Overview

The following data protection information informs you about the type and scope of processing of so-called personal data by Allocation. Personal data is information that is or can be directly or indirectly assigned to your person.

Data processing by Allocation can essentially be divided into two categories:

– For the purpose of contract processing, all data required for the execution of a contract with the Allocation is processed. If external service providers are also involved in the execution of the contract, e.g. logistics companies or payment service providers, your data will be passed on to them to the extent necessary in each case.

– When you access the website/application of the Allocation, various information is exchanged between your terminal and our server. This may also involve personal data. The information collected in this way is used, among other things, to optimise our website or to display advertising in the browser of your terminal device.

In accordance with the DSGVO, you have various rights which you can assert against us. These include the right to object to selected data processing, in particular data processing for advertising purposes. The possibility to object is highlighted in print / you can quickly recognise it by the following symbol /…

If you have any questions regarding our data protection information, you are welcome to contact our company data protection officer at any time. The contact details are

Guido Flick

Colonnaden 18

20354 Hamburg

datenschutz@allocation.net

the name and contact details of the controller and the company data protection officer

This data protection information applies to data processing by

Allocation Network GmbH
Arabellastraße 17
81925 Munich

website: www.allocation.net

Management: Bernhard Soltmann, Andreas Vollmann, Andreas Prohaska

Seat of the company: Munich, HRB No. 122527 Munich Local Court

(“Responsible Person”), and for the following websites or applications: www.allocation.net. Questions regarding data protection can be sent by e-mail to datenschutz@allocation.net.

Purposes of data processing, legal bases and legitimate interests pursued by the Allocation or a third party and categories of recipients

Accessing our website/application

When you call up our website/application, the browser used on your end device automatically sends information to the server of Hetzner Online GmbH, Gunzenhausen of our website/application and temporarily stores it in a so-called log file. We have no influence on this. The following information is also recorded without your intervention and stored until it is automatically deleted:

– the IP address of the requesting Internet-enabled device,

– the date and time of access,

– the name and the URL of the retrieved file,

– the website/application from which the access was made (referrer URL)

– the browser you use and, if applicable, the operating system of your Internet-capable computer and the name of your access provider.

The legal basis for the processing of the IP address is Art. 6 para. 1 letter f) DSGVO. Our legitimate interest follows from the purposes of data collection listed below. At this point, we would like to point out that we cannot draw any direct conclusions about your identity from the data collected, nor are we able to do so.

The IP address of your terminal device and the other data listed above are used by us for the following purposes:

– Guarantee of a smooth connection establishment,

– Guarantee a comfortable use of our website/application,

– Evaluation of system security and stability.

The data is stored for a period of 14 26 days and then automatically deleted. Furthermore, we use so-called cookies, tracking tools, targeting methods and social media plug-ins for our website/application. The exact nature of these methods and how your data is used for this purpose is explained in more detail in section 3.4 below.

If you have agreed to so-called geolocation in your browser or operating system or other settings of your end device, we use this function to offer you individual services related to your current location (e.g. the location of the nearest branch). We process your location data processed in this way exclusively for this function. The data will be deleted when you stop using it.

Conclusion, implementation or termination of a contract

The object of the allocation is the sale or lease of software and services. In this context, we process the data required for the conclusion, execution or termination of a contract. This includes:

– First name, last name

– Invoice and delivery address

– E-mail address

– Billing and payment data

– Date of birth

– Phone number

– Order data such as type and quantity of goods ordered or services used

– Credit information and terms of payment

– Data due to complaints

– Legitimation and authentication data such as identification data, signature, company stamp and passwords

– Advertising and sales data incl. target group specific information

– Data within the scope of ongoing contact maintenance or business initiation, such as data on communication that has taken place, including date and time and purpose

– copies of correspondence, provided it is in writing, by e-mail or by fax

The legal basis for this is Art. 6 para. 1 lit. b) DSGVO, i.e. you provide us with the data on the basis of the contractual relationship between you and us. As far as we do not use your contact data for advertising purposes (see under 3.3), we will store the data collected for the execution of the contract until the expiry of the statutory or possible contractual warranty and guarantee rights. After this period has expired, we retain the information required under commercial and tax law for the contractual relationship for the legally specified periods. For this period (regularly ten years from the conclusion of the contract), the data will be reprocessed solely in the event of a review by the tax authorities.

In the event of a delay in payment, we will transfer the necessary data to a company commissioned with the assertion of the claim if the other legal requirements are met. The legal bases for this are both Art. 6 para. 1 lit. b) and Art. 6 para. 1 lit. f) DSGVO. The assertion of a contractual claim is to be regarded as a legitimate interest within the meaning of the second mentioned provision. If the other legal requirements are met, we will also forward information about the delay in payment or any loss of receivables to credit agencies cooperating with us. The legal basis for this is Art. 6 para. 1 lit. f) DSGVO. The legitimate interest required here results from our and third parties’ interest in reducing contractual risks for future contracts.

Data processing for advertising purposes

The following explanations refer to the processing of personal data for advertising purposes. The DSGVO declares such data processing on the basis of Art. 6 Para. 1 letter f) as fundamentally conceivable and as a legitimate interest. The duration of data storage for advertising purposes does not follow rigid principles and is based on the question of whether the storage is necessary for advertising purposes. In addition, we follow the principle of deleting data for advertising use after 12 months. Please refer to section 3.3.3 for information on how to proceed in the event of your objection.

Newsletter dispatch

On our website we offer you the possibility to register for our newsletter. The processing of your e-mail address is based on your consent (Art. 6 para. 1 lit. a) DSGVO). In order to ensure that no mistakes are made when entering your e-mail address, we may use the so-called double opt-in procedure: After you have entered your email address in the registration field, we will send you a confirmation link. Only when you click on this confirmation link will your email address be added to our distribution list. You can revoke your declared consent at any time with effect for the future. For this purpose, a short note by email to the email address given under 2. is sufficient.

Order data processing with click tip

We have concluded a contract with our email marketing service provider Klick-Tipp on the procedure for processing commissioned data. This ensures that our service provider adheres to the strict regulations of German data protection law in all points when sending the newsletter. This also ensures that your data is only stored within the EU with a high level of protection. Your data will not be stored on servers outside the EU.

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. We use these data exclusively for sending the requested information and do not pass them on to third parties. You can revoke your consent to the storage of the data, the e-mail address as well as its use for sending the newsletter at any time, for example by using the “unsubscribe” link in the newsletter.

Online presence and website optimization

Cookies – General information

We use so-called cookies on our website on the basis of Art. 6 para. 1 lit. f) DSGVO. Our interest in optimising our website is thereby considered justified in the sense of the aforementioned regulation. Cookies are small files which are automatically created by your browser and stored on your end device (laptop, tablet, smartphone or similar) when you visit our website. Cookies do not cause any damage to your terminal device, do not contain viruses, Trojans or other malware. Information is stored in the cookie that is related to the specific terminal device used. This does not mean, however, that we obtain direct knowledge of your identity. The use of cookies serves on the one hand to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website or that you have already logged into your customer account. These are automatically deleted after leaving our site. In addition, we also use temporary cookies for the purpose of user-friendliness, which are stored on your end device for a certain defined period of time. If you visit our site again in order to use our services, it will be automatically recognized that you have already been with us and which entries and settings you have made so that you do not have to enter them again.

If you have a customer account and are logged in or activate the “stay logged in” function, the information stored in cookies will be added to your customer account.

On the other hand, we use cookies to record the use of our website statistically and to evaluate it for the purpose of optimising our offer for you, as well as to display information specially tailored to you. These cookies enable us to automatically recognize that you have already been with us when you visit our site again. These cookies are automatically deleted after a defined time. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you cannot use all the functions of our website. The length of time cookies are stored depends on their intended use and is not the same for everyone.

Use of Google Maps with recommendation components

On our site, we use “Google Maps” in combination with the so-called “share function” to make it easier to find and orientate our branches.  “Google Maps” is a service of the company Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter “Google”.

Whenever you call up individual web pages on which a Google Maps map is embedded, Google sets a cookie in order to process your user settings and data when displaying the visited website. Please note that this cookie is usually not deleted when the browser is closed, but only expires after a certain time, unless you delete it manually beforehand.

You can prevent this data processing by Google and a loading of the embedded contents if you deactivate the service of “Google Maps” e.g. by deactivating the Java-Script function in your browser.

The use of “Google Maps” and the information obtained via “Google Maps” is in accordance with the Google Terms of Use

http://www.google.de/intl/de/policies/terms/regional.html

and the additional terms and conditions for “Google Maps

https://www.google.com/intl/de_de/help/terms_maps.html

Use of Google Web Fonts:

For the design of our websites we use specially designed fonts, Google Fonts. Google Fonts is a web design assistant of Google Inc. (“Google”). The use of Google Web Fonts means that certain fonts are retrieved from a Google server in the USA when our website is set up. When this font is called up, the Google server is also sent which of our individual Internet pages you are calling up in your browser to build up the website. The IP address of your internet connection is also stored by Google when you access these internet pages.

You can find more information in Google’s privacy policy, which you can download here:

www.google.com/fonts#AboutPlace:about

www.google.com/policies/privacy/

Targeting

The targeting measures listed below and used by us are carried out on the basis of Art. 6 para. 1 lit. f) DSGVO. By means of the targeting measures used, we want to ensure that only advertising oriented to your actual or supposed interests is displayed on your terminal equipment. It is in both your and our interest not to bother you with advertisements that are of no interest to you.

Onsite-Targeting

Our website uses cookies to collect and evaluate information to optimise advertising. This information includes, for example, details of which of our products you were interested in. The collection and evaluation is only done pseudonymously and does not enable us to identify you. In particular, the information is not combined with personal data about you. On the basis of this information, we can display offers on our site that are specifically geared to your interests, how these arise from your previous user behaviour. The cookie is automatically deleted after 26 days.

Re-Targeting

We also use re-targeting technologies from time to time. This enables us to make our online offer more interesting, tailored to your needs. For this purpose, a cookie is set, with which data of interest is collected using pseudonyms. On the basis of this information, interest-related advertisements about our offers are displayed on the websites of our partners. No directly personal data is stored and no user profiles are merged with personal data about you. The cookie is stored for a period of 14 days and then automatically deleted.

Opposition/opt-out possibility

You can prevent the targeting technologies described above by making the appropriate cookie settings in your browser (see also 3.4.1). In addition, you have the option of using preference-based advertising using the preference manager

http://www.youronlinechoices.com/de/praferenzmanagement/

Social media plug-ins

We use social plug-ins from the social networks Facebook, Google+ and Twitter on our website on the basis of Art. 6 para. 1 lit. f) DSGVO to make our company better known. The advertising purpose behind this is to be regarded as a legitimate interest within the meaning of the DSGVO. The responsibility for data protection compliant operation is to be guaranteed by their respective providers. The integration of these plug-ins by us may be carried out using the so-called two-click method

https://www.heise.de/ct/artikel/2-Klicks-fuer-mehr-Datenschutz-1333879.html

in order to protect visitors to our website in the best possible way.

Facebook

On our website we use so-called plug-ins of the social network Facebook, which is offered by Facebook Inc. The Facebook plug-ins are marked with a Facebook logo or the addition “Like” or “Share”. An overview of the Facebook plug-ins and their appearance can be found behind the following link

https://developers.facebook.com/docs/plugins.

When you activate such a plug-in (first click), your browser establishes a direct connection to the Facebook servers. The content of the plug-in is transmitted directly from Facebook to your browser and integrated into the page. Through this integration, Facebook receives the information that your browser has called up the corresponding page of our website, even if you do not have a Facebook profile or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there. If you are logged in to Facebook, Facebook can directly assign your visit to our website to your Facebook profile. If you interact with the plug-ins, for example by clicking the “Like” button, this information is also transmitted directly to a Facebook server and stored there. The information is also published on your Facebook profile and displayed to your Facebook friends.

For the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your rights and setting options for protecting your privacy, please refer to the Facebook data protection information

http://www.facebook.com/policy.php

If you do not want Facebook to directly assign the information collected about your visit to our website to your Facebook profile, you must log out of Facebook before you visit our website. You can also completely prevent the loading of Facebook plug-ins with add-ons for your browser that can be accessed on the Internet, e.g. with the “Facebook Blocker”.

LinkedIn

Within our online offer, functions and contents of the service LinkedIn, offered by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland, can be integrated. This may include, for example, content such as images, videos or text, and buttons that allow users to express their favourites regarding the content, the authors of the content or to subscribe to our contributions. If the users are members of the LinkedIn platform, LinkedIn can assign the access to the above-mentioned contents and functions to the users’ profiles there. LinkedIn Privacy Policy:

https://www.linkedin.com/legal/privacy-policy.

LinkedIn is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law

https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active

Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

XING

Within our online offering, functions and content of the social networking service XING can be offered and integrated. Service provider: XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany; Website: https://www.xing.de; Privacy Policy: https://privacy.xing.com/de/datenschutzerklaerung.

This may include, for example, content such as images, videos or texts and buttons which users can use to announce their favors regarding the content, to tell the authors of the content or to subscribe to our articles, or to call up our profile on the XING website. If users are members of the XING platform, XING can allocate the access to the above-mentioned content and functions to the profiles of the users there.

Contact form for inquiries, registrations, news and applications

If you send us enquiries, messages, registrations or applications via the contact form, your details from the enquiry form, including the contact data and attachments provided by you there, will be stored by us for processing. Your data is transmitted to us via SSL encryption. We do not pass on your data without your consent and use it exclusively for further contact with you.

Youtube

Our website uses plugins from the YouTube site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit one of our sites equipped with a YouTubePlugin, a connection to the servers of YouTube is established. This tells the YouTube server which of our pages you have visited.

If you are logged in to your YouTube account, you allow YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

For more information on how user data is handled, please see the YouTube privacy policy:  https://www.google.de/intl/de/policies/privacy

Vimeo

Our website uses plugins from the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.

When you visit one of our sites equipped with a Vimeo plugin, a connection to the Vimeo servers is established. This tells the Vimeo server which of our pages you have visited. Vimeo also obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transferred to the Vimeo server in the USA.

If you are logged in to your Vimeo account, you allow Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account.

For more information about how Vimeo handles user data, please see the Vimeo privacy policy: https://vimeo.com/privacy.

Eventbrite

Our website uses plugins from the company Eventbrite. Provider is This website is operated by Eventbrite, Inc., a company registered at 155 5th Street, Floor 7, Delaware, San Francisco, CA 94103, USA. .

We use Eventbrite to organize registrations for events.

For more information about how we handle user information, please see Eventbrite’s privacy policy at: https://www.eventbrite.de/support/articles/de/Troubleshooting/datenschutzrichtlinien-von-eventbrite?lg=de

Recipients outside the EU

With the exception of the processing described under 3.4, we do not pass on your data to recipients based outside the European Union or the European Economic Area. The processing mentioned under 3.4 causes a data transfer to the servers of the providers of tracking or targeting technologies commissioned by us. These servers are located in the USA. The data transfer is carried out according to the principles of the so-called Privacy Shield

https://www.privacyshield.gov/welcome

and on the basis of so-called standard contractual clauses

http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF

the EU Commission.

Automated decision in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, that has legal effect on you or significantly affects you in a similar manner. This shall not apply if the decision

(1) is necessary for the conclusion or performance of a contract between you and us,

(2) is authorised by Union law or the law of the Member States to which the person responsible is subject and that law contains appropriate measures to safeguard your rights and freedoms and your legitimate interests; or

(3) with your express consent.

However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 DPA, unless Art. 9 para. 2 lit. a or g DPA applies and appropriate measures have been taken to protect rights and freedoms and your legitimate interests.

With regard to the cases referred to in (1) and (3), the data controller shall take appropriate measures to safeguard the rights and freedoms and your legitimate interests, which shall include at least the right to obtain the intervention of a person from the data controller, to present his or her point of view and to challenge the decision.

Within the framework of the initiation of business relations, we are entitled – to the extent permitted by law – to examine the risk of non-payment on the part of the customer for the purpose of deciding on the establishment, execution or termination of the purchase agreement.

In this respect, probability values for the future behaviour of the customer are collected and processed. Address data of the customer and creditworthiness data from credit agencies are also used to calculate these probability values.

For the check, we use the services of credit agencies, such as SCHUFA Holding AG (Wiesbaden) or other third parties and for this purpose, data will be transmitted from you to them or requested from them.

The collection, processing and use of data for this purpose is based on Art. 6 Para. 1 lit. b) DSGVO.

Within this legal framework, we are also entitled to transfer your data to third parties if and to the extent that this is necessary to carry out pre-contractual measures and fulfil this contract (e.g. for shipping, invoicing or customer service) in accordance with Art. 6 Para. 1 lit. b) DSGVO or to fulfil a legal obligation in the sense of Art. 6 Para. 1 lit. c) DSGVO. If necessary, we will – to the extent permitted by law – also forward this data to third parties (e.g. debt collection companies) for the purpose of claim enforcement in accordance with Art. 6 Para. 1 lit. b) and/or f) DSGVO.

Data protection and third-party websites

The website may contain hyperlinks to and from third-party websites. If you follow a hyperlink to one of these websites, please note that we cannot accept any responsibility or guarantee for third-party content or data protection conditions. Please check the applicable data protection conditions before you submit personal data to these websites.

Changes to this privacy policy

We reserve the right to change these data protection regulations at any time with effect for the future. A current version is available on the website. Please visit the website regularly and inform yourself about the applicable data protection regulations.

your rights

Overview

In addition to the right to revoke your consent granted to us, you are entitled to the following further rights if the respective legal requirements are met:

– Right to information about your personal data stored with us in accordance with Art. 15 DSGVO; in particular, you can obtain information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the origin of your data, unless it was collected directly from you,

– Right to correct incorrect data or to complete correct data in accordance with Art. 16 DSGVO,

– Right to delete your data stored with us in accordance with Art. 17 DSGVO insofar as no legal or contractual retention periods or other legal obligations or rights to further storage must be observed,

– The right to limit the processing of your data in accordance with Art. 18 DSGVO, if you dispute the accuracy of the data, if the processing is unlawful but you refuse to delete it, if the person responsible no longer needs the data but you need it to assert, exercise or defend legal claims or if you have lodged an objection to the processing in accordance with Art. 21 DSGVO,

– The right to data transferability in accordance with Art. 20 DSGVO, i.e. the right to have data about you that you have made available to us transferred in a common, machine-readable format, or to demand that it be transferred to another person responsible

– Right to appeal to a supervisory authority. As a rule, you can contact the supervisory authority at your usual place of residence or workplace or at our company headquarters.

Right of objection

Under the conditions of Art. 21 para. 1 FADP, data processing may be objected to for reasons arising from the specific situation of the data subject.

The above general right of objection applies to all processing purposes described in this Data Protection Information which are processed on the basis of Art. 6 para. 1 letter f) FADP. In contrast to the special right of objection aimed at data processing for advertising purposes (see above), under the DSGVO we are only obliged to implement such a general right of objection if you give us reasons of overriding importance (e.g. a possible danger to life or health). In addition, there is the possibility of contacting a competent supervisory authority.

Data security

All data transmitted by you personally, including your payment details, are transmitted using the generally accepted and secure standard SSL (Secure Socket Layer). SSL is a secure and proven standard that is also used, for example, in online banking. You can recognise a secure SSL connection by, among other things, the attached s at http (i.e. https://…) in the address bar of your browser or by the lock symbol at the bottom of your browser.

We also use suitable technical and organisational security measures to protect your personal data stored with us against manipulation, partial or complete loss and against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments and the technical equipment is certified by various DIN standards.

Notes on registration for webinars (Webinaris)

Visitors to this website can register for webinars offered. The registration is done via a registration form, which is integrated into the website via iFrame and linked to the Webinaris software. In addition, interested parties can register for the webinar via the external landing page created directly at Webinaris.

By registering for Allocation Network’s webinars, you agree to provide us with your first name, last name and e-mail address. Furthermore, the data you provide when registering for and attending webinars will only be used for internal statistical analysis and will not be passed on to third parties.

Furthermore, the Webinaris privacy policy applies:

Provider of Webinaris is the Webinaris GmbH, Bussardstr. 5.2,82166 Gräfelfing. This insures for data protection literally as follows: https://www.webinaris.com/datenschutzerklaerung/

Registration for the internal area (DigiMember)

We offer a member area on our site, which gives you a deep insight into our software after registration. Since these pages contain sensitive information that we do not want to make accessible to everyone, we need the following data from you for verification: Company, first name, surname, position. The e-mail address is recorded because the access data is sent by e-mail. This information will never be passed on to third parties and is only used for the release for the internal area.

For this we use the software DigiMember .

Does DigiMember store IP addresses in plain text?

DigiMember stores the IP address to prevent fraud. IP addresses are not stored in plain text, but as a hash value (a kind of checksum). Then the IP address is no longer visible – not even to us. However, DigiMember can still check from how many IP addresses the access takes place.

How can I delete my data (right to be “forgotten”)?

In your account under the function “delete account”. This allows members to irretrievably delete their WordPress account.

 

To prevent accidental deletion, a password must be entered and a further confirmation by mouse click is required. If both is done by a member, the WordPress account and also the access to all products will be deleted.

How can members find out what data has been saved about them?

With the DigiMember there is the function “Export personal data”. By clicking on “Export personal data” 2 files are created which can be downloaded afterwards.

The member can download the data as XML and/or text file and gets information about his stored personal data.