Privacy Policy

Last updated: May 07, 2024

General

Based on Article 13 of the Swiss Federal Constitution and the data protection provisions of the Swiss Confederation (Data Protection Act, DSG) and - where applicable - the EU General Data Protection Regulation (GDPR), every person is entitled to protection of their privacy and protection against misuse of their personal data. In case of collision of the DSG (Swiss laws) with the GDPR (EU laws), DSG (Swiss laws) shall apply to this Privacy policy and Data protection of the Users.

The protection of your personal data is important to us. You can expect us to handle your data sensitively and carefully and to ensure a high level of data security. This privacy policy specifies and regulates the collection, storage, and transfer of personal data about Visitors of this Website as well as of our customers and informs you about your privacy rights and how the law protects you.

This Privacy policy is binding for the Owner and Administrators of the Website, our customers as well as for the Visitors of the website and any counterpart, who has access to the Data. By visiting/using the Website, you accept the collection and use of information in accordance with this Privacy policy. If you do not agree with this Privacy policy, please leave the Website.

Identity and contact details of the controller and data protection officer (DPO)

GD Next GmbH, HR CHE-432.135.089, registered and acting under the laws of Switzerland as the operator of the website https://www.gdnext.com is the controller within the meaning of the Swiss Data Protection Act (DPA) and the EU General Data Protection Regulation (GDPR) and can be contacted under

GD Next GmbH, Wagistrasse 21 in 8952 Schlieren or via info@gdnext.com

The DPO of GD Next GmbH can be contacted via the above address, attn. data protection department or by e-mail at dataprotection@gdnext.com

Purpose of processing and legal basis

We process your personal data mentioned in section 4 (below) for the following purposes:

To conclude and process your contractual relationship and to process your inquiries (Art. 30 and Art. 31 para. 1 and para. 2 let. a FADP / Art. 6 para. 1 let. b GDPR): The purposes of data processing depend on the intended transaction. We collect this data to provide our services to you or to be able to obtain such services from you, specifically to contact you by email, telephone calls, SMS, or other equivalent forms of electronic communication regarding your application (request) via Calendly or comment on the Website.
To operate our website (Art. 30 and Art. 31 para. 1 and para. 2 let. b FADP / Art. 6 para. 1 let. b and f GDPR): This includes the administration of the users of the website and the activities carried out on it, the operation and further development of the website, ensuring a smooth connection setup, the evaluation of system security and stability and other administrative purposes.
For process and offer optimization (Art. 30 and Art. 31 para. 1 and para. 2 let. e FADP / Art. 6 para. 1 let. a and f GDPR): This includes quality control, the preparation of statistics, budgets and management information and their evaluation, market research, the further development of products and services as well as the company and its processes.
For marketing and advertising purposes (Art. 30 and Art. 31 para. 1 FADP / Art. 6 para. 1 let. a and f GDPR): This includes customer loyalty, the implementation of customer loyalty programs, the optimization of customer offers, market or opinion research and the organization of customer events. You can object to any processing or use of your data for direct marketing purposes at any time. The objection must be addressed to the controller to the following e-mail address dataprotection@gdnext.com.
To comply with legal and regulatory requirements (Art. 30 and Art. 31 para. 1 FADP / Art. 6 para. 1 let. c GDPR): We process your data to fulfill the legal obligations to which we are subject. This includes the processing of data in the context of obligations to provide information to authorities and compliance with tax and/or commercial law regulations (e.g. retention obligations for business and accounting documents).
For the sale or purchase of business divisions, companies or parts of companies and other transactions under company law (Art. 30 and Art. 31 para. 1 FADP / Art. 6 para. 1 let. a and f GDPR).

Categories of personal data processed

The following categories of personal data may be processed by us in connection with our services:

Title, first, last, and other names.
E-mail and mailing addresses.
Telephone numbers.
Company name, position.
IP address.

If you provide us feedback or contact us via e-mail, we will collect your name and e-mail address as well as any other content included in the e-mail, to send you a reply.

How we collect your personal data

We collect data and process data when you:

Voluntarily complete a customer survey or provide feedback on any of our message boards or via email.
Apply to us via email, Calendly, or another communications facility.
Use our website: This includes in particular, but is not limited to, IP address and other identifiers (e.g. user name for social media, MAC address of the smartphone or computer, cookies, web beacons, pixel tags, log files, local shared objects (Flash cookies) or other technologies that automatically collect personal data), date and time of the visit or use of the websites, pages and content accessed, referring websites, etc. – as follows:
Automated data collection and processing on our website
We use various technologies on our website with which we and third parties engaged by us can recognize you when you use our website and, under certain circumstances, track you over several visits. We will inform you about this in this section.

In essence, we want to be able to distinguish between your access (via your system) and access by other users so that we can ensure the functionality of the website and carry out evaluations and personalization. We do not want to draw conclusions about your identity, even if we can, insofar, as we or third parties engaged by us can identify you by combining this with registration data. Even without registration data, however, the technologies used are designed in such a way that you are recognized as an individual visitor each time you access a page, for example by our server (or the servers of third parties) assigning you or your browser a specific identification number (so-called "cookie").

We use such technologies on our website and allow certain third parties to do the same. However, depending on the purpose of these technologies, we may ask for your consent before using them. You can also adjust your current cookie settings on the homepage at any time. You can program your browser to block or deceive certain cookies or alternative technologies or delete existing cookies. You can also add software to your browser that blocks tracking by certain third parties. Further information on this can be found on the help pages of your browser (usually under the heading "Data protection") or on the websites of the third parties.

A distinction is made between the following cookies (technologies with similar functions such as fingerprinting are also included here):

We use both Session and Persistent Cookies for the purposes set out below:
- Necessary / Essential Cookies
  Type: Session Cookies
  
  Administered by: Us
  
  Purpose: These cookies are essential for the proper functioning of the website. Without these cookies, the website will not function properly. We need these cookies to remember your cookies preferences.
- Functionality Cookies
  These cookies allow the website to remember the choices you have made in the past. We currently use offers from the following service providers (insofar as they use data from you, or cookies set by you):
- Performance cookies
  To optimize our website and corresponding offers and to better tailor them to the needs of users, we use cookies to record and analyze the use of our website, possibly even beyond the session. We do this by using third-party analysis services. We have listed these below. Before we use such cookies, we ask for your consent. You can revoke your consent at any time via the cookie settings. We currently use offers from the following service providers and advertising contract partners (insofar as they use data from you, or cookies set by you for advertising control):
  - Google Analytics: Google Ireland Limited (based in Ireland) is the provider of the "Google Analytics" service and acts as our processor. Google Ireland Limited relies on Google LLC (based in the USA) as its processor (both "Google"). Google uses performance cookies (see above) to track the behavior of visitors to our website (duration, frequency of pages accessed, geographical origin of access, etc.) and compiles reports for us on the use of our website on this basis. We have configured the service so that the IP addresses of visitors are truncated by Google in Europe before being forwarded to the USA and therefore cannot be traced back. We have switched the settings "Data transfer" off and "Signals" on. Although we can assume that the information, we share with Google is not personal data for Google, it is possible that Google can use this data for its own purposes to draw conclusions about the identity of visitors, create personal profiles and also ensure that Google links this data to the Google accounts of people who have consented to personalized advertising. If you agree to the use of Google Analytics, you explicitly consent to such processing, which also includes the transfer of personal data (usage data for the website and app, device information and individual IDs) to the USA and other countries. You can find information on Google Analytics data protection here and if you have a Google account, you can find further information on processing by Google here.

GD Next GmbH does not sell user and/or anonymous data to any third party.

Categories of recipients of data

In principle, your personal data might be exclusively transferred to the recipients listed below without your express prior consent:

Customers/partners of GD Next GmbH with a legitimate interest in the information provided in each case. Only business partners of GD Next GmbH who have entered into a written contractual relationship in which they undertake to comply with all applicable data protection regulations may receive data.
Companies affiliated or belonging to the GD Next group: GD Next GmbH, Schlieren, Switzerland; Strategem GmbH, Uitikon, Switzerland; rean-benefits UG (haftungsbeschränkt), Möhrendorf, Germany; Koscon GmbH, Vienna, Austria; LLC Golden Dimension, Kyiv, Ukraine.
Your information, including personal data, may be processed at the any of Company's operating offices and in any other places where the parties involved in the processing are located. You hereby consent to process your information and personal data in locations without GDPR legal requirements. Under the GDPR personal data may be transferred to a third country provided that the level of protection guaranteed by the GDPR is not undermined. We herewith guarantee you that all provisions of the GDPR are implemented at all our entities.
Public bodies and authorities: If it is necessary to clarify an unlawful use of our services or for legal prosecution, personal data will be forwarded to law enforcement authorities and, if necessary, to injured third parties. However, this only happens if there are concrete indications of unlawful or abusive behavior. Data may also be passed on if this serves to enforce terms of use or other agreements. We are also legally obliged to provide information to certain public authorities on request. These are law enforcement authorities, authorities that prosecute administrative offenses subject to fines and the tax authorities. This data is passed based on our legitimate interest in combating abuse, prosecuting criminal offenses, and securing, asserting and enforcing claims, Art. 30 and Art. 31 para. 1 FADP and Art. 6 para. 1 let. f GDPR.
Processors: We may use contractually affiliated external service providers ("processors") to provide our services. In such cases, personal data is passed on to these processors to enable them to carry out further processing. These processors are carefully selected and regularly checked by us. The processors may only use the data for the purposes specified by us and are also contractually obliged by us to treat your data exclusively in accordance with this privacy policy and the applicable data protection laws. For example, we use IT service providers to provide cloud services, software, and hardware and to carry out maintenance work. The transfer of data to processors takes place based on Art. 9 FADP and Art. 28 para. 1 GDPR, alternatively based on our legitimate interest in the economic and technical advantages associated with the use of specialized processors and the fact that your rights and interests in the protection of your personal data do not prevail, Art. 31 para. 1 FADP and Art. 6 para. 1 let. f GDPR.

Place of storage and retention period of your personal data

We securely store your Data in Germany. We will keep your Data for 3 (three) years starting from your last visit of the Website. Once this period-of-time has expired, we will delete all your Data completely.

Security of your personal data

The security of Your Personal data is important to us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. Your data stored in data centers in Germany, which follow strict security protocols and undergo regular audits to meet the highest standards. While we strive to use commercially acceptable means to protect Your Personal data, we cannot guarantee its absolute security.

Your rights in connection with the processing of your personal data

Right to information (Art. 25 FADP and Art. 15 GDPR): You have the right to request information from us at reasonable intervals about your personal data processed by us. On request, we will provide you with a copy of the data that is the subject of the processing
Right to rectification (Art. 32 FADP and Art. 16 GDPR): You have the right to demand that we rectify incorrectly processed data.
Right to withdraw consent (Art. 6 para. 6 and Art. 31 para. 1 FADP or Art. 7 para. 3 GDPR): If the data processing by us is based on your consent, you have the right to withdraw any consent given to us at any time. The lawfulness of the processing carried out based on the consent until revocation remains unaffected by the revocation.
Right to restriction of processing (Art. 30 para. 2 let. b FADP or Art. 18 GDPR): Under certain conditions, you have the right to restrict the processing of your personal data (e.g. regarding the duration of use, the material reference, or the purpose of processing, etc.). In such a case, we may only continue to process the data in the previous manner if there is a legal justification.
Right to erasure (Art. 30 para. 3 FADP and Art. 17 GDPR): You also have the right to demand that we erase your personal data. Among other things, we are obliged to erase your data if you expressly prohibit us from processing it and there is no justification for further processing, if your personal data is no longer required for the purposes for which it was collected or otherwise processed, if you have withdrawn your consent or if the data has been processed unlawfully.
Right to data disclosure and transfer (Art. 28 FADP and Art. 20 GDPR): Where we process your data automatically for the conclusion or performance of a contract or with your consent, we must, at your request, hand this data over to you in a machine-readable format or - at your option - transfer it to a third party.
You can object to the processing of your personal data for direct marketing purposes at any time without restriction.
Right to lodge a complaint (Art. 49 FADP and Art. 77 GDPR): If applicable to you, you have the right to lodge a complaint with a competent data protection authority. The supervisory authority responsible for Switzerland can be contacted at the following address: Federal Data Protection and Information Commissioner, Feldeggweg 1, CH 3003 Bern.

Links to other websites

This Website may contain links to other websites of partners that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the privacy policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

Changes to this privacy policy

We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.