Privacy Policy

September 2024

We (i.e., the company providing this privacy statement to you or mentioned in the legal notice as the operator of this site) take the protection of your personal data seriously. This privacy statement describes how we collect, use, disclose, transmit, and store your personal data (“process"). The personal data collected depends on the context of your interactions with us, the products, services, and features we provide, your location, as well as the applicable law.

1. Processing of personal data in connection with your use of our websites, applications, and online services Data categories and purpose of processing

When you use our external and internal websites, applications or online services (each an “Online Offer"), we process the following categories of personal data:

- Your contact information, such as first and last name, business address, business phone number, business mobile phone number, and business email address,

- Organization information, including position and company name,

- Other personal data that you provide in contact forms and other forms of an Online Offer,

- Information you provide when requesting support, participating in a survey, making a comment, or contributing to a forum,

- Information automatically collected during the use of an Online Offer, such as your device and user ID, information about your operating system, pages and services you accessed and visited during your session, and the date and time of a user request.

We process your personal data for the following purposes:

- To enable you to use the services and functions of the Online Offers, including creating and managing your online account, within the framework of updates, security and troubleshooting measures,

- To provide customer support and to improve and develop our Online Offers,

- To bill your use of an Online Offer, confirm your identity, and enable user authentication,

- To process your request or instruction,

- To handle your order and provide access to related information and offers,

- To contact you with information and offers regarding our products and services and send you further marketing information or contact you within customer satisfaction surveys,

- To enforce our terms of use, assert or defend legal claims, and to prevent and contain fraudulent and similar activities, including assaults on our IT infrastructure.

Online Offers provided by your company

In some cases, our Online Offers are provided to you by the company you are employed by. When you use an Online Offer provided by your company, any personal data you or your company submit to the content of the Online Offer is processed on behalf and as directed by your company under a contract between your company and us. In this case, your company is legally responsible for data protection. If you have questions about personal data that we process as a processor for your company, please contact your company.

2. Processing of personal data in connection with your use of our marketplaces Data categories and purpose of processing

When you use our marketplaces (each a “Marketplace"), we process the following categories of personal data:

- Your contact information, such as first and last name, business address, business phone number, business mobile phone number, and business email address,

- Organization information, including position and company name,

- Payment data necessary to process payment transactions or fraud prevention, including credit card information and card security numbers,

- Other personal data that you provide in contact forms and other forms of a Marketplace,

- Information provided during a support request, survey, comment, or forum post;

- Information required by law during compliance and export-control screenings, such as date of birth,

Nationality, residence, ID numbers, information regarding relevant legal proceedings and other litigations, and

- Information automatically collected during the use of a Marketplace, such as your device and user ID,

Information about your operating system, pages and services you accessed and visited during your session, as well as

Date and time of a user request.

We process your personal data for the following purposes:

- Communication with you concerning our services and products, e.g., to process your inquiries or provide technical information about products,

- Planning, conducting, and managing the (contractual) business relationship, e.g., to process orders of products and services, collect payments, for accounting and invoicing purposes, and to conduct deliveries, maintenance activities, or repairs,

- Contacting you with information and offers regarding our products and services and carrying out further marketing activities and customer satisfaction surveys,

- Maintaining and protecting the security of our products and services as well as our websites, preventing and detecting security risks, fraudulent actions or other criminal or harmful activities,

- Complying with legal requirements (e.g., tax and commercial retention obligations), existing obligations to conduct compliance screenings (to prevent economic crime or money laundering) as well as our policies and industry standards, and

- Settling legal disputes, enforcing existing contracts, and asserting, exercising, and defending legal claims.

3. Processing of personal data of business partners Data categories and purpose of processing

Within the scope of collaboration with business partners, we process personal data of end consumers and contacts at customers, prospects, distributors, suppliers, and partners (each a “Business Partner"):

- Contact information, such as first and last name, business address, business phone number, business mobile phone number, and business email address,

- Organization information, including position and company name,

- Payment data necessary to process payment transactions or fraud prevention, including credit card details and card security numbers,

- Other information whose processing is required in the context of a project or the handling of a contractual relationship with us or which is voluntarily provided by business partners, e.g., within the framework of orders placed, inquiries or project details,

- Personal data obtained from publicly available sources (including company or business-related social networks and websites), information databases or credit agencies, and

- Information required by law during compliance and export-control screenings, such as date of birth,

Nationality, residence, ID numbers, and information regarding relevant legal proceedings and other litigations involving the business partner.

We process the personal data for the following purposes:

- Communication with business partners regarding products, services, and projects, e.g., processing business partner inquiries or providing technical information about products,

- Planning, conducting, and managing the (contractual) business relationship between the business partner and us, e.g., processing orders of products and services, collecting payments, for accounting and invoicing purposes and conducting deliveries, maintenance activities, or repairs,

- Creating a personal profile with business-related information about interactions between you and us to offer you and the company you work for, relevant information and suitable offers for services and products, and to improve our personal communication with you,

- Conducting market analyses, competitions, contests or similar promotions and events,

- Contacting you with information and offers regarding our products and services and conducting further marketing activities and customer satisfaction surveys,

- Maintaining and protecting the security of our products and services as well as our websites, preventing and detecting security risks, fraudulent actions or other criminal or harmful activities,

- Settling legal disputes, enforcing existing contracts, and asserting, exercising, and defending legal claims.

4. Processing of personal data for customer satisfaction surveys and direct marketing

Under applicable laws, we may use your contact data for direct marketing purposes (e.g., exhibition invitations, newsletters with information and offers concerning our products and services) and to conduct customer satisfaction surveys, including via email. You have the right to object to the use of your contact data for these purposes at any time by sending an email to contact@nextsure or by using the option in the message you have received.

5. Processing of personal data in connection with your application

If you apply for an open position with us, we process your personal data as described in the privacy policy of the nextsure Recruiting Portal or the application platform you are using.

6. Transmission and disclosure of personal data

We only transmit your personal data as described below:

Companies and distributors

For the purpose and to the extent necessary to conduct our business relationship with you, we transmit your personal data to our companies and other third parties (e.g., distributors and agents). For example, we distribute certain products and services only through local business relationships, and in this case, we transmit your personal data to our respective local companies or other distributors handling the business relationship with you.

Transactions on our marketplaces

Through our marketplaces, we also provide products, services, and offers from our companies and other third parties. We transmit personal data of our customers related to these transactions to the respective company and/or other third parties.

Service providers

We engage companies and other entities to perform tasks on our behalf, such as manufacturers, service providers, IT services, or payment processing. These companies and other entities process personal data solely for the purpose of the commissioned products and services.

Other third parties

We transmit personal data related to fulfilling legal obligations or establishing, exercising, or defending rights or claims to other third parties (e.g., for court and arbitration proceedings, to regulatory, law enforcement and governmental authorities, attorneys, and advisors). Recipients of your personal data may be located outside the country in which you reside. Personal data you publish through Online Offers (e.g., in chat rooms or forums) may be accessible to other registered users of the respective Online Offer worldwide.

7. Storage periods

If no explicit storage period is indicated upon collection (e.g., within the scope of a consent declaration), your personal data will be deleted as soon as it is no longer required to fulfill the purpose of storage, unless legal retention obligations (e.g., commercial and tax retention obligations) prevent deletion.

8. Your rights

Under applicable privacy law, you may have the right to:

- Request confirmation regarding whether we process personal data about you and obtain information about the personal data we process,

- Request correction of inaccurate personal data,

- Request deletion of the personal data we process,

- Request restriction of personal data processing,

- Request transfer of the personal data that you have actively provided to us,

- Object to the processing of personal data, based on reasons arising from your particular situation, or

- Withdraw any given consent.

9. Data security

We take appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, use or alteration, as well as unauthorized disclosure or unauthorized access.

10. Contact person

Our privacy organization assists with all questions regarding data protection. Complaints can also be submitted to our privacy organization, and the rights mentioned in this privacy statement can be exercised.

Our privacy organization can be contacted at datenschutz@nextsure.

We strive to address and resolve your inquiries and complaints. Besides contacting the privacy organization, you may also contact the relevant data protection supervisory authority at any time.

11. Processing of personal data within the scope of the EU General Data Protection Regulation

This paragraph applies if your personal data is processed by one of our companies based in the European Economic Area.

Data processing controller Online Offers

The company named in the legal notice of the Online Offer is responsible for the data processing activities described in this privacy statement according to the General Data Protection Regulation.

Marketplaces

The company specified on the Marketplace as the operator of the Marketplace is responsible for the data processing.

Personal data of business partners in our customer relationship systems

We may share contact information of business partners within the framework of your business relationship with us with other companies. We and these companies are jointly responsible for protecting your personal data (Art. 26 GDPR). To ensure that you can reliably exercise your privacy rights in the context of this joint responsibility, we have agreed with these companies that you can exercise your rights described in section 6 not only with the respective company but also centrally with SCAILE Technologies UG. Contact us at datenschutz@nextsure.de for this purpose.

Legal basis for processing

The General Data Protection Regulation obliges nextsure to inform you about the legal basis for data processing. Unless explicitly stated otherwise during the collection of personal data, the legal basis for data processing is:

- The performance and fulfillment of a contract with you (Article 6 (1) (b) GDPR) (“Contract Performance"),

- Fulfillment of legal obligations to which we are subject (Article 6 (1) (c) GDPR) (“Legal Obligation Fulfillment"), or

- Protection of our legitimate interests (Article 6 (1) (f) GDPR) (“Legitimate Interest in Processing").

Our legitimate interest lies in processing your personal data for the purpose of:

(i) offering and operating the Online Offers, and

(ii) initiating, conducting, and managing our business relationship.

As stated in the table below, where legitimate interest as the basis for processing your personal data is indicated, we believe your interests, fundamental rights, and freedoms are sufficiently considered because:

(i) we regularly review the processing activities and underlying processes described in this privacy statement,

(ii) we consider the protection of your personal data in our processes, including the Binding Corporate Rules for Protecting Personal Data (nextsure Binding Corporate Rules),

(iii) we ensure transparency of our processing activities, and

(iv) you are entitled to the aforementioned rights regarding our processing activities.

If you would like further information on the interest balancing described, please contact our privacy organization at datenschutz@nextsure.de.

If you have expressly consented to the processing of your personal data in an individual case, this consent is the legal basis for processing (Article 6 (1) (a) GDPR) (“Consent").

Processing of personal data in connection with the use of our Online Offers - Purpose and legal basis

- Enabling you to use the services and functions of the Online Offers, including creating and managing your online account, within the framework of updates, security and troubleshooting measures, providing customer support, and improving and developing our Online Offers

- Contract Performance (Article 6 (1) (b) GDPR)