As the operator of this website and as the "person responsible" within the meaning of the General Data Protection Regulation (GDPR) and the Data Protection Adjustment Act (DSG 2018), we take the protection of your personal data very seriously. We hereby inform you about the processing of your personal data and the data protection claims and rights to which you are entitled.
The person responsible within the meaning of the General Data Protection Regulation (GDPR) is:
NEXT Sales and Trading GmbH
Leonhard belt 10,
Our website and our services can be used to a limited extent without providing personal data. Insofar as personal data is collected on our pages or forms, this is always done on a voluntary basis as far as possible.
Legal basis for data processing
We process your data to fulfill contractual obligations (Art 6 Para 1b GDPR), within the scope of your consent / registration (Art 6 Para 1a GDPR) and, if necessary, to fulfill legal obligations (Art 6 Para 1c GDPR). Furthermore, we can process your data to safeguard legitimate interests (Art 6 Paragraph 1f GDPR) for advertising or market and opinion research, provided that you have not objected to a use that you have not objected to in accordance with Art 21 GDPR.
Use and disclosure of data
Within the NEXT Sales and Trading GmbH those departments or employees receive your data who need it to fulfill contractual, consented and legal obligations or legitimate interests. In addition, processors commissioned by us will receive your data if they need the data to fulfill their respective contractual services. All processors are contractually obliged to treat your data confidentially and only process it within the agreed framework. The data will not be passed on to a third country. The data is also not used for any automated decision-making.
Categories of data processors
Processors commissioned by us (e.g. IT and back office service providers) and sales partners receive your data if they need the data to fulfill their contractually agreed service. All contract processors and sales partners are contractually obliged to treat your data confidentially and only to process it in the context of the provision of services.
If there is a legal or regulatory obligation, public authorities and institutions as well as our owners can be recipients of your personal data.
The following categories of contract processors exist: providers, IT service providers, telecommunications companies.
Only data is processed that has already been voluntarily published on social media by the respective user.
Duration and location of data storage
All data and posts are automatically removed from the system and deleted from the servers after 18 months. If a user deletes a post from his account, it will also be irrevocably deleted from the board promptly, i.e. at the next server check. In addition, anyone can request the deletion of a post simply and easily via firstname.lastname@example.org. The request will be processed as soon as possible. The tool/software runs via the Amazon data center in Frankfurt, Germany and thus within the European Union.
In addition, we store your personal data, if necessary, for the duration of the entire service and beyond that in accordance with the statutory retention periods and documentation requirements. These result among other things. from the company code (UGB), the federal tax code (BAO) and the general civil code (ABGB).
When contacting us (via contact form or e-mail), the information provided by the user for processing the contact request and processing it in accordance with Art. 6 para. 1 lit. b) GDPR processed.
The user data can be stored in our Customer Relationship Management System ("CRM System") or comparable inquiry organization.
We delete the inquiries if they are no longer required. We review the requirement every two years; We permanently save inquiries from customers who have a customer account and refer to the information on the customer account for deletion. In the case of the legal archiving obligations, the deletion takes place after their expiry (end of commercial law (6 years) and tax law (10 years) retention obligation).
Online presence in social media
We maintain online presence within social networks and platforms in order to communicate with customers, prospects and users active there and to inform them about our services. When calling the respective networks and platforms, the terms and conditions and the data processing guidelines apply to their respective operators.
Most of the cookies we use are so-called "session cookies". They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit. You can configure your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when you close the browser. If cookies are deactivated, the functionality of this website may be restricted.
Server log files
The technical provider of our website is Grizzly Creative GmbH, Mondscheingasse 6, 8010 Graz. This automatically collects and stores information that your browser automatically transmits to us in so-called server log files. These are:
- - Browser type/ Browser version
- Operating system used
- Referrer URL (previous page)
- Host name or IP address of the accessing computer
- Time of the server request
These data cannot be attributed to specific persons and will not be combined with other data sources. We reserve the right to control these data subsequently, if there is concrete evidence for an unlawful use.
Integration of services and content of third parties
It may happen that third party content, such as videos from YouTube, maps from Google Maps, RSS feeds or graphics from other websites, are integrated into this online offer. This always presupposes that the providers of this content (hereinafter referred to as “third-party providers”) can access the IP address of the user. Because without the IP address, you could not send the content to the browser of the respective user. The IP address is therefore required to display this content. We strive to only use content whose respective providers only use the IP address to deliver the content. However, we have no influence on whether the third-party provider stores the IP address, e.g. for statistical purposes. As far as we know, we will inform users about it.
Privacy Statement for the Use of Google Analytics
This website uses functions of the web analytics service Google Analytics. Provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
Google Analytics uses so-called "cookies". These are text files that are saved on your computer and that enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.
You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install: https://tools.google.com/dlpage/gaoptout?hl=de
Objection to data collection
You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie will be set that prevents your data from being recorded on future visits to this website: Deactivate Google Analytics
Outsourced data processing
We have concluded an order data processing contract with Google and fully implement the strict requirements of the data protection authorities when using Google Analytics
We use the "Activation of IP anonymization" function on this website. As a result, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address will only be transmitted to a Google server in the USA and shortened there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. By using this website, users consent to the processing of the data collected about them by Google in the manner described above and for the purpose stated above.
This offer uses Google AdSense, a service for integrating advertisements from Google Inc. (“Google”). Google AdSense uses so-called “cookies”, text files that are stored on the user's computer and that enable an analysis of the use of the website. Google AdSense also uses so-called web beacons (invisible graphics). These web beacons can be used to evaluate information such as visitor traffic on the pages of this offer.
The information generated by cookies and web beacons about the use of this website (including the IP address of the user) and the delivery of advertising formats are transmitted to a Google server in the USA and stored there. This information can be passed on by Google to contractual partners of Google. However, Google will not merge your IP address with other data stored about you.
Users can prevent the installation of cookies by setting their browser software accordingly; However, the provider points out to the user that in this case they may not be able to use all the functions of this offer to their full extent. By using this website, users consent to the processing of the data collected about them by Google in the manner described above and for the purpose stated above.
Data protection declaration for the use of Facebook plugins (like or share button)
On our pages plugins of the social network Facebook, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, are integrated. The Facebook plugins can be recognized by the Facebook logo or the "Like-Button" ("Like") on our site. An overview of the Facebook plugins can be found here: http://developers.facebook.com/docs/plugins/.
Wenn Sie nicht wünschen, dass Facebook den Besuch unserer Seiten Ihrem Facebook-Nutzerkonto zuordnen kann, loggen Sie sich bitte aus Ihrem Facebook-Benutzerkonto aus.
Privacy Statement for the Use of Twitter
Functions of the Twitter service are integrated on our sites. These functions are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the "Re-Tweet" function, the websites you visit are linked to your Twitter account and made known to other users. This data is also transmitted to Twitter. We would like to point out that, as the provider of the website, we have no knowledge of the content of the data transmitted or of how it is used by Twitter. Further information can be found in Twitter's data protection declaration at http://twitter.com/privacy.
You can change your data protection settings on Twitter in the account settings under http://twitter.com/account/settings . change
Functions of the Instagram service are integrated on our website. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the contents of our pages to your Instagram profile by clicking the Instagram button. This enables Instagram to assign your visit to our website to your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by Instagram.
For more information, see the Instagram Data Protection: http://instagram.com/about/legal/privacy/
Data protection declaration for the use of CloudFlare
With the following notes we inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedure and your rights of objection. By subscribing to our newsletter, you agree to receive it and to the described procedures.
Content of the newsletter: We send newsletters, e-mails and other electronic notifications with advertising information (hereinafter “newsletter”) only with the consent of the recipient or with legal permission. If the content of the newsletter is specifically described when registering for the newsletter, it is decisive for the consent of the user. In addition, our newsletters contain information about our products, offers, promotions and our company.
Double-Opt-In and logging: The registration for our newsletter is done in a so-called Double-Opt-In procedure. This means that after registration you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that nobody can register with foreign e-mail addresses. The newsletter registrations are logged in order to be able to prove the registration process according to the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address. Changes to your data stored by the shipping service provider are also logged.
Furthermore, the shipping service provider can, according to its own information, use this data in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. for the technical optimization of shipping and the presentation of the newsletter or for statistical purposes in order to determine which countries the recipients come from. However, the shipping service provider does not use the data of our newsletter recipients to write to them themselves or to pass them on to third parties.
Registration data: To subscribe to the newsletter, it is sufficient to enter your e-mail address. Optionally, we ask you to enter a name for personal contact in the newsletter.
Success measurement - The newsletters contain a so-called "web beacon", ie a pixel-sized file that is retrieved from the server of the shipping service provider when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval, are initially collected. This information is used to technically improve the services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined using the IP address) or the access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our aim nor that of the shipping service provider to monitor individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
The sending of the newsletter and the measurement of success are based on the consent of the recipients in accordance with Article 6 Paragraph 1 lit. 7 and 107 TKG.
The registration process is logged on the basis of our legitimate interests in accordance with Article 6 (1) (f) GDPR and serves as proof of consent to receive the newsletter.
Termination/Revocation – You can terminate the receipt of our newsletter at any time, ie revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter. If the users have only registered for the newsletter and canceled this registration, their personal data will be deleted.
Web push notifications
Web push notifications can only be sent with the user's explicit permission. The key, which is unique for sending, is securely stored in a database without any personal data being linked to this key. Any user who has consented to such push notifications can independently, without the sender doing anything, revoke the consent by revoking this consent via the settings menu of his/her browser. Once this consent is revoked, the key will automatically become invalid and the sender will under no circumstances be able to send further notifications.
Integration of services and content of third parties
Within the scope of our online offer, we act on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 Para. 1 lit. f. of the German Civil Code). GDPR) content or service offers from third parties in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content"). This always presupposes that the third-party providers of this content perceive the IP address of the user, since they would not be able to send the content to their browser without the IP address. The IP address is therefore required for the presentation of these contents. We strive to use only those contents, whose respective offerers use the IP address only for the distribution of the contents. Third parties may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include technical information about the browser and operating system, referring websites, visit times and other information about the use of our website, as well as may be linked to such information from other sources.
The following illustration provides an overview of third-party providers and their content, as well as links to their data protection declarations, which contain further information on the processing of data and, in some cases already mentioned here, opt-out options:
- If our customers use the payment services of third parties (e.g. PayPal or Sofortüberweisung), the terms and conditions and data protection notices of the respective third party providers apply, which can be called up on the respective websites or transaction applications.
- External fonts from Google, LLC., Https://www.google.com/fonts ("Google Fonts"). The integration of Google Fonts takes place by calling up a server on Google (usually in the USA). Data protection: https://policies.google.com/privacy,
- Maps provided by the "Google Maps" service provided by the third-party provider Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Data protection declaration: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
- Videos from the “YouTube” platform of the third-party provider Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
Right to information, correction, deletion, restriction
You have the right to information about your stored personal data, their origin and recipient and the purpose of the data processing as well as the right to correct, delete or restrict this data at any time. You also have the right to object to processing and the right to data portability. You are not obliged to give your consent to data processing with regard to data that is not relevant for the fulfillment of the contract or that is not required by law.
If you have any further questions about data protection, you are welcome to send an e-mail to our data protection officer email@example.com or by sending a letter to Energie Steiermark AG, attn. data protection officer, Leonhardgurtel 10, 8010 Graz, turn.
You also have the right to lodge a complaint with the Austrian data protection authority, Wickenburggasse 8, 1080 Vienna.
Adjustment of these conditions
We can adapt these data protection conditions if necessary. The respective binding and up-to-date information can be accessed on the website under data protection conditions via the footer.