We want you to feel safe on our website. The protection of your privacy is very important to us and you can rely on transparent and fair data processing on this website. The following data protection information is intended to inform you about how the website works, when personal data is collected and how this data is processed. We adhere to the provisions of German data protection law and the requirements of the European General Data Protection Regulation (GDPR).
1. NAME AND CONTACT DETAILS OF THE PERSON RESPONSIBLE FOR DATA PROTECTION
PLAN FORWARD GmbH
Phone: +49 (0)711 99 33 79-0
Email: info [at] plan-forward.de
Data protection officer
Digital DSB GmbH - Ms. Tanja Feldmann
You can contact our data protection officer at:
info [at] plan-forward.de
2. COLLECTION AND STORAGE OF PERSONAL DATA AS WELL AS TYPE AND PURPOSE OF THEIR USE
As a matter of principle, we only collect and use personal data from you if this is necessary for the provision of a functioning website or for the provision of services.
When you call up our website, the browser you use automatically sends information to our website server. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automated deletion (storage period: 3 days):
• IP address
• Date and time of the request
• Time zone difference to GMT
• Content of the web page
• Access status (HTTP status)
• Amount of data transferred
• Website from which you came to our website
• Web browser
• Operating system
• Language and version of the browser
If an error occurs when calling up the website, a so-called error log is also created. The following data is stored and deleted after 30 days at the latest:
• IP address
• Date and time of the error
• error code
• Error message in text form
A personal evaluation of these server log files does not take place. The provider cannot assign this data to specific persons at any time. A combination of this data with other data sources is not made.
If you provide us with personal data by e-mail or via our website, this is generally done on a voluntary basis. This data is used by us to process your inquiries. We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are legal retention obligations.
The legal basis for data processing is Art. 6 sec. 1 p. 1 lit. f GDPR. Our legitimate interest follows from the purposes for data collection listed above. In no case do we use the collected data for the purpose of drawing conclusions about you.
3. TRANSFER OF DATA
We do not transfer your personal data to third parties for purposes other than those listed below. We only pass on your personal data to third parties if:
• you have given your express consent to do so in accordance with Art. 6 sec. 1 p. 1 lit. a GDPR,
• the disclosure is necessary for the assertion, exercise or defense of legal claims pursuant to Art. 6 sec. 1 p. 1 lit. f GDPR and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
• in the event that there is a legal obligation for disclosure pursuant to Art. 6 (1) p. 1 lit. c GDPR, as well as
• this is legally permissible and necessary according to Art. 6 sec. 1 p. 1 lit. b GDPR for the processing of contractual relationships with you.
4. SERVER PROVIDER
The server provider acting on our behalf and in accordance with our instructions (commissioned data processing within the meaning of Art. 28 GDPR) is jweiland.net, Jochen Weiland, Echterdinger Straße 57 - Gebäude 9, 70794 Filderstadt. There, all data that accrue within the scope of this online offer will be processed.
The data transfer to the service provider is based on Art. 6 sec. 1, f GDPR because of the legitimate interest in an efficient and secure provision of our online offer according to Art. 6 sec. 1 lit. f GDPR in conjunction with Art. 28 GDPR. Art. 28 GDPR.
We refrain from using cookies and advertising trackers.
6. DATA SUBJECT RIGHTS PURSUANT TO GDPR
You have the right:
• In accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;
• in accordance with Art. 16 GDPR, to demand the immediate correction of incorrect or completion of your personal data stored by us;
• pursuant to Art. 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
• pursuant to Art. 18 GDPR, to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer need the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 GDPR;
• pursuant to Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller;
• in accordance with Art. 7 (3) GDPR, to revoke your consent once given to us at any time. This has the consequence that we may no longer continue the data processing, which was based on this consent, for the future; and
• to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company for this purpose.
7. RIGHT OF OBJECTION
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation. If you would like to exercise your right of revocation or objection, this is possible without any formalities under the contact details mentioned under point 1. An e-mail to stuttgart [at] plan-forward.de is also sufficient.
8. ROUTINE DELETION AND BLOCKING OF PERSONAL DATA AND STORAGE PERIOD
We process or store personal data only for the period of time necessary to achieve the stated purpose or insofar as this has been provided for by the European Directive and Regulation Maker or another legislator in laws or regulations to which the responsible party is subject.
If the stated purpose ceases to apply or if a storage period prescribed by the European Directive and Regulation Maker or another competent legislator expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.
9. DATA SECURITY AND ENCRYPTION
We use the widespread SSL (Secure Socket Layer) procedure on our website in conjunction with the highest encryption level supported by your browser. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
We use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. These security measures are continuously improved in line with technological developments.
10. EXISTENCE OF AUTOMATED DECISION-MAKING
We do not use automated decision making or profiling.