Data Privacy Declaration for use of the website www.plantobuild.de and the software PlanToBuild.

Thank you for your interest in PlanToBuild. The protection of your personal data is important to us. We would therefore like to take this opportunity to inform you about what personal data we collect from you when you use this site. Personal data is any data relating to you as an individual, e.g. your name, your address, your e-mail addresses and your user behaviour.

This document can be downloaded as a PDF and archived.

To open the PDF file, you will need the free Adobe Reader (www.adobe.com), or a similar software which can process the PDF format. The document can also be printed.

The data controller in accordance with Art. 4 para. 7 of the General Data Protection Regulation (GDPR) is

PlanToBuild GmbH
Kammerratsheide 36
33609 Bielefeld
Germany

E-mail: info@plantobuild.de
Website: www.plantobuild.de

We have appointed a Data Protection Officer. You can contact the Data Protection Officer at:

Attorney Nina Pofalla
Lanterstraße 36
46539 Dinslaken
Germany
E-mail: nh@rechtsanwalt-hebisch.de

3.1  You have the following rights with respect to us in relation to your personal data: 

a)    Right to information
b)    Right to rectification 
c)    Right to deletion (right to be forgotten)
d)    Right to restrict processing
e)    Right to data portability
f)    Right to object

If data processing is carried out on the basis of Art. 6 para. 1 lit. e or f GDPR, you have the right to object to the processing of your personal data at any time for reason related to your specific situation. Please see this Data Privacy Declaration for the respective legal bases for processing. If you do submit an objection, we will no longer process your personal data unless we can verify that we have mandatory and protected reasons for processing that outweigh your interests, rights and freedoms, or if processing is carried out to assert, exercise or defend against legal claims (objection in accordance with Art. 21 para. 1 GDPR).

3.2.    Right to revoke consent under data privacy law

Many data processing procedures can only be carried out with your express consent. You can revoke the consent you have granted at any time. There are no formal requirements for doing so, and an e-mail to us is sufficient. The legality of data processing carried out up to the point of revocation remains unaffected. You can revoke your consent via e-mail to: widerruf@plantobuild.de or via written notification to PlanToBuild GmbH, Kammerratsheide 36, 33609 Bielefeld.

3.3.    You also have the right to submit a complaint to a data privacy supervisory authority regarding our processing of your personal data. 

For security reasons, and to protect the transmission of confidential content, such as orders or inquiries you send to us as the website operator, this page uses SSL and TLS encryption. You can recognise an encrypted connection because the address line of your browser will switch from “http://” to “https://” and a lock symbol will appear in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be intercepted by third parties.

5.1.    Informational use of the website: If you simply use our website for informational purposes, and do not register or transmit information in any other manner, we only collect the personal data that your browser transmits to our server. All data collection and processing are carried out for certain purposes. These may include technical necessities, contractual requirements or your express requests. If you use specific services on our website, we will obtain your consent to collect and process your data. 

5.2.    When you view our website, we collect the following data. We require this data for technical reasons so that we can display the website to you and ensure its stability and security: 

a)    IP address
b)    Date and time of inquiry
c)    Time zone difference from Greenwich Mean Time (GMT)
d)    Content of the request (specific page) 
e)    Access status /http-Statuscode
f)    Quantity of data transmitted
g)    Website from which the request comes
h)    Browser
i)    Operating system and its interface language and browser software version

6.1   In addition to the simply informational use of our website, we offer a variety of services you can use if desired. These include, for instance, the newsletter delivery described under clause 10 or the use of the login-protected area as described under clause 8 of this Data Privacy Declaration.

6.2.    To do so, you must provide further personal data, which we will use to carry out the specific service or contact you, and to which the basic principles of data processing recorded in this Data Privacy Declaration apply.

6.3.    If you send us an inquiry using the contact form, we will save your information from the contact form and the contact data you provide there for the purpose of processing your inquiry and to answer any follow-up questions. We will not transmit this data to any third parties without your consent. Therefore, data entered into the contact form is processed exclusively based on your consent (Art. 6 para. 1 lit. a) GDPR). You can revoke your consent at any time. There are no formal requirements for doing so, and an e-mail to us is sufficient. The legality of data processing carried out up to the point of revocation remains unaffected. We will retain the data you have entered into the contact form until you request that we delete it, until you revoke your consent to save the data, or until the purpose for which data was saved no longer applies (for instance after we finish processing your inquiry). Mandatory legal provisions – in particular retention periods – remain unaffected. 

6.4.    If you contact us via e-mail or telephone, we save and process your inquiry and all personal data it contains (name, inquiry) for the purpose of handling your request or concern. We will not transmit this data to any third parties without your consent. These data are processed on the basis of Art. 6 para. 1 lit. b GDPR, insofar as your inquiry is related to fulfilling a contract or is necessary to carry out pre-contractual measures. In all other cases, processing is based on your consent (Art. 6 para. 1 lit. a GDPR) and/or on our legitimate interests (Art. 6 para. 1 lit. f GDPR), since we have a legitimate interest in effectively processing the inquiries submitted to us. We will retain the data you have sent us with your contact inquiry until you request that we delete it, until you revoke your consent to save the data, or until the purpose for which data was saved no longer applies (for instance after we finish processing your question or concern). Mandatory legal provisions – in particular statutory retention periods – remain unaffected.

In addition to the data indicated above, when you use our website cookies are saved on your computer. Cookies are small text files assigned to the browser you use and that are saved on your hard drive. These can be used to send certain information to the entity that sets the cookie (us, in this case). Cookies cannot execute any programs or transmit viruses to your computer. They are used to make our web services more user-friendly and more effective.

7.1.    Use of cookies: This website uses the following types of cookies. Their scope and function are explained in the following:
    • Transient/session cookies (see 7.2)
    • Persistent cookies (see 7.3)

7.2.    Transient cookies are deleted automatically when you close your browser. These include, in particular, session cookies. These cookies save a so-called session ID, which can be used to associated different queries from your browser to the overall session. This allows us to recognise your computer again when you come back to our website. Session cookies are deleted when you log out or close your browser.

7.3.    Persistent cookies remain saved on your device and are automatically deleted after a specified time period, which can differ depending on the cookie in question. You can delete cookies at any time using your security settings.

7.4.    You can configure your browser settings according to your specifications, for instance to reject the acceptance of third-party cookies or all cookies. To do so, please see our cookie guidelines1, which will be displayed to you the first time you open the website. Please note that you may not be able to use all functions of this website. The Help function in the menu bar of most web browsers explains how you can prevent your browser from accepting new cookies, how your browser informs you when it receives a new cookie, or how you can delete all cookies saved in the past and block saving any future cookies. Cookies required to carry out electronic communication or to provide certain functions you request are saved on the basis of Art. 6 para. 1 lit. f) GDPR. We have a legitimate interest in saving cookies to ensure we can provide our services in proper technical condition and free from errors. 

8.1.    You can register on our website to use additional page functions. We will only use entered data for the purpose of using the services for which you have registered. 

8.2.    You have the option of registering on our website as an external user, on behalf of and as a representative of our customers, as a partner to our customers, or as an employee/agent of our customer's partner. In addition, you can register as a separate user or administrator in the name of the customer. 

8.3.    PlanToBuild sets up a password-protected access for each user or administrator who registers on the website. 

8.4.    Personal data: In addition to the data indicated in clause 5.2, PlanToBuild processes data in the scope described in the following for the purpose of operating the login-protected area. If you do not provide this data, no access can be created for the specific administrator or for you or other users.

a)    Customer information (company name), for instance by the administrator or user 
b)    Customer/user address data
c)    Administrator salutation 
d)    Administrator first and last name 
e)    Administrator e-mail address 
f)    Any further employees of the client as users 
g)    User salutation, if applicable
h)    User first and last name, if applicable 
i)    User e-mail address, if applicable 
    
8.5.    When you use the login-protected areas of our website, the data required for use are saved. 

8.6.    When you use the login-protected areas of our website, the personal data provided can be made accessible to other users of the login-protected areas of our website according to your use of the application. 

8.7.    You can view your personal data at any time in your personal settings. 

8.8.    Data you enter during registration is processed based on your consent (Art. 6 para. 1 lit. a) GDPR) and/or to fulfil a contract or initiate a contract (Art. 6 para. 1 lit. b) GDPR). 

9.1.    Data are never transmitted to third parties unless we have a legal obligation to do so (such as to pursue a criminal case) or if transmission is required in the course of carrying out a contract. Data processing is based on Art. 6 para. 1 lit. b GDPR, which grants data processing for the purposes of fulfilling a contract or for pre-contractual measures.

9.2.    In some cases, PlanToBuild uses external service providers (processors) to process data. PlanToBuild carefully selects these processors and commissions them in writing. They are contractually obligated to follow the instructions of PlanToBuild, and are subject to regular controls. Service providers do not transmit data to third parties. PlanToBuild provides PlanToBuild content via a cloud solution. Data are processed by service providers only within the EU. 

10.1.    With your consent, you can subscribe to our newsletter, which we use to inform you about our current offers and services.

10.2.    We use a double opt-in process for newsletter registration. This means your registration will only be complete once you have clicked the link provided in the confirmation e-mail we send to you for this purpose. If you do not provide confirmation within 48 hours, the client's registration will be deleted from our database automatically.

10.3.    You only need to provide your e-mail address to receive the newsletter. Other specially marked data may be provided on a voluntary basis, and will be used to appeal you personally or to provide you with additional information. After your confirmation, we will save your e-mail address for the purpose of sending you the newsletter. The legal basis for doing so is Art. 6 para. 1 clause 1 lit. a GDPR.

10.4.    You can revoke your consent to receive the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation at any time by clicking the link provided in every newsletter e-mail, by sending an e-mail to widerruf@plantobuild.de, or by sending a message to the contact information provided in the Legal Notice.

11.1.  The log-in protected area uses the open source web analytics service Matomo. Matomo uses so-called “cookies”. These are text files saved on your computer which facilitate an analysis of how you use the website. Information generated by the cookie on your use of the website is saved on our server. Your IP address is anonymised before data are saved. Matomo cookies remain on your device until you delete them.

11.2.    Matomo cookies are saved, and this analytic tool is used, on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the anonymised analysis of user behaviour to optimise both its web services and its advertisements.

11.3.    Information generated by the cookie on your use of the website is not transmitted to third parties. You can prevent cookies from being saved by changing the settings in your browser software; however, please note that if you do so, you may not be able to use all functions of this website in full.

11.4.    If you do not consent to the saving and use of your data, you can deactivate the storage and use after login here. In this case, an opt-out cookie will be saved on your browser to prevent Matomo from saving usage data. When you delete your cookies, the Matomo opt-out cookie will also be deleted. You will have to reactivate your opt-out the next time you visit our page. 

12.-15. External Plugins

12.    YouTube with privacy-enhanced mode

12.1.    Our website uses plug-ins from the website YouTube. The page operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. We use YouTube in the privacy-enhanced mode. According to YouTube, this mode prevents YouTube from saving information on website visitors before they view a video. However, privacy-enhanced mode does not necessarily exclude the transmission of data to YouTube partners. No matter whether you view a video, YouTube creates a connection to the Google DoubleClick network.

12.2.    Once you start a YouTube video on our website, a connection is created to YouTube servers. The YouTube server is informed which of our pages you visited. If you are logged into your YouTube account, you allow YouTube to directly associate your surfing behaviour with your personal profile. You can prevent this by logging out of you YouTube account.

12.3.    In addition, after you start the video YouTube can save a variety of cookies on your device. YouTube can use these cookies to obtain information on our website visitors. This information is used, for instance, to record video statistics, improve user-friendliness, and prevent attempted fraud. The cookies remain on your device until you delete them. It is possible that further data processing procedures may be triggered after you start a YouTube video, over which we have no influence. We use YouTube in the interest of creating an attractive design for our online services. This is part of our legitimate interest in the sense of Art. 6 para. 1 lit. f GDPR.

12.4.    Further information on data privacy at YouTube is available in the YouTube Data Privacy Declaration at: https://policies.google.com/privacy?hl=de.

13.    Google Web Fonts

In order to ensure a uniform display of fonts, this page uses Web Fonts provided by Google. Google Fonts are installed locally. No connection is formed to Google servers.

14.    Integration of Google Maps

14.1.    We use the Google Maps service on our website. This allows us to display interactive maps directly on the website, and allows you to easily use the map function.

14.2.    When you visit our website, Google receives information that you accessed a specific sub-page on our website. In addition, the data indicated under clause 3 of this declaration are also transmitted. These data are transmitted independent of whether Google provides a user account, whether you are logged in, or whether there is no user account. If you are logged in to Google, your data are associated directly with your account. If you do not want this data to be associated with your Google profile, you must log out before activating the button. Google saves your data as a usage profile, and uses this profile for purposes of advertisement, market research, and/or to design its website according to your needs. Such analyses are carried out in particular (even for users who are not logged in) to provide advertisements that relate to user needs and inform other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles, although you must contact Google to exercise that right.

14.3.    Further information on the purpose and scope of data collection and processing by the plug-in provider is available in the provider's Data Privacy Declaration. It also provides further information on your rights in this respect and settings you can change to protect your privacy: www.google.de/intl/de/policies/privacy. Google processes your personal data in the USA as well, and is subject to the EU-US Privacy Shield, www.privacyshield.gov/EU-US-Framework.

14.4.    We use Google Maps in the interest of designing our online services in an attractive manner and to make it easier to find the locations described on our website. This is part of our legitimate interest in the sense of Art. 6 para. 1 lit. f GDPR.


15.    Google reCAPTCHA

15.1.    We use “Google reCAPTCHA” (hereinafter referred to as “reCAPTCHA”) on our websites. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).

15.2.    reCAPTCHA is used to check whether the data entered on our website (for instance into a contact form) was entered by a human or an automated program. To do so, reCAPTCHA analyses the behaviour of the website visitor based on different features. The analysis starts automatically once the website visitor accesses the website. To analyse user behaviour, reCAPTCHA evaluates a variety of information (such as IP address, dwell time the website user spends on the website, or mouse movements made by the user). Data recorded during the analysis is transmitted to Google.

15.3.    reCAPTCHA analyses run fully in the background. Website visitors are not informed that an analysis is being carried out.

15.4.    Data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its web services from fraudulent automated spying and spam.

15.5.    Further information on Google reCAPTCHA and the Google Data Privacy Declaration are provided at the following links: policies.google.com/privacy;https://www.google.com/recaptcha/intro/android.html.

16. Legal basis of processing

Art. 6 I lit. a GDPR serves as the legal basis for processing carried out by PlanToBuild if we obtain your consent for the specific purpose of processing. If we need to process personal data to fulfil a contract to which the data subject is a contractual party, such as in the case of processing required to provide a certain service or return service, then processing is based on Art. 6 I lit. b GDPR. The same applies to processing necessary to carry out pre-contractual measures, for instance in the case of inquiries on our products or services. If PlanToBuild is subject to a legal obligation requiring the processing of personal data, for example to fulfil tax-related obligations, then processing is based on Art. 6 I lit. c GDPR. Finally, processing may be carried out based on Art. 6 I lit. f GDPR. Processing not covered by any of the above legal bases is carried out on this basis, if processing is necessary to safeguard our legitimate interests or those of a third party, insofar as the interests, basic rights and basic freedoms of the data subject do not outweigh our interests. 

As of: May 2019

12.1 Diese Website benutzt Google Analytics, einen Webanalysedienst der Google Inc. („Google“).1, 2 Google Analytics verwendet sog. „Cookies“, Textdateien, die auf Ihrem Computer gespeichert werden und die eine Analyse der Benutzung der  Website durch Sie ermöglichen. Die durch den Cookie erzeugten Informationen über Ihre Benutzung dieser Website werden in der Regel an einen Server von Google in den USA übertragen und dort gespeichert. Im Falle der Aktivierung der IPAnonymisierung auf dieser Website, wird Ihre IP-Adresse von Google jedoch innerhalb von Mitgliedstaaten der Europäischen Union oder in anderen Vertragsstaaten des Abkommens über den Europäischen Wirtschaftsraum zuvor gekürzt. Nur in Ausnahmefällen wird die volle IP-Adresse an einen Server von Google in den USA übertragen und dort gekürzt. Im Auftrag des Betreibers dieser Website wird Google diese Informationen benutzen, um Ihre Nutzung der Website auszuwerten, um Reports über die Website-Aktivitäten zusammenzustellen und um weitere mit der Website-Nutzung und der Internetnutzung verbundene Dienstleistungen gegenüber dem Website-Betreiber zu erbringen.

12.2 Die im Rahmen von Google Analytics von Ihrem Browser übermittelte IP-Adresse wird nicht mit anderen Daten von Google zusammengeführt.

12.3 Sie können die Speicherung der Cookies durch eine entsprechende Einstellung Ihrer Browser-Software verhindern; wir weisen Sie jedoch darauf hin, dass  Sie in diesem Fall gegebenenfalls nicht sämtliche Funktionen dieser Website  vollumfänglich werden nutzen können.

12.4 Sie können darüber hinaus die Erfassung der durch das Cookie erzeugten und auf Ihre Nutzung der Website bezogenen Daten (inkl. Ihrer IP-Adresse) an Google sowie die Verarbeitung dieser Daten durch Google verhindern, indem Sie das unter dem folgenden Link verfügbare Browser-Plug-in herunterladen und installieren.

12.5 Diese Website verwendet Google Analytics mit der Erweiterung „_anonymizeIp()“. Dadurch werden IP-Adressen gekürzt weiterverarbeitet, eine direkte Personenbeziehbarkeit kann damit ausgeschlossen werden. 

12.6 Die Nutzung von Google Analytics erfolgt in Übereinstimmung mit den  Voraussetzungen, auf die sich die deutschen Datenschutzbehörden mit Google verständigten.

Informationen des Drittanbieters: Google Dublin, Google Ireland Ltd. Gordon House, Barrow Street, Dublin 4, Ireland Fax: +353 (1) 436 1001 Nutzerbedingungen Übersicht zum Datenschutz sowie die Datenschutzerklärung. 

12.7 Die Rechtsgrundlage dieser Verarbeitung eine Einwilligung im Sinne des Art. 6 Abs. 1 lit. a. DSGVO.

Zusammen mit Google Analytics nutzen wir Google Ads, um Anzeigen im  Werbenetzwerk von Google zu schalten (etwa in der Google-Suche oder auf  Webseiten). Dies ermöglicht uns, Anzeigen und Werbung auf unserer Webseite und  im Werbenetzwerk von Google zielgerichteter anzuzeigen und an Ihren  Interessen auszurichten. Dazu nutzen wir sogenanntes Remarketing und Conversion-Tracking. Remarketing erlaubt es, Ihnen auf einer anderen Website Werbung für ein Produkt anzuzeigen, für das Sie sich bereits beim Besuch unserer Webseite interessiert haben. Zu diesem Zweck wird beim Abruf unserer und anderer Webseiten, die Teil des Werbenetzwerkes von Google sind, ein sog. Web-Beacon eingebunden. Dabei handelt es sich um  speziellen Code von Google, der mittels eines Cookies auf Ihrem Endgerät speichert, welche Webseiten Sie besucht, für welche Inhalte Sie sich interessiert haben und  auf welche Angebote Sie geklickt haben. Außerdem werden Informationen zum  Betriebssystem, dem Browser, zur vorher besuchten Website, Verweildauer und weitere Angaben zur Nutzung. Zusätzlich wird ein sogenannter Conversion-Cookie gesetzt. Mit Hilfe dieses Cookies können wir erfassen, wie viele Besucher auf eine unserer Anzeigen geklickt hat. Uns wird allerdings dabei nur eine Gesamtzahl angezeigt und wir erhalten keinerlei Angaben, die einen Nutzer persönlich identifizieren. Ihre Daten werden im Rahmen des Werbenetzwerkes von Google nur pseudonym verarbeitet. Es werden daher keine Daten aus den Cookies mit einem Namen oder einer E-Mail-Adresse verknüpft, es sei denn, ein Nutzer hat in seinen Google-Einstellungen Google etwas Anderes gestattet. 

Sofern wir Sie auf unserem Cookie-Banner um Ihr Einverständnis bitten, beruht die Verarbeitung auf der Rechtsgrundlage der Einwilligung gem. Art. 6 Abs. 1 lit. a DSGVO. Ansonsten werden die personenbezogenen Daten auf Grundlage unserer berechtigten Interessen nach Art. 6 Abs. 1 lit. a DSGVO verarbeitet, nämlich dem Interesse an einer besseren Analyse, der Verbesserung und wirtschaftlichen Umsetzung unseres Angebots. Soweit Daten in den USA verarbeitet werden, weisen wir daraufhin, dass Google unter dem Privacy-Shield-Abkommen zertifiziert ist und hierdurch zusichert, das europäische Datenschutzrecht einzuhalten (www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Weitere Informationen zur Datennutzung durch Google, Einstellungs- und Widerspruchsmöglichkeiten, erfahren Sie in der Datenschutzerklärung von Google (policies.google.com/technologies/ads) sowie in den Einstellungen für die Darstellung von Werbeeinblendungen durch Google (adssettings.google.com/authenticated). Für weitere Angaben zu Google siehe oben.