail below, users and data subjects have the right to

• to confirmation as to whether data concerning them is being processed, to information about the processed data, to further information about the data processing and to copies of the data (cf. also Art. 15 GDPR);
• to rectification or completion of incorrect or incomplete data (see also Art. 16 GDPR);
• to the immediate erasure of the data concerning them (see also Art. 17 GDPR) or, alternatively, if further processing is required in accordance with Art. 17 (3) GDPR, to the restriction of processing in accordance with Art. 18 GDPR;
• to receive the data concerning them and provided by them and to transfer this data to other providers/controllers (cf. also Art. 20 GDPR);
• to lodge a complaint with the supervisory authority if they are of the opinion that the data concerning them is being processed by the provider in breach of data protection regulations (see also Art. 77 GDPR).

In addition, the provider is obliged to inform all recipients to whom data has been disclosed by the provider of any rectification or erasure of data or restriction of processing carried out on the basis of Articles 16, 17 (1), 18 GDPR. However, this obligation does not apply if this notification is impossible or involves a disproportionate effort. Notwithstanding this, the user has a right to information about these recipients.

Users and data subjects also have the right to object to the future processing of data concerning them in accordance with Art. 21 GDPR, provided that the data is processed by the provider in accordance with Art. 6 para. 1 lit. f) GDPR. In particular, an objection to data processing for the purpose of direct advertising is permitted.

Data collection on our website

Who is responsible for data collection on this website?

Data processing on this website is carried out by the website operator. You can find the operator’s contact details in the legal notice of this website.

How do we collect your data?

On the one hand, your data is collected when you provide it to us. This may, for example, be data that you enter in a contact form.

Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter our website.

What do we use your data for?

Some of the data is collected to ensure that the website is provided without errors. Other data can be used to analyze your user behavior.

What rights do you have with regard to your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact us at any time at the address given in the legal notice if you have any further questions on the subject of data protection. You also have the right to lodge a complaint with the competent supervisory authority.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can withdraw your consent at any time. All you need to do is send us an informal e-mail. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, blocking, deletion

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction, blocking or deletion of this data at any time. You can contact us at any time at the address given in the legal notice if you have further questions on the subject of personal data.

Objection to advertising e-mails

We hereby object to the use of contact data published as part of our obligation to provide a legal notice for the purpose of sending unsolicited advertising and information material. The operators of this website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

---

IV. Information on data processing

Your data processed when using our website will be deleted or blocked as soon as the purpose of storage no longer applies, the deletion of the data does not conflict with any statutory retention obligations and no other information on individual processing procedures is provided below.

Server data

For technical reasons, in particular to ensure a secure and stable Internet presence, data is transmitted to us or to our web space provider by your Internet browser. With these so-called server log files, the type and version of your Internet browser, the operating system, the website from which you have switched to our Internet presence (referrer URL), the website(s) of our Internet presence that you visit, the date and time of the respective access and the IP address of the Internet connection from which the use of our Internet presence takes place are collected, among other things.

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are

• Browser type and browser version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request

This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use.

The data collected in this way is stored temporarily, but not together with other data about you.

This storage takes place on the legal basis of Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the improvement, stability, functionality and security of our website.

The data will be deleted after seven days at the latest, unless further storage is required for evidence purposes. Otherwise, all or part of the data will be excluded from deletion until the incident has been finally clarified.

Cookies

a) Session cookies/session cookies

We use so-called cookies on our website. Cookies are small text files or other storage technologies that are placed and stored on your end device by the Internet browser you use. These cookies process certain information from you, such as your browser or location data or your IP address, to an individual extent.

This processing makes our website more user-friendly, effective and secure, as the processing enables, for example, the reproduction of our website in different languages or the offer of a shopping cart function.

The legal basis for this processing is Art. 6 para. 1 lit. b.) GDPR, insofar as these cookies are processed for contract initiation or contract processing.

If the processing does not serve to initiate or execute a contract, our legitimate interest lies in improving the functionality of our website. The legal basis is then Art. 6 para. 1 lit. f) GDPR.

These session cookies are deleted when you close your Internet browser.

b) Third-party cookies

Our website may also use cookies from partner companies with whom we cooperate for the purposes of advertising, analysis or the functionalities of our website.

Please refer to the following information for details, in particular the purposes and legal basis for processing such third-party cookies.

c) Possibility of elimination

You can prevent or restrict the installation of cookies by changing the settings in your Internet browser. You can also delete cookies that have already been saved at any time. However, the steps and measures required for this depend on the specific Internet browser you are using. If you have any questions, please use the help function or documentation of your Internet browser or contact its manufacturer or support. In the case of so-called Flash cookies, however, processing cannot be prevented via the browser settings. Instead, you must change the settings of your Flash player. The steps and measures required for this also depend on the specific Flash player you are using. If you have any questions, please also use the help function or documentation of your Flash player or contact the manufacturer or user support.

However, if you prevent or restrict the installation of cookies, this may mean that not all functions of our website can be used to their full extent.

Contact requests / contact option

If you contact us via contact form or e-mail, the data you provide will be used to process your request. The provision of the data is necessary for processing and answering your request – without it we cannot answer your request or can only answer it to a limited extent.

The legal basis for this processing is Art. 6 para. 1 lit. b) GDPR.

Your data will be deleted if your request has been conclusively answered and the deletion does not conflict with any statutory retention obligations, such as in the case of any subsequent contract processing.

User contributions, comments and ratings

We offer you the opportunity to publish questions, answers, opinions or reviews, hereinafter referred to as “contributions”, on our website. If you make use of this offer, we will process and publish your contribution, the date and time of submission and the pseudonym you may have used.

The legal basis for this is Art. 6 para. 1 lit. a) GDPR. You can revoke your consent at any time with effect for the future in accordance with Art. 7 para. 3 GDPR. All you have to do is inform us of your withdrawal.

We also process your IP address and email address. The IP address is processed because we have a legitimate interest in initiating or supporting further steps if your contribution infringes the rights of third parties and/or is otherwise unlawful.

The legal basis in this case is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in any necessary legal defense.

Embedded content from other websites

Posts on this website may contain embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves exactly as if the visitor had visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking services and record your interaction with this embedded content, including your interaction with the embedded content if you have an account and are logged in to this website.

References: Privacy policy of eRecht24, the portal to Internet law by lawyer Sören Siebert

Privacy policy Google Maps

This website uses the product Google Maps from Google Inc. By using this website, you consent to the collection, processing and use of the automatically collected data by Google Inc, its representatives and third parties.
The terms of use of Google Maps can be found under “Terms of use of Google Maps“.

Privacy policy for the use of Facebook plugins (Like button)

Plugins of the social network Facebook, provider Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA, are integrated on our pages. You can recognize the Facebook plugins by the Facebook logo or the “Like” button on our site. You can find an overview of the Facebook plugins here: http://developers.facebook.com/docs/plugins/.

When you visit our pages, a direct connection is established between your browser and the Facebook server via the plugin. Facebook receives the information that you have visited our site with your IP address. If you click on the Facebook “Like” button while you are logged into your Facebook account, you can link the content of our pages to your Facebook profile. This allows Facebook to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook. Further information on this can be found in Facebook’s privacy policy at http://de-de.facebook.com/policy.php.

If you do not want Facebook to be able to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.

Privacy policy for the use of Google +1

Our pages use functions of Google +1, which is provided by Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

Collection and dissemination of information: You can use the Google +1 button to publish information worldwide. You and other users receive personalized content from Google and our partners via the Google +1 button. Google stores both the information that you have given +1 for a content and information about the page that you viewed when you clicked +1. Your +1s can be displayed as references together with your profile name and your photo in Google services, such as in search results or in your Google profile, or in other places on websites and advertisements on the Internet. Google records information about your +1 activities in order to improve Google services for you and others. To be able to use the Google +1 button, you need a globally visible, public Google profile, which must contain at least the name chosen for the profile. This name is used in all Google services. In some cases, this name can also replace another name that you have used when sharing content via your Google account. The identity of your Google profile can be displayed to users who know your e-mail address or have other identifying information about you.

Use of the information collected: In addition to the uses described above, the information you provide will be used in accordance with the applicable Google privacy policy. Google may publish summarized statistics about the +1 activities of users or pass them on to users and partners, such as publishers, advertisers or associated websites.

Privacy policy for the use of Xing

Our website uses functions of the XING network. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time one of our pages containing Xing functions is accessed, a connection to Xing servers is established. To the best of our knowledge, no personal data is stored in the process. In particular, no IP addresses are stored or usage behavior evaluated.

Further information on data protection and the Xing Share button can be found in Xing’s privacy policy at https://www.xing.com/app/share?op=data_protection

Privacy policy for the use of YouTube

Our website uses plugins from the YouTube site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited.
If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

Further information on the handling of user data can be found in YouTube’s privacy policy at https://www.google.de/intl/de/policies/privacy

---

What personal data we collect and why we collect it

Types of data processed:

• Inventory data (e.g., names, addresses).
• Contact details (e.g., e-mail, telephone numbers).
• Content data (e.g., text entries, photographs, videos).
• Usage data (e.g., websites visited, interest in content, access times).
• Meta/communication data (e.g., device information, IP addresses).

Categories of affected persons

Visitors and users of the online offer (hereinafter we also refer to the data subjects collectively as “users”).

Purpose of the processing

• Provision of the online offer, its functions and content.
• Answering contact requests and communicating with users.
• Safety measures.
• Reach measurement/marketing

How we store your information

Information is only collected if it is necessary for the provision of our services. In this sense, for example, credit card data is never stored on our servers, your password for logging in is stored in encrypted form in our database and additionally secured by a firewall. All communication between your browser and our services takes place via an encrypted SSL connection to protect your information from unauthorized access by third parties. Only selected administrators have access to the data – and only to the extent necessary to maintain the services.

How long we store your data

When you post a comment, it is saved indefinitely, including metadata. This way, we can automatically recognize and approve follow-up comments instead of holding them in a moderation queue.

For users who register on our website, we also store the personal information they provide in their user profiles. All users can view, change or delete their personal information at any time (the user name cannot be changed). Website administrators can also view and change this information.

What rights you have to your data

If you have an account on this website or have written comments, you can request an export of your personal data from us, including any data you have provided to us. In addition, you can request the deletion of all personal data that we have stored about you. This does not include data that we are required to retain for administrative, legal or security purposes.

Changes to the data protection provisions

We reserve the right to amend these data protection provisions from time to time in order to take account of changes in the legal situation or the expansion of the functional scope of our website. You should therefore read the data protection provisions regularly in order to be informed about the protection of your data. By continuing to use our services, you declare your agreement with this data protection declaration in its currently valid version.

Status: May 2018