Interested parties are all those people who are interested in our product and our other services and / or are regularly informed about news.
Personal data of interested parties are processed within the scope of the following processing activities for the purposes mentioned below:
Processing activity
Providing information
Personal contact
Purpose of processing
To provide information about news, products and services
To provide information about news, products and services in a personal conversation
The legal basis for the processing of personal data of interested parties is based on the following legal basis or legitimate interests:
Processing activity
Providing information
Personal contact
Legal basis / legitimate interest
Consent
Consent
In the context of the processing activity “Provision of information” and “Personal contact”, joint processing of CALPANA Austria and CALPANA Germany may occur. The object of the processing here is the management of contact data in order to provide cross-border services.
The following categories of personal data are processed in the listed processing activities:
Processing activity
Providing information, personal contact
Data category
Contact maintenance data
Types of data contained therein
Data includes name, phone number, e-mail, address, function in the company and additional notes (interest of the interested party to the product, service or events).
In the course of the processing activities carried out by us, we do not transfer personal data of the data subject groups concerning you to any recipients or categories of recipients.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Contact maintenance data
Storage duration
Until revoked.
Deletion period
Immediately after revocation.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Contact maintenance data
Origin
From the person concerned himself.
No automated decision-making, including profiling, is used in any of the above-mentioned processing activities. profiling carried out.
Customers are all those persons who demand and purchase our products and services. Personal data of customers are processed within the scope of the following processing activities for the purposes mentioned below:
Processing activity
Order processing
Providing information
Purpose of processing
Processing of orders and invoicing of services.
To provide information about products and services.
The legal basis for the processing of personal data of customers is based on the following legal basis or legitimate interests:
Processing activity
Order processing
Providing information
Legal basis / legitimate interest
Respective contract with the customer.
Legitimate interest (maintaining contact).
In the context of the processing activity “order processing”, joint processing of CALPANA Austria and CALPANA Germany may occur. The object of the processing here is the management of contact data for the provision of the services to be provided under the joint contracts or agreements.
However, only the contact details (name, e-mail, address and telephone number) are processed.
The following categories of personal data are processed in the listed processing activities:
Processing activity
Order processing
Providing information
Order processing
Order processing
Data category
Customer master data
Customer properties
Project data
Types of data contained therein
Data includes name, address, company registration number, UID (VAT ID), e-mail and telephone number.
Data includes sales, payment history, contacts, and quotes.
Data includes backups of project files.
In the course of the processing activities carried out by us, we do not transfer personal data of the relevant groups of data subjects to any recipients or categories of recipients.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Customer master data
Customer properties
Project data
Storage duration
Austria: As long as the business relationship continues and all receivables have been settled. After that, the processing is restricted and the data is stored for 7 years after the approved annual financial statement (according to BAO).
Germany: As long as the business relationship continues and all receivables have been settled. Thereafter, processing is restricted and the data is stored for 10 years after the approved annual financial statements (in accordance with Section 147 (3) in conjunction with (1) Nos. 1, 4 and 4a AO, Section 14b (1) UStG).
Austria: As long as the business relationship continues and all receivables have been settled. After that, the processing is restricted and the data is stored for 7 years after the approved annual financial statement (according to BAO).
Germany: As long as the business relationship continues and all receivables have been settled. Thereafter, processing is restricted and the data is stored for 10 years after the approved annual financial statements (in accordance with Section 147 (3) in conjunction with (1) Nos. 1, 4 and 4a AO, Section 14b (1) UStG).
Austria: As long as the business relationship continues and all receivables have been settled. After that the
Processing restricted and data stored for 7 years after approved annual financial statements (according to BAO).
Germany: As long as the business relationship continues and all receivables have been settled. Thereafter, processing is restricted and the data is stored for 10 years after the approved annual financial statements (in accordance with Section 147 (3) in conjunction with (1) Nos. 1, 4 and 4a AO, Section 14b (1) UStG).
Deletion period
After the storage period within a deletion cycle of one year.
After the storage period within a deletion cycle of one year.
Immediately after the storage period.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Customer master data
Customer properties
Project data
No automated decision-making, including profiling, is used in any of the above-mentioned processing activities. profiling carried out.
Origin
From customer contact or prospect contact.
From customer contact or prospect contact.
From the customer himself.
Suppliers are all those persons who hand over or provide goods or services to our company by delivery.
Personal data of suppliers are processed within the scope of the following processing activities for the purposes mentioned below:
Processing activity
Service provision
Purpose of processing
In the course of providing the service of suppliers, data of the contact persons are processed.
The legal basis for the processing of personal data of suppliers is based on the following legal basis or legitimate interests:
Processing activity
Service provision
Legal basis / legitimate interest
Respective contract with the supplier
In the context of the processing activity “provision of services”, joint processing by CALPANA Austria and CALPANA Germany may occur. The object of the processing is the management of contacts for the acquisition and use of uniform services.
However, only the contact details (name, e-mail, address and telephone number) are processed.
The following categories of personal data are processed in the listed processing activities:
Processing activity
Service provision
Data category
Supplier contact data
Types of data contained therein
Data includes name, telephone number, e-mail and address.
As part of the processing activities we carry out, we transfer personal data of the data subjects concerning you to the following recipients or categories of recipients:
Data type
Bank details, name
Receiver
Bank
EU third country [J/N]
N
Purpose of the transmission
Implementation of the settlement.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Supplier contact data
Storage duration
Austria: As long as the business relationship continues and all liabilities have been settled. After that, processing is restricted and data is stored for 7 years after approved annual financial statements (according to BAO), due to the retention of invoice data.
Germany: As long as the business relationship continues and all liabilities have been settled. After that, processing is restricted and the data is stored for 10 years after the approved annual financial statements (in accordance with § 147 para. 3 in conjunction with para. 1 nos. 1, 4 and 4a AO, § 14b para. 1 UStG), due to the retention of invoice data.
Deletion period
After the storage period within a deletion cycle of one year.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Supplier contact data
No automated decision-making, including profiling, is used in any of the above-mentioned processing activities. profiling carried out.
Origin
From the supplier itself.
Training participants are all those persons who take part in trainings of our company and receive advanced training in the use of the software or other subject areas. Likewise, customers can also be considered as training participants.
Personal data of training participants are processed within the framework of the following processing activities for the purposes mentioned below:
Processing activity
Implementation of Trainings
Purpose of processing
Conduct training for continuing education
The legal basis for the processing of personal data of training participants is based on the following legal basis or legitimate interests:
Processing activity
Implementation of external trainings
Legal basis / legitimate interest
Contract (service)
In the course of the processing activities carried out by us, we do not transfer personal data of the data subject groups concerning you to any recipients or categories of recipients.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Training participant data
Until the account is deleted.
Accounting-related data:
Austria: Once all claims have been settled, processing is restricted and the data is stored for 7 years after the approved annual financial statements (according to BAO).
Germany: As soon as all claims have been settled, processing is restricted and the data is stored for 10 years after the approved annual financial statements (in accordance with Section 147 (3) in conjunction with (1) Nos. 1, 4 and 4a of the German Tax Code (AO), Section 14b (1) of the German Turnover Tax Act (UStG)).
Deletion period
At the end of the month, provided that a request for deletion of the account has been made and no further retention obligations exist (see retention period). Accounting-relevant data is stored after the expiration of the storage period in a Deletion cycle of one year deleted.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Training participant data
No automated decision-making, including profiling, is used in any of the above-mentioned processing activities. profiling carried out.
Origin
From the person concerned himself.
Event participants are all those people who attend one of our events. This includes event visitors (customers, interested parties) and speakers.
Personal data of event participants are processed within the scope of the following processing activities for the purposes mentioned below:
Processing activity
Event Management
Event documentation
Purpose of processing
Planning, organization and implementation of events
Documentation of events as part of our online presence
The legal basis for the processing of personal data of event participants is based on the following legal basis or legitimate interests:
Processing activity
Event Management
Event documentation
Legal basis / legitimate interest
Consent
Consent, legitimate interest (image cultivation)
In the context of the processing activity “Event Management”, joint processing of CALPANA Austria and CALPANA Germany may occur. The object of the processing here is the management of contacts in order to provide cross-border services accordingly.
The following categories of personal data are processed in the listed processing activities:
Processing activity
Event Management
Event documentation
Data category
Date for events
Image data
Types of data contained therein
Personal master data (e.g. first name, last name, gender/address), communication data (e.g. billing address, company, e-mail), booking history, planning and control data (e.g. processing status), contract billing and payment data
Photos & videos from event participants
As part of the processing activities we carry out, we transfer personal data of the data subjects concerning you to the following recipients or categories of recipients:
Data type
Photos, videos
Receiver
Vimeo
EU third country [J/N]
J
Purpose of the transmission
Accessible videos about events etc. on the CALPANA & CRISAM website.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Data for events
Image data
Storage duration
Until the account is deleted.
Accounting-related data:
Austria: Once all claims have been settled, processing is restricted and the data is stored for 7 years after the approved annual financial statements (according to BAO).
Germany: As soon as all claims have been settled, processing is restricted and the data is stored for 10 years after the approved annual financial statements (in accordance with Section 147 (3) in conjunction with (1) Nos. 1, 4 and 4a of the German Tax Code (AO), Section 14b (1) of the German Turnover Tax Act (UStG)).
Until revoked
Deletion period
At the end of the month, provided that a request for deletion of the account has been made and no further retention obligations exist (see retention period). Accounting-related data is deleted in a one-year deletion cycle after the storage period has expired.
Immediately after revocation
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Date for events
Image data
Origin
From the person concerned himself.
By the person concerned himself or by the photographer and camera.
No automated decision-making, including profiling, is used in any of the above-mentioned processing activities. profiling carried out.
Applicants are all those persons who apply to a vacant position or through a speculative application in the company.
Personal data of applicants are processed within the scope of the following processing activities for the purposes mentioned below:
Processing activity
Applicant Management
Purpose of processing
Selection of a person suitable for the vacant position.
The legal basis for the processing of personal data of applicants is based on the following legal basis or legitimate interests:
Processing activity
Applicant Management
Legal basis / legitimate interest
Contract (Pre-contractual relationship)
The following categories of personal data are processed in the listed processing activities:
Processing activity
Applicant Management
Data category
Applicant data
Types of data contained therein
Data include master data (name, address, telephone number, date of birth, gender, ev. religious confession, marital status), professional certificates, application photo, certificates, application letter (are personal data and contents of the applicant indicated, which he / she reveals himself). Among others, Art. 9 data (health data, religious confession) or Art. 10 data (criminal convictions) may be included.
In the context of the processing activities we carry out, we do not transfer personal data, of the groups of data subjects concerning you, to any recipients or categories of recipients.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Applicant data
Storage duration
Austria: 6 months after the position was filled or rejected (according to GlBG) incl. a buffer period of one month.
Germany: 2 months after cancellation
Deletion period
Immediately after the storage period.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Applicant data
Origin
From the applicant or staffing agency.
No automated decision-making, including profiling, is used in any of the above-mentioned processing activities. profiling carried out.
Website visitors are all those persons who call up our website within a certain measured time and thus “visit” it.
Personal data of website visitors are processed within the scope of the following processing activities for the purposes mentioned below:
Processing activity
Processing of contact requests
Purpose of processing
Process website form requests to ensure appropriate support to requestors.
The legal basis for the processing of personal data of website visitors is based on the following legal basis or legitimate interests:
Processing activity
Processing of contact requests
Legal basis / legitimate interest
Legitimate interest (business processing)
The following categories of personal data are processed in the listed processing activities:
Processing activity
Processing of contact requests
Data category
Contact form
Types of data contained therein
Data are the subject and the exact description of the request, name, phone number and e-mail.
In the context of the processing activities we carry out, we do not transfer personal data, of the groups of data subjects concerning you, to any recipients or categories of recipients.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Contact form
Storage duration
The data is stored until the support case is closed or beyond that for up to one year to ensure appropriate traceability.
Deletion period
Immediately after the storage period.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Contact form
Origin
From the person concerned himself.
No automated decision-making, including profiling, is carried out in any of the above-mentioned processing activities.
External service providers are all those persons to whom companies provide services and charge accordingly.
Personal data of external service providers are processed within the scope of the following processing activities for the purposes mentioned below:
Processing activity
Service provision
Activity allocation
Purpose of processing
Verification of the fulfillment of the external service provider’s performance.
Billing for the performance of external service providers.
The legal basis for the processing of personal data of external service providers is based on the following legal basis or legitimate interests:
Processing activity
Service provision
Activity allocation
Legal basis / legitimate interest
The respective contract with the external service provider.
The respective contract with the external service provider.
Austria: Legal basis (§132 BAO)
Germany: Legal basis (§ 147 AO, § 257 HGB)
The following categories of personal data are processed in the listed processing activities:
Processing activity
Service Delivery,
Activity allocation
Data category
Data from external service provider
Types of data contained therein
Data include company name, name, telephone number, bank details, performance and remuneration.
In the course of the processing activities carried out by us, we transmit personal data, of the categories of data subjects concerning you, to the following recipients or categories of recipients:
Data type
Bank details, name, fee
Receiver
Bank
EU third country [J/N]
N
Purpose of the transmission
Implementation of the settlement.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Data from external service provider
Storage duration
Austria: As long as the business relationship continues and all liabilities have been settled. After that, processing is restricted and data is stored for 7 years after approved annual financial statements (according to BAO), due to the retention of invoice data.
Germany: As long as the business relationship continues and all liabilities are settled were. Thereafter, the processing is restricted and the data is stored for 10 years after the approved annual financial statements (§ 147 para. 3 in connection with para. 1 No. 1, 4
and 4a AO, § 14b para. 1 UStG), due to the retention of invoice data.
Deletion period
Immediately after the storage period.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Data from external service provider
Origin
From the external service provider itself.
No automated decision-making, including profiling, is carried out in any of the above-mentioned processing activities.
Third parties are all those persons who do not belong to one of the other categories of data subjects.
Personal data of third parties are processed within the scope of the following processing activities for the purposes mentioned below:
Processing activity
erroneous contact
Purpose of processing
Processing of erroneous contact via e-mail.
The legal basis for the processing of personal data of third parties is based on the following legal basis or legitimate interests:
Processing activity
erroneous contact
Legal basis / legitimate interest
Legitimate interest (processing of requests)
The following categories of personal data are processed in the listed processing activities:
Processing activity
erroneous contact
Data category
Third party contact details
Types of data contained therein
Data includes name, telephone number and e-mail.
In the course of the processing activities carried out by us, we do not transfer personal data of the data subject groups concerning you to any recipients or categories of recipients.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Third party contact details
Storage duration
Erroneous emails will be accepted and kept as long as they are processed.
Deletion period
Immediately after the storage period.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Third party contact details
Origin
by the person concerned himself
No automated decision-making, including profiling, is carried out in any of the above-mentioned processing activities.
Newsletter recipients are all those persons who register to receive the newsletter.
Personal data of newsletter recipients are processed within the scope of the following processing activities for the purposes mentioned below:
Processing activity
Newsletter
Purpose of processing
Sending information about the product, events, general information about CRISAM, CALPANA and risk management.
The legal basis for the processing of personal data of newsletter recipients is based on the following legal basis or legitimate interests:
Processing activity
Newsletter
Legal basis / legitimate interest
Consent
The following categories of personal data are processed in the listed processing activities:
Processing activity
Newsletter
Data category
Newsletter form
Types of data contained therein
Data are title, name and email address.
In the course of the processing activities carried out by us, we do not transfer personal data of the data subject groups concerning you to any recipients or categories of recipients.
We store your personal data as long as this is required by law, is necessary for the purpose or the use in accordance with the legitimate interest of the company requires it. The deletion period listed below follows this storage period.
Data category
Newsletter form
Storage duration
Until revoked.
Deletion period
1 year after revocation for traceability.
Art. 14 DSGVO also requires us to provide information about the origin of the data we process for the groups of data subjects concerning you:
Data category
Newsletter form
Origin
From the person concerned himself.
No automated decision-making, including profiling, is carried out in any of the above-mentioned processing activities.
