Privacy Policy
Last updated: May 07, 2024
General
Based on Article 13 of the Swiss Federal Constitution and the data protection provisions of the Swiss
Confederation (Data Protection Act, DSG) and - where applicable - the EU General Data Protection Regulation
(GDPR), every person is entitled to protection of their privacy and protection against misuse of their
personal data. In case of collision of the DSG (Swiss laws) with the GDPR (EU laws), DSG (Swiss laws) shall
apply to this Privacy policy and Data protection of the Users.
The protection of your personal data is important to us. You can expect us to handle your data sensitively
and carefully and to ensure a high level of data security. This privacy policy specifies and regulates the
collection, storage, and transfer of personal data about Visitors of this Website as well as of our
customers and informs you about your privacy rights and how the law protects you.
This Privacy policy is binding for the Owner and Administrators of the Website, our customers as well as for
the Visitors of the website and any counterpart, who has access to the Data. By visiting/using the Website,
you accept the collection and use of information in accordance with this Privacy policy. If you do not agree
with this Privacy policy, please leave the Website.
Identity and contact details of the controller and data protection officer (DPO)
GD Next GmbH, HR CHE-432.135.089, registered and acting under the laws of Switzerland as the operator of the
website https://www.gdnext.com is the controller within the meaning of the Swiss Data Protection Act (DPA)
and the EU General Data Protection Regulation (GDPR) and can be contacted under
GD Next GmbH, Wagistrasse 21 in 8952 Schlieren or via
info@gdnext.com
The DPO of GD Next GmbH can be contacted via the above address, attn. data protection department or by e-mail
at dataprotection@gdnext.com
Purpose of processing and legal basis
We process your personal data mentioned in section 4 (below) for the following purposes:
- To conclude and process your contractual relationship and to process your inquiries (Art. 30 and Art.
31 para. 1 and para. 2 let. a FADP / Art. 6 para. 1 let. b GDPR): The purposes of data processing
depend
on the intended transaction. We collect this data to provide our services to you or to be able to obtain
such services from you, specifically to contact you by email, telephone calls, SMS, or other equivalent
forms of electronic communication regarding your application (request) via Calendly or comment on the
Website.
- To operate our website (Art. 30 and Art. 31 para. 1 and para. 2 let. b FADP / Art. 6 para. 1 let. b
and
f GDPR): This includes the administration of the users of the website and the activities carried out
on
it, the operation and further development of the website, ensuring a smooth connection setup, the
evaluation of system security and stability and other administrative purposes.
- For process and offer optimization (Art. 30 and Art. 31 para. 1 and para. 2 let. e FADP / Art. 6
para. 1
let. a and f GDPR): This includes quality control, the preparation of statistics, budgets and
management
information and their evaluation, market research, the further development of products and services as
well as the company and its processes.
- For marketing and advertising purposes (Art. 30 and Art. 31 para. 1 FADP / Art. 6 para. 1 let. a and
f
GDPR): This includes customer loyalty, the implementation of customer loyalty programs, the
optimization
of customer offers, market or opinion research and the organization of customer events. You can object
to any processing or use of your data for direct marketing purposes at any time. The objection must be
addressed to the controller to the following e-mail address dataprotection@gdnext.com.
- To comply with legal and regulatory requirements (Art. 30 and Art. 31 para. 1 FADP / Art. 6 para. 1
let.
c GDPR): We process your data to fulfill the legal obligations to which we are subject. This
includes
the processing of data in the context of obligations to provide information to authorities and
compliance with tax and/or commercial law regulations (e.g. retention obligations for business and
accounting documents).
- For the sale or purchase of business divisions, companies or parts of companies and other transactions
under company law (Art. 30 and Art. 31 para. 1 FADP / Art. 6 para. 1 let. a and f GDPR).
Categories of personal data processed
The following categories of personal data may be processed by us in connection with our services:
- Title, first, last, and other names.
- E-mail and mailing addresses.
- Telephone numbers.
- Company name, position.
- IP address.
If you provide us feedback or contact us via e-mail, we will collect your name and e-mail address as well as
any other content included in the e-mail, to send you a reply.
How we collect your personal data
We collect data and process data when you:
- Voluntarily complete a customer survey or provide feedback on any of our message boards or via email.
- Apply to us via email, Calendly, or another communications facility.
- Use our website: This includes in particular, but is not limited to, IP address and other identifiers
(e.g. user name for social media, MAC address of the smartphone or computer, cookies, web beacons, pixel
tags, log files, local shared objects (Flash cookies) or other technologies that automatically collect
personal data), date and time of the visit or use of the websites, pages and content accessed, referring
websites, etc. – as follows:
- Automated data collection and processing on our website
We use various technologies on our website with which we and third parties engaged by us can
recognize you when you use our website and, under certain circumstances, track you over
several visits. We will inform you about this in this section.
In essence, we want to be able to distinguish between your access (via your system) and
access by other users so that we can ensure the functionality of the website and carry out
evaluations and personalization. We do not want to draw conclusions about your identity,
even if we can, insofar, as we or third parties engaged by us can identify you by combining
this with registration data. Even without registration data, however, the technologies used
are designed in such a way that you are recognized as an individual visitor each time you
access a page, for example by our server (or the servers of third parties) assigning you or
your browser a specific identification number (so-called "cookie").
We use such technologies on our website and allow certain third parties to do the same.
However,
depending on the purpose of these technologies, we may ask for your consent before using
them.
You can also adjust your current cookie settings on the homepage at any time. You can
program
your browser to block or deceive certain cookies or alternative technologies or delete
existing
cookies. You can also add software to your browser that blocks tracking by certain third
parties. Further information on this can be found on the help pages of your browser (usually
under the heading "Data protection") or on the websites of the third parties.
A distinction is made between the following cookies (technologies with similar functions such
as fingerprinting are also included here):
We use both Session and Persistent Cookies for the purposes set out below:
- Necessary / Essential Cookies
Type: Session Cookies
Administered by: Us
Purpose: These cookies are essential for the proper functioning of the website.
Without these cookies, the website will not function properly. We need these cookies
to remember your cookies preferences.
- Functionality Cookies
These cookies allow the website to remember the choices you have made in the past. We
currently use offers from the following service providers (insofar as they use data
from you, or cookies set by you):
- Calendly cookies
Type: Temporary cookies; 30 Minutes / 365 days
Administered by: calendly.com
Purpose: These Cookies allow us to embed Calendly meeting scheduling services into
the website. The purpose of these Cookies is to manage incoming traffic allowing us
to protect from DDOS attacks. More information is provided by
https://calendly.com/legal/privacy-notice
- Performance cookies
To optimize our website and corresponding offers and to better tailor them to the
needs of users, we use cookies to record and analyze the use of our website,
possibly even beyond the session. We do this by using third-party analysis services.
We have listed these below. Before we use such cookies, we ask for your consent. You
can revoke your consent at any time via the cookie settings.
We currently use offers from the following service providers and advertising
contract partners (insofar as they use data from you, or cookies set by you for
advertising control):
-
Google Analytics: Google Ireland Limited (based in Ireland) is the
provider of the
"Google Analytics" service and acts as our processor. Google Ireland Limited relies
on Google LLC (based in the USA) as its processor (both "Google"). Google uses
performance cookies (see above) to track the behavior of visitors to our website
(duration, frequency of pages accessed, geographical origin of access, etc.) and
compiles reports for us on the use of our website on this basis. We have configured
the service so that the IP addresses of visitors are truncated by Google in Europe
before being forwarded to the USA and therefore cannot be traced back. We have
switched the settings "Data transfer" off and "Signals" on. Although we can assume
that the information, we share with Google is not personal data for Google, it is
possible that Google can use this data for its own purposes to draw conclusions
about the identity of visitors, create personal profiles and also ensure that Google
links this data to the Google accounts of people who have consented to personalized
advertising. If you agree to the use of Google Analytics, you explicitly consent to
such processing, which also includes the transfer of personal data (usage data for
the website and app, device information and individual IDs) to the USA and other
countries. You can find information on Google Analytics data protection
here
and if you have
a Google account, you can find further information on processing by Google
here.
GD Next GmbH does not sell user and/or anonymous data to any third
party.
Categories of recipients of data
In principle, your personal data might be exclusively transferred to the recipients listed below without your
express prior consent:
- Customers/partners of GD Next GmbH with a legitimate interest in the information
provided in each case. Only business partners of GD Next GmbH who have entered into a written
contractual relationship in which they undertake to comply with all applicable data protection
regulations may receive data.
- Companies affiliated or belonging to the GD Next group: GD Next GmbH, Schlieren,
Switzerland; Strategem GmbH, Uitikon, Switzerland; rean-benefits UG (haftungsbeschränkt), Möhrendorf,
Germany; Koscon GmbH, Vienna, Austria; LLC Golden Dimension, Kyiv, Ukraine.
- Your information, including personal data, may be processed at the any of Company's operating offices
and in any other places where the parties involved in the processing are located. You hereby consent to
process your information and personal data in locations without GDPR legal requirements. Under the GDPR
personal data may be transferred to a third country provided that the level of protection guaranteed by
the GDPR is not undermined. We herewith guarantee you that all provisions of the GDPR are implemented at
all our entities.
- Public bodies and authorities: If it is necessary to clarify an unlawful use of our
services or for legal prosecution, personal data will be forwarded to law enforcement authorities and,
if necessary, to injured third parties. However, this only happens if there are concrete indications of
unlawful or abusive behavior. Data may also be passed on if this serves to enforce terms of use or other
agreements. We are also legally obliged to provide information to certain public authorities on request.
These are law enforcement authorities, authorities that prosecute administrative offenses subject to
fines and the tax authorities. This data is passed based on our legitimate interest in combating abuse,
prosecuting criminal offenses, and securing, asserting and enforcing claims, Art. 30 and Art. 31
para. 1
FADP and Art. 6 para. 1 let. f GDPR.
- Processors: We may use contractually affiliated external service providers
("processors") to provide our services. In such cases, personal data is passed on to these processors to
enable them to carry out further processing. These processors are carefully selected and regularly
checked by us. The processors may only use the data for the purposes specified by us and are also
contractually obliged by us to treat your data exclusively in accordance with this privacy policy and
the applicable data protection laws. For example, we use IT service providers to provide cloud services,
software, and hardware and to carry out maintenance work. The transfer of data to processors takes place
based on Art. 9 FADP and Art. 28 para. 1 GDPR, alternatively based on our legitimate interest in
the
economic and technical advantages associated with the use of specialized processors and the fact that
your rights and interests in the protection of your personal data do not prevail, Art. 31 para. 1
FADP
and Art. 6 para. 1 let. f GDPR.
Place of storage and retention period of your personal data
We securely store your Data in Germany. We will keep your Data for 3 (three) years starting from your last
visit of the Website. Once this period-of-time has expired, we will delete all your Data completely.
Security of your personal data
The security of Your Personal data is important to us but remember that no method of transmission over the
Internet, or method of electronic storage is 100% secure. Your data stored in data centers in Germany, which
follow strict security protocols and undergo regular audits to meet the highest standards. While we strive
to use commercially acceptable means to protect Your Personal data, we cannot guarantee its absolute
security.
Your rights in connection with the processing of your personal data
- Right to information (Art. 25 FADP and Art. 15 GDPR): You have the right to request information
from us
at reasonable intervals about your personal data processed by us. On request, we will provide you with a
copy of the data that is the subject of the processing
- Right to rectification (Art. 32 FADP and Art. 16 GDPR): You have the right to demand that we
rectify incorrectly processed data.
- Right to withdraw consent (Art. 6 para. 6 and Art. 31 para. 1 FADP or Art. 7 para. 3 GDPR): If
the data
processing by us is based on your consent, you have the right to withdraw any consent given to us at any
time. The lawfulness of the processing carried out based on the consent until revocation remains
unaffected by the revocation.
- Right to restriction of processing (Art. 30 para. 2 let. b FADP or Art. 18 GDPR): Under certain
conditions, you have the right to restrict the processing of your personal data (e.g. regarding the
duration of use, the material reference, or the purpose of processing, etc.). In such a case, we may
only continue to process the data in the previous manner if there is a legal justification.
- Right to erasure (Art. 30 para. 3 FADP and Art. 17 GDPR): You also have the right to demand that
we
erase your personal data. Among other things, we are obliged to erase your data if you expressly
prohibit us from processing it and there is no justification for further processing, if your personal
data is no longer required for the purposes for which it was collected or otherwise processed, if you
have withdrawn your consent or if the data has been processed unlawfully.
- Right to data disclosure and transfer (Art. 28 FADP and Art. 20 GDPR): Where we process your data
automatically for the conclusion or performance of a contract or with your consent, we must, at your
request, hand this data over to you in a machine-readable format or - at your option - transfer it to a
third party.
- You can object to the processing of your personal data for direct marketing purposes at any time without
restriction.
- Right to lodge a complaint (Art. 49 FADP and Art. 77 GDPR): If applicable to you, you have the
right to
lodge a complaint with a competent data protection authority. The supervisory authority responsible for
Switzerland can be contacted at the following address: Federal Data Protection and Information
Commissioner, Feldeggweg 1, CH 3003 Bern.
Using reCAPTCHA from Google
We use Google reCAPTCHA, a service provided by Google LLC (“Google”), to help protect our website from spam
and abuse. By using reCAPTCHA, you are subject to the terms of service and privacy policies of Google. The
reCAPTCHA service is used to verify whether actions on our site are performed by humans or bots, ensuring
that forms are submitted by real users and not automated systems.
- Data Collected by Google reCAPTCHA
When you interact with reCAPTCHA, it may collect and process certain personal data from you,
including:
- IP Address: The IP address of your device.
- Browser Information: Information about your browser, such as type, version, and language settings.
- Cookies: Google may use cookies to track your interaction with the reCAPTCHA widget.
- Interaction with the reCAPTCHA Widget: Data about how you use the reCAPTCHA service, such as your
mouse movements or clicks.
This data is collected to determine whether the interaction is human or automated and is not shared with
us directly. Google may also use this data for security purposes or for improvement of their
services.
- Purpose of Data Collection
The information collected by reCAPTCHA is used solely to perform fraud prevention and bot detection
and
to protect the integrity of our online services. It helps to ensure that forms and other actions on
our
website are completed by real users and not by automated systems designed to abuse the platform.
- Privacy and Security
Google's collection and processing of data through reCAPTCHA are governed by its
Privacy Policy and Terms
of Service. We do not have direct access to the data collected by reCAPTCHA and are not
responsible for
its processing. By using our website, you consent to the processing of data by Google in accordance
with
their privacy policies and terms.
- Consent
By interacting with the reCAPTCHA widget on our website, you consent to the collection and processing
of
your data by Google as described above. If you do not agree with this data processing, we recommend
that
you refrain from using the reCAPTCHA functionality on our site.
Links to other websites
This Website may contain links to other websites of partners that are not operated by us. If you click on a
third-party link, you will be directed to that third party's site. We strongly advise you to review the
privacy policy of every site you visit. We have no control over and assume no responsibility for the
content, privacy policies or practices of any third-party sites or services.
Changes to this privacy policy
We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new
Privacy Policy on this page.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy
are effective when they are posted on this page.