Interessentinnen und Interessenten sind all diejenigen Personen, die sich für unser Produkt und unsere weiteren Dienstleistungen interessieren und regelmäßig über neues informiert werden.
Personenbezogene Daten von Interessentinnen und Interessenten werden im Rahmen folgender Verarbeitungstätigkeiten zu den nachgenannten Zwecken verarbeitet:
Processing activity
Providing information
Event Management
Personal contact
Purpose of processing
To provide information about news, products and services
Planning and organization of training and information events of CALPANA
To provide information about news, products and services in a personal conversation
The legal basis for the processing of personal data of interested parties is based on the following legal basis or legitimate interests:
Processing activity
Providing information
Event Management
Personal contact
Legal basis / legitimate interest
Consent
Consent
Consent
Within the scope of the processing activity “Provision of Information”, “Event Management” and “Personal Contact”, joint processing of CALPANA Austria and CALPANA Germany may occur. The object of the processing is the management of contacts in order to provide cross-border services accordingly.
The following categories of personal data are processed in the listed processing activities:
Processing activity
Providing information, personal contact
Event Management
Data category
Contact maintenance data
Contact details for events
Types of data contained therein
Data includes name, telephone number, e-mail, address, function in the company and additional notes (interest of the interested party – to the product, service or events, for example).
Data includes name, phone number, e-mail, address and possibly billing address.
In the context of the processing activities we carry out, we do not transfer personal data, of the groups of data subjects concerning you, to any recipients or categories of recipients.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Contact maintenance data
Contact details for events
Storage duration
Until revoked.
Until shortly after the end of the event.
Deletion period
Immediately after revocation.
Immediately after storage period.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Contact maintenance data
Contact details for events
Origin
From the person concerned himself.
From the person concerned himself.
No automated decision-making, including profiling, is carried out in any of the above-mentioned processing activities.
Customers are all those persons who request and purchase products and services from us. Personal data of customers are processed within the scope of the following processing activities for the purposes mentioned below:
Processing activity
Order processing
Providing information
Event Management
Purpose of processing
Processing of orders and invoicing of services.
To provide information about products and services.
Planning and organizing events to present the company and its products and services.
The legal basis for the processing of personal data of customers is based on the following legal basis or legitimate interests:
Processing activity
Order processing
Providing information
Event Management
Legal basis / legitimate interest
Respective contract with the customer.
Legitimate interest (maintaining contact).
Consent, legitimate interest (maintaining contact).
In the context of the processing activity “order processing”, joint processing of CALPANA Austria and CALPANA Germany may occur. The object of the processing in this regard is the management of contacts for the provision of the services to be provided under the joint contracts or agreements.
However, only the contact details (name, e-mail, address and telephone number) are processed.
The following categories of personal data are processed in the listed processing activities:
Processing activity
Order processing, providing information
Order processing
Event Management
Order processing
Data category
Customer master data
Customer properties
Contact details for events
Project data
Types of data contained therein
Data includes name, address, company registration number, UID (VAT ID), e-mail and telephone number.
Data includes sales, payment history, contacts, and quotes.
Data includes name, phone number, e-mail, address and possibly billing address.
Data includes backups of project files.
In the context of the processing activities we carry out, we do not transfer personal data, of the groups of data subjects concerning you, to any recipients or categories of recipients.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Customer master data
Customer properties
Contact details for events
Project data
Storage duration
Austria: As long as the business relationship continues and all receivables have been settled. After that, the processing is restricted and the data is stored for 7 years after the approved annual financial statement (according to BAO).
Germany: As long as the business relationship continues and all receivables have been settled. Thereafter, processing is restricted and the data is stored for 10 years after the approved annual financial statements (in accordance with Section 147 (3) in conjunction with (1) Nos. 1, 4 and 4a AO, Section 14b (1) UStG).
Austria: As long as the business relationship continues and all receivables have been settled. After that, the processing is restricted and the data is stored for 7 years after the approved annual financial statement (according to BAO).
Germany: As long as the business relationship continues and all receivables have been settled. Thereafter, processing is restricted and the data is stored for 10 years after the approved annual financial statements (in accordance with Section 147 (3) in conjunction with (1) Nos. 1, 4 and 4a AO, Section 14b (1) UStG).
Until shortly after the end of the event or after the termination of the business relationship.
Austria: As long as the business relationship continues and all receivables have been settled. After that the
Processing restricted and data stored for 7 years after approved annual financial statements (according to BAO).
Germany: As long as the business relationship continues and all receivables have been settled. Thereafter, processing is restricted and the data is stored for 10 years after the approved annual financial statements (in accordance with Section 147 (3) in conjunction with (1) Nos. 1, 4 and 4a AO, Section 14b (1) UStG).
Deletion period
After the storage period within a deletion cycle of one year.
After the storage period within a deletion cycle of one year.
Immediately after the storage period.
Immediately after the storage period.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Customer master data
Customer properties
Contact details for events
Project data
processing activities automated decision making including profiling is performed.
Origin
From customer contact or prospect contact.
From customer contact or prospect contact.
From customer contact or prospect contact.
From the customer himself.
Suppliers are all those persons who hand over or provide goods or services to our company by delivery.
Personal data of suppliers are processed within the scope of the following processing activities for the purposes mentioned below:
Processing activity
Service provision
Purpose of processing
In the course of providing the service of suppliers, data of the contact persons are processed.
The legal basis for the processing of personal data of suppliers is based on the following legal basis or legitimate interests:
Processing activity
Service provision
Legal basis / legitimate interest
Respective contract with the supplier
In the context of the processing activity “provision of services”, joint processing by CALPANA Austria and CALPANA Germany may occur. The object of the processing is the management of contacts for the acquisition and use of uniform services.
However, only the contact details (name, e-mail, address and telephone number) are processed.
The following categories of personal data are processed in the listed processing activities:
Processing activity
Service provision
Data category
Supplier contact data
Types of data contained therein
Data includes name, telephone number, e-mail and address.
In the course of the processing activities carried out by us, we transmit personal data, of the categories of data subjects concerning you, to the following recipients or categories of recipients:
Data type
Bank details, name
Receiver
Bank
EU third country [J/N]
N
Purpose of the transmission
Implementation of the settlement.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Supplier contact data
Storage duration
Austria: As long as the business relationship continues and all liabilities have been settled. After that, processing is restricted and data is stored for 7 years after approved annual financial statements (according to BAO), due to the retention of invoice data.
Germany: As long as the business relationship continues and all liabilities have been settled. After that, processing is restricted and the data is stored for 10 years after the approved annual financial statements (in accordance with § 147 para. 3 in conjunction with para. 1 nos. 1, 4 and 4a AO, § 14b para. 1 UStG), due to the retention of invoice data.
Deletion period
After the storage period within a deletion cycle of one year.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Supplier contact data
No automated decision-making, including profiling, is carried out in any of the above-mentioned processing activities.
Origin
From the supplier itself.
Training participants are all those persons who take part in training courses of our company and thereby obtain special or extended qualifications and advanced training in the use of the software or other subject areas. Likewise, customers can also be considered as training participants.
Personal data of training participants are processed within the framework of the following processing activities for the purposes mentioned below:
Processing activity
Implementation of external trainings
Purpose of processing
Conduct external training for continuing education and obtain additional qualifications.
The legal basis for the processing of personal data of training participants is based on the following legal basis or legitimate interests:
Processing activity
Implementation of external trainings
Legal basis / legitimate interest
Contract (service)
The following categories of personal data are processed in the listed processing activities:
Processing activity
Implementation of external trainings
Data category
Training participant data
Types of data contained therein
Data include company name, name, address, status of completed trainings and exams
In the context of the processing activities we carry out, we do not transfer personal data, of the groups of data subjects concerning you, to any recipients or categories of recipients.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Training participant data
Origin
From the person concerned himself.
No automated decision-making, including profiling, is carried out in any of the above-mentioned processing activities.
Data category
Training participant data
Storage duration
Until the termination of the business relationship. Except the tests are kept for a period of 3 years, for traceability and issuance of a certificate if necessary.
Deletion period
Immediately after the storage period.
Applicants are all those persons who apply to a vacant position or through a speculative application in the company.
Personal data of applicants are processed within the scope of the following processing activities for the purposes mentioned below:
Processing activity
Applicant Management
Purpose of processing
Selection of a person suitable for the vacant position.
The legal basis for the processing of personal data of applicants is based on the following legal basis or legitimate interests:
Processing activity
Applicant Management
Legal basis / legitimate interest
Contract (Pre-contractual relationship)
The following categories of personal data are processed in the listed processing activities:
Processing activity
Applicant Management
Data category
Applicant data
Types of data contained therein
Data include master data (name, address, telephone number, date of birth, gender, ev. religious confession, marital status), professional certificates, application photo, certificates, application letter (are personal data and contents of the applicant indicated, which he / she reveals himself). It may include, among others, Art. 9 data (health data, religious confession) or Art. 10 data (criminal convictions).
In the context of the processing activities we carry out, we do not transfer personal data, of the groups of data subjects concerning you, to any recipients or categories of recipients.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Applicant data
Storage duration
Austria: 6 months after the position was filled or rejected (according to GlBG) incl. a buffer period of one month.
Germany: 2 months after cancellation
Deletion period
Immediately after the storage period.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Applicant data
Origin
From the applicant or staffing agency.
No automated decision-making, including profiling, is carried out in any of the above-mentioned processing activities.
Website visitors are all those persons who, within a certain measured time, call up our website and thus “visit” it.
Personal data of website visitors are processed within the scope of the following processing activities for the purposes mentioned below:
Processing activity
Processing of contact requests
Purpose of processing
Process website form requests to ensure appropriate support to requestors.
The legal basis for the processing of personal data of website visitors is based on the following legal basis or legitimate interests:
Processing activity
Processing of contact requests
Legal basis / legitimate interest
Legitimate interest (business processing)
The following categories of personal data are processed in the listed processing activities:
Processing activity
Processing of contact requests
Data category
Contact form
Types of data contained therein
Data are the subject and the exact description of the request, name, phone number and e-mail.
In the context of the processing activities we carry out, we do not transfer personal data, of the groups of data subjects concerning you, to any recipients or categories of recipients.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Contact form
Storage duration
The data is stored until the support case is closed or beyond that for up to one year to ensure appropriate traceability.
Deletion period
Immediately after the storage period.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Contact form
Origin
From the person concerned himself.
No automated decision-making, including profiling, is carried out in any of the above-mentioned processing activities.
External service providers are all those persons to whom companies provide services and charge accordingly.
Personal data of external service providers are processed within the scope of the following processing activities for the purposes mentioned below:
Processing activity
Service provision
Activity allocation
Purpose of processing
Verification of the fulfillment of the external service provider’s performance.
Billing for the performance of external service providers.
The legal basis for the processing of personal data of external service providers is based on the following legal basis or legitimate interests:
Processing activity
Service provision
Activity allocation
Legal basis / legitimate interest
The respective contract with the external service provider.
The respective contract with the external service provider.
Austria: Legal basis (§132 BAO)
Germany: Legal basis (§ 147 AO, § 257 HGB)
The following categories of personal data are processed in the listed processing activities:
Processing activity
Service Delivery,
Activity allocation
Data category
Data from external service provider
Types of data contained therein
Data include company name, name, telephone number, bank details, performance and remuneration.
In the course of the processing activities carried out by us, we transmit personal data, of the categories of data subjects concerning you, to the following recipients or categories of recipients:
Data type
Bank details, name, fee
Receiver
Bank
EU third country [J/N]
N
Purpose of the transmission
Implementation of the settlement.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Data from external service provider
Storage duration
Austria: As long as the business relationship continues and all liabilities have been settled. After that, processing is restricted and data is stored for 7 years after approved annual financial statements (according to BAO), due to the retention of invoice data.
Germany: As long as the business relationship continues and all liabilities have been settled. Thereafter, the processing is restricted and the data is stored for 10 years after the approved annual financial statements (§ 147 para. 3 in connection with para. 1 No. 1, 4
Deletion period
Immediately after the storage period.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Data from external service provider
Origin
From the external service provider itself.
No automated decision-making, including profiling, is carried out in any of the above-mentioned processing activities.
Third parties are all those persons who do not fall under one of the other categories of data subjects.
Personal data of third parties are processed within the scope of the following processing activities for the purposes mentioned below:
Processing activity
erroneous contact
Purpose of processing
Processing of erroneous contact via e-mail.
The legal basis for the processing of personal data of third parties is based on the following legal basis or legitimate interests:
Processing activity
erroneous contact
Legal basis / legitimate interest
Legitimate interest (processing of requests)
The following categories of personal data are processed in the listed processing activities:
Processing activity
erroneous contact
Data category
Third party contact details
Types of data contained therein
Data includes name, telephone number and e-mail.
In the context of the processing activities we carry out, we do not transfer personal data, of the groups of data subjects concerning you, to any recipients or categories of recipients.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Third party contact details
Storage duration
Erroneous emails will be accepted and kept as long as they are processed.
Deletion period
Immediately after the storage period.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Third party contact details
Origin
by the person concerned himself
No automated decision-making, including profiling, is carried out in any of the above-mentioned processing activities.
Newsletter recipients are all those persons who register to receive the newsletter.
Personal data of newsletter recipients are processed within the scope of the following processing activities for the purposes mentioned below:
Processing activity
Newsletter
Purpose of processing
Sending information about the product, events, general information about CRISAM, CALPANA and risk management.
The legal basis for the processing of personal data of newsletter recipients is based on the following legal basis or legitimate interests:
Processing activity
Newsletter
Legal basis / legitimate interest
Consent
The following categories of personal data are processed in the listed processing activities:
Processing activity
Newsletter
Data category
Newsletter form
Types of data contained therein
Data are title, name and email address.
In the context of the processing activities we carry out, we do not transfer personal data, of the groups of data subjects concerning you, to any recipients or categories of recipients.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Newsletter form
Storage duration
Until revoked.
Deletion period
1 year after revocation for traceability.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Newsletter form
Origin
From the person concerned himself.
No automated decision-making, including profiling, is carried out in any of the above-mentioned processing activities.
