As the operator of this website and as the "person responsible" within the meaning of the General Data Protection Regulation (GDPR) and the Data Protection Adjustment Act (DSG 2018), we take the protection of your personal data very seriously. We hereby inform you about the processing of your personal data and the data protection claims and rights to which you are entitled.

The person responsible within the meaning of the General Data Protection Regulation (GDPR) is:

NEXT Sales and Trading GmbH
Leonhard belt 10,
8010 Graz / Austria

Our website and our services can be used to a limited extent without providing personal data. Insofar as personal data is collected on our pages or forms, this is always done on a voluntary basis as far as possible.

Legal basis for data processing

We process your data to fulfill contractual obligations (Art 6 Para 1b GDPR), within the scope of your consent / registration (Art 6 Para 1a GDPR) and, if necessary, to fulfill legal obligations (Art 6 Para 1c GDPR). Furthermore, we can process your data to safeguard legitimate interests (Art 6 Paragraph 1f GDPR) for advertising or market and opinion research, provided that you have not objected to a use that you have not objected to in accordance with Art 21 GDPR.

Use and disclosure of data

Within the NEXT Sales and Trading GmbH  those departments or employees receive your data who need it to fulfill contractual, consented and legal obligations or legitimate interests. In addition, processors commissioned by us will receive your data if they need the data to fulfill their respective contractual services. All processors are contractually obliged to treat your data confidentially and only process it within the agreed framework. The data will not be passed on to a third country. The data is also not used for any automated decision-making.

Categories of data processors

Processors commissioned by us (e.g. IT and back office service providers) and sales partners receive your data if they need the data to fulfill their contractually agreed service. All contract processors and sales partners are contractually obliged to treat your data confidentially and only to process it in the context of the provision of services.

If there is a legal or regulatory obligation, public authorities and institutions as well as our owners can be recipients of your personal data.

The following categories of contract processors exist: providers, IT service providers, telecommunications companies.

Processed data

Only data is processed that has already been voluntarily published on social media by the respective user.

Duration and location of data storage

All data and posts are automatically removed from the system and deleted from the servers after 18 months. If a user deletes a post from his account, it will also be irrevocably deleted from the board promptly, i.e. at the next server check. In addition, anyone can request the deletion of a post simply and easily via The request will be processed as soon as possible. The tool/software runs via the Amazon data center in Frankfurt, Germany and thus within the European Union.

In addition, we store your personal data, if necessary, for the duration of the entire service and beyond that in accordance with the statutory retention periods and documentation requirements. These result among other things. from the company code (UGB), the federal tax code (BAO) and the general civil code (ABGB).

Contacting us

When contacting us (via contact form or e-mail), the information provided by the user for processing the contact request and processing it in accordance with Art. 6 para. 1 lit. b) GDPR processed.

The user data can be stored in our Customer Relationship Management System ("CRM System") or comparable inquiry organization.

We delete the inquiries if they are no longer required. We review the requirement every two years; We permanently save inquiries from customers who have a customer account and refer to the information on the customer account for deletion. In the case of the legal archiving obligations, the deletion takes place after their expiry (end of commercial law (6 years) and tax law (10 years) retention obligation).

Online presence in social media

We maintain online presence within social networks and platforms in order to communicate with customers, prospects and users active there and to inform them about our services. When calling the respective networks and platforms, the terms and conditions and the data processing guidelines apply to their respective operators.

Unless otherwise stated in our privacy policy, users' data will be processed provided they communicate with us within social networks and platforms, e.g. write posts on our online presence or send us messages.


Some of the internet pages use so-called cookies. Cookies are small files that make it possible to save specific, device-related information on the user's access device (PC, smartphone, etc.). Cookies do not cause any damage to your computer and do not contain viruses. On the one hand, they serve the user-friendliness of websites and thus the users (e.g. storage of login data). On the other hand, they are used to record statistical data on website usage and to be able to analyze them in order to improve the offer. Users can influence the use of cookies.

Most of the cookies we use are so-called "session cookies". They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit. You can configure your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when you close the browser. If cookies are deactivated, the functionality of this website may be restricted.

Server log files

The technical provider of our website is Grizzly Creative GmbH, Mondscheingasse 6, 8010 Graz. This automatically collects and stores information that your browser automatically transmits to us in so-called server log files. These are:

  • - Browser type/ Browser version
  • The used operating system
  • Referrer URL (previous page)
  • Host name or IP address of the accessing computer
  • The time of the server inquiry

These data cannot be attributed to specific persons and will not be combined with other data sources. We reserve the right to control these data subsequently, if there is concrete evidence for an unlawful use.

Integration of services and content of third parties

It may happen that third party content, such as videos from YouTube, maps from Google Maps, RSS feeds or graphics from other websites, are integrated into this online offer. This always presupposes that the providers of this content (hereinafter referred to as “third-party providers”) can access the IP address of the user. Because without the IP address, you could not send the content to the browser of the respective user. The IP address is therefore required to display this content. We strive to only use content whose respective providers only use the IP address to deliver the content. However, we have no influence on whether the third-party provider stores the IP address, e.g. for statistical purposes. As far as we know, we will inform users about it.

Privacy Statement for the Use of Google Analytics

This website uses functions of the web analytics service Google Analytics. Provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

Google Analytics uses so-called "cookies". These are text files that are saved on your computer and that enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.

For more information about the handling of user data by Google Analytics, please consult Google’s Data Privacy Declaration at:

Browser plug-in

You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install:

Objection against data collection

You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie will be set that prevents your data from being recorded on future visits to this website: Deactivate Google Analytics

Outsourced data processing

We have concluded an order data processing contract with Google and fully implement the strict requirements of the data protection authorities when using Google Analytics

IP anonymization

We use the "Activation of IP anonymization" function on this website. As a result, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address will only be transmitted to a Google server in the USA and shortened there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. By using this website, users consent to the processing of the data collected about them by Google in the manner described above and for the purpose stated above.

Google AdSense

This offer uses Google AdSense, a service for integrating advertisements from Google Inc. (“Google”). Google AdSense uses so-called “cookies”, text files that are stored on the user's computer and that enable an analysis of the use of the website. Google AdSense also uses so-called web beacons (invisible graphics). These web beacons can be used to evaluate information such as visitor traffic on the pages of this offer.

The information generated by cookies and web beacons about the use of this website (including the IP address of the user) and the delivery of advertising formats are transmitted to a Google server in the USA and stored there. This information can be passed on by Google to contractual partners of Google. However, Google will not merge your IP address with other data stored about you.

Users can prevent the installation of cookies by setting their browser software accordingly; However, the provider points out to the user that in this case they may not be able to use all the functions of this offer to their full extent. By using this website, users consent to the processing of the data collected about them by Google in the manner described above and for the purpose stated above.

Data protection declaration for the use of Facebook plugins (like or share button)

On our pages plugins of the social network Facebook, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, are integrated. The Facebook plugins can be recognized by the Facebook logo or the "Like-Button" ("Like") on our site. An overview of the Facebook plugins can be found here:

When you visit our website, the plug-in establishes a direct connection between your browser and the Facebook server. As a result, Facebook receives the information that you have visited our site with your IP address. If you click the Facebook “Like” button while you are logged into your Facebook account, you can link the content of our pages to your Facebook profile. This enables Facebook to assign your visit to our website to your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or their use by Facebook. You can find more information on this in Facebook's privacy policy at

Wenn Sie nicht wünschen, dass Facebook den Besuch unserer Seiten Ihrem Facebook-Nutzerkonto zuordnen kann, loggen Sie sich bitte aus Ihrem Facebook-Benutzerkonto aus.

Privacy Statement for the Use of Twitter

Functions of the Twitter service are integrated on our sites. These functions are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the "Re-Tweet" function, the websites you visit are linked to your Twitter account and made known to other users. This data is also transmitted to Twitter. We would like to point out that, as the provider of the website, we have no knowledge of the content of the data transmitted or of how it is used by Twitter. Further information can be found in Twitter's data protection declaration at

You can change your data protection settings on Twitter in the account settings under . change

Privacy Policy for use of Instagram

Functions of the Instagram service are integrated on our website. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the contents of our pages to your Instagram profile by clicking the Instagram button. This enables Instagram to assign your visit to our website to your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by Instagram.

For more information on this subject, please consult Instagram’s Data Privacy Declaration at:

Data protection declaration for the use of CloudFlare

Java-Script code from the company CloudFlare Inc, Inc 665 3rd St. 200, San Francisco, CA 94107, USA (hereinafter: Cloudflare) is loaded on our site. If you have activated JavaScript in your browser and have not installed a JavaScript blocker, your browser may transmit personal data to Cloudflare. We do not know which data Cloudflare links to the data received and for what purposes Cloudflare uses this data. In order to prevent the execution of Java script code from Cloudflare altogether, you can install a Java script blocker (e.g. Further information on data protection at CloudFlare can be found under the following link:


With the following information, we inform you about the content of our newsletter, as well as the registration, dispatch, and statistical analysis procedures, along with your right to object. By subscribing to our newsletter, you agree to receive it and accept the described procedures.

Content of the newsletter: We send newsletters, e-mails and other electronic notifications with advertising information (hereinafter “newsletter”) only with the consent of the recipient or with legal permission. If the content of the newsletter is specifically described when registering for the newsletter, it is decisive for the consent of the user. In addition, our newsletters contain information about our products, offers, promotions and our company.

Double Opt-In and Logging: Registration for our newsletter occurs via a double opt-in procedure. That means after registration, you'll receive an email asking you to confirm your subscription. This confirmation is necessary to prevent someone from registering with other people's email addresses. Newsletter subscriptions are logged to meet legal requirements. This includes storing the registration and confirmation times, as well as the IP address. Changes to your data stored by the shipping service provider are also logged.

Shipping service provider: The newsletter is sent using Auth Mailer, Kuninkaankatu 22, FI-33210 Tampere, FINLAND, hereinafter referred to as "shipping service provider". You can view the privacy policy of the shipping service provider here:

Furthermore, the shipping service provider can, according to its own information, use this data in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. for the technical optimization of shipping and the presentation of the newsletter or for statistical purposes in order to determine which countries the recipients come from. However, the shipping service provider does not use the data of our newsletter recipients to write to them themselves or to pass them on to third parties.

Registration Data: To sign up for the newsletter, providing your email address is sufficient. Optionally, we ask for your name for personal addressing in the newsletter.

Success measurement - The newsletters contain a so-called "web beacon", ie a pixel-sized file that is retrieved from the server of the shipping service provider when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval, are initially collected. This information is used to technically improve the services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined using the IP address) or the access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our aim nor that of the shipping service provider to monitor individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

The sending of the newsletter and the measurement of success are based on the consent of the recipients in accordance with Article 6 Paragraph 1 lit. 7 and 107 TKG.

The registration process is logged on the basis of our legitimate interests in accordance with Article 6 (1) (f) GDPR and serves as proof of consent to receive the newsletter.

Termination/Revocation – You can terminate the receipt of our newsletter at any time, ie revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter. If the users have only registered for the newsletter and canceled this registration, their personal data will be deleted.

Web push notifications

Web push notifications can only be sent with the user's explicit permission. The key, which is unique for sending, is securely stored in a database without any personal data being linked to this key. Any user who has consented to such push notifications can independently, without the sender doing anything, revoke the consent by revoking this consent via the settings menu of his/her browser. Once this consent is revoked, the key will automatically become invalid and the sender will under no circumstances be able to send further notifications.

Integration of services and content of third parties

Within the scope of our online offer, we act on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. of the German Civil Code). GDPR) content or service offers from third parties in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content"). This always presupposes that the third-party providers of this content perceive the IP address of the user, since they would not be able to send the content to their browser without the IP address. The IP address is therefore required for the presentation of these contents. We strive to use only those contents, whose respective offerers use the IP address only for the distribution of the contents. Third parties may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include technical information about the browser and operating system, referring websites, visit times and other information about the use of our website, as well as may be linked to such information from other sources.

The following illustration provides an overview of third-party providers and their content, as well as links to their data protection declarations, which contain further information on the processing of data and, in some cases already mentioned here, opt-out options:

- If our customers use the payment services of third parties (e.g. PayPal or Sofortüberweisung), the terms and conditions and data protection notices of the respective third party providers apply, which can be called up on the respective websites or transaction applications.

- External fonts from Google, LLC., Https:// ("Google Fonts"). The integration of Google Fonts takes place by calling up a server on Google (usually in the USA). Data protection:,


- Maps provided by the "Google Maps" service provided by the third-party provider Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration:, Opt-Out:

- Videos from the “YouTube” platform of the third-party provider Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.

Data protection statement:,


- External code of the JavaScript framework “jQuery”, provided by the third-party provider jQuery Foundation,

Right to information, correction, deletion, restriction

You have the right to information about your stored personal data, their origin and recipient and the purpose of the data processing as well as the right to correct, delete or restrict this data at any time. You also have the right to object to processing and the right to data portability. You are not obliged to give your consent to data processing with regard to data that is not relevant for the fulfillment of the contract or that is not required by law.

If you have any further questions about data protection, you are welcome to send an e-mail to our data protection officer or by sending a letter to Energie Steiermark AG, attn. data protection officer, Leonhardgurtel 10, 8010 Graz, turn.

You also have the right to lodge a complaint with the Austrian data protection authority, Wickenburggasse 8, 1080 Vienna.

Adjustment of these conditions

We can adapt these data protection conditions if necessary. The respective binding and up-to-date information can be accessed on the website under data protection conditions via the footer.