Privacy Policy
1. Provider and Data Protection Officer
Provider of the website and controller in the sense of data protection law is the:
Nextron Systems GmbH
Bruchstrasse 8
63128 Dietzenbach
You can reach Nextron’s data protection officer at:
krupna LEGAL / Dr. Karsten Krupna
E-mail: data.protection@nextron-systems.com
2. Data processing for enabling the website use
If you merely visit our websites, i.e. do not otherwise transmit information to us, e.g. via a contact form, we automatically collect and store information that your browser automatically sends to us. This data is temporarily stored on the server.
The following data will be collected automatically:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data is technically required to display the website and to ensure the security of our website. We evaluate this data exclusively for statistical purposes in order to eliminate possible technical errors and, if necessary, identify and prevent attacks and security risks. These data are not stored together with other personal data of the user.
The legal basis for the temporary storage of data and log files is our legitimate interest in the security and stability of our website (Art. 6 para. 1 sentence 1 lit. f GDPR).
3. Newsletter
3.1. General information
You can subscribe to the newsletter on our website, which we use to inform you monthly about our products, new features and blog posts. The content of the individual newsletter will be briefly described during the registration process. The legal basis for sending the respective newsletter is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
For the registration to our newsletter, we use the so-called double-opt-in procedure. This means that after your registration, we will send you an e-mail to the e-mail address you provided, in which we ask you to confirm that you wish to receive the newsletter.
Mandatory information for sending the newsletter is only your e-mail address. After your confirmation, we store your e-mail address for the purpose of sending the newsletter and until withdrawn. We also store your IP address current at the time of registration, the time of registration and confirmation for up to three years after registration (statute of limitations). The purpose of this procedure is to be able to prove your registration in case of doubt and, if necessary, to clarify any misuse of your personal data. The legal basis for logging the registration is Art. 6 para. 1 sentence 1 lit. c GDPR.
You can withdraw your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare the withdrawal by clicking on the link provided in every newsletter email or by sending an email to data.protection@nextron-systems.com.
3.2. Newsletter Tracking
We would like to point out that we evaluate your user behavior when sending the newsletter in order to determine whether and when the newsletter was opened. For this evaluation, the sent e-mails contain so-called web beacons or tracking pixels.
For example, we can see whether a newsletter message was opened and which links, if any, were clicked. In addition, we can see whether certain pre-defined actions were performed after opening/clicking (conversion rate).
With the data thus obtained, we create a user profile in order to tailor the newsletter to your individual interests. In doing so, we record when you read our newsletters, which links you click on in them and infer your personal interests from this. The legal basis for this data processing is your consent in accordance with § 25 para. 1 sentence 1 TDDDG for the storage and access to information in terminal equipment and Art. 6 para. 1 sentence 1 lit. a GDPR for our further processing of your data.
We can thus recognize, for example, whether you have made a purchase after clicking on the newsletter. Brevo also allows us to subdivide (“cluster”) newsletter recipients based on various categories. In doing so, the newsletter recipients can be subdivided by age, gender or place of residence, for example.
In this way, the newsletters can be better adapted to the respective target groups. For detailed information on the Brevo functions, please refer to the following link: https://www.brevo.com/de/newsletter-software/?rtype=n2go. Information on data protection at Brevo can also be found here: https://www.brevo.com/de/datenschutz-uebersicht/. You may withdraw your consent at any time with effect for the future. In this case, the withdrawal includes the entire newsletter, as a separate withdrawal of the tracking is unfortunately not technically possible. To do this, simply click the unsubscribe link provided in each e-mail. Your data will then no longer be used for the above purposes.
The information from the tracking is stored as long as you are subscribed to the newsletter.
Moreover, such tracking is not possible if you have deactivated the display of images by default in your e-mail program. In this case, the newsletter will not be fully displayed to you and you may not be able to use all of its features. If you display the images manually, the tracking mentioned above will take place.
4. Contact
On our website you will find the option to contact us using the appropriate forms. Only the fields marked as mandatory (*) must be completed for your inquiry to be answered. Any other information you provide is voluntary. The data you enter in the forms is sent to us and stored using SSL encryption. The following data (metadata) is also stored when the form is sent:
- Your IP address
- Date and time of transmission
The metadata collected is used to prevent misuse of the contact form and to ensure the security of our information technology systems.
As an alternative to using our contact forms, you can also write to us at the e-mail addresses provided. In this case, the data transmitted with the e-mail will be stored.
The legal basis for the processing of the data transmitted by you is basically Art. 6 para. 1 sentence 1 lit. f GDPR, or if your request is aimed at the conclusion of a contract, Art. 6 para. 1 sentence 1 lit. b GDPR.
We generally store the personal data you provide for 3 years, unless we are obliged to store it for longer. The additional metadata collected with the transmission will be deleted after a period of 7 days at the latest.
5. Applications
You may find vacant job offers on our website. You have the option to apply by e-mail or by post.
As part of the application, you will be asked to provide personal information (e.g. name and contact details). For the establishment and implementation of a possible employment relationship, the provision of certain data is required. If you do not provide this data, your application is incomplete and cannot be considered further in the application process. The provision of other information and the upload of files or documents (e.g. CV or application photo) is not mandatory at this stage of the application process, but optional. If you only provide mandatory information, there will be no disadvantages for your application.
Your data will be processed by Nextron for the purpose of deciding on the establishment of an employment relationship. The legal basis for data processing by Nextron is Art. 88 para. 1 GDPR in conjunction with the respective national regulation, in Germany § 26 para. 1 sentence 1 BDSG. If special categories of personal data are affected, the processing is governed by Art. 88 GDPR in conjunction with the national regulation, in Germany § 26 para. 3 BDSG.
6. Cookies
6.1. General information about Cookies
In addition to the data mentioned in section 2, our website uses cookies. Cookies are small text files that are stored on your device when you visit our website and enable your browser to be reassigned. Cookies store information such as your language settings, the duration of your visit to our website or the information you enter there. This avoids you having to re-enter all necessary data each time you visit our website. Cookies also enable us to recognize your preferences and make our website more user-friendly.
With a modern web browser, you can monitor, restrict, or prevent the setting of cookies. Many web browsers can be configured to automatically delete cookies when the program is closed. The deactivation of cookies may result in limited functionality of our website.
Most browsers automatically accept cookies. If you want to prevent cookies from being stored, you can select “do not accept cookies” in your browser settings. You can find out how this works in detail from the instructions of your browser manufacturer. You can delete cookies that are already stored on your computer at any time. However, we would like to point out that our website may only be of limited use without cookies.
The following cookies are used on our website:
6.1.1. Session Cookies
The session cookies are deleted when you log out or close your browser.
6.1.2. Persistent Cookies
These cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete the cookies at any time in the security settings of your browser.
6.1.3. Legal basis
The legal basis for essential cookies depends on our legitimate interest (Art. 6 para. 1 sentence 1 lit. f GPPR) for the basic functionality of our website.
Cookies used for services and statistics takes place on your consent (Art. 6 para. 1 sentence 1 lit. a GDPR, § 25 para. 1 sentence 1 TDDDG). You can withdraw your consents any time by changing your privacy settings or by clicking on the button “Change privacy consent” in the footer of our website.
6.2. Consent with Real Cookie Banner
We use the cookie consent technology “Real Cookie Banner” to obtain your consent to the storage of certain cookies on your terminal device or to the use of certain technologies and to document this in a data protection compliant manner. The provider of this technology is devowl.io GmbH, Tannet 12, 94539 Grafling, https://devowl.io/de/wordpress-real-cookie-banner/.
Each consent is documented to fulfill the duty of disclosure. The following data is documented for each consent:
- Your consent(s) or withdrawal of your consent(s).
- Your IP address
- Information about your browser
- Information about your terminal device
- Time of your visit to the website
Furthermore, Real Cookie Banner stores a cookie in your browser in order to be able to assign the consent(s) given to you or their withdrawal. The data collected in this way will be stored until you request us to delete it, until you delete the Real Cookie Banner cookie yourself, or until the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected.
Data processing in the scope of the use of the Real Cookie Banner cookie shall ensure our legitimate interest in complying with legal requirements to obtain the consent necessary for technically non-essential cookies and to prove compliance with these requirements. The legal basis is Art. 6 para. 1 sentence 1 lit. c GDPR.
7. Tracking tools / other Services
7.1. Google Analytics
Our website uses the “Google Analytics 4 (GA4) tracking tool. This is a service provided by Google Ireland Limited, a company registered and operated in accordance with Irish law, headquartered at Gordon House, 4 Barrow Street, Dublin, Ireland (“Google”). This tracking tool helps us to make our online offers more interesting for you and to improve the user experience. Data on the use of our website is stored in pseudonymized user profiles. In addition to JavaScript and pixels, cookies can also be used for this purpose. Further information on the use of cookies can be found at: https://support.google.com/analytics/answer/11397207?hl=de. The types of personal data processed include online identifiers (including cookie identifiers), internet protocol addresses and device identifiers, identifiers assigned by the customer.
Data from different devices, sessions, and interactions can additionally be linked to a user ID. This information is generally transferred to a Google server in the USA and stored there.
As part of the evaluation, Google also uses artificial intelligence (AI) to automatically analyze, classifies, and enrich data. This is done in particular for predictive metrics on future user behavior based on structured event data, such as purchase probability, churn probability and predicted revenue. The forecast measurement values can also be used for forecast target groups. You can find out more about this at: https://support.google.com/analytics/answer/9846734.
Google uses modeling techniques to estimate online conversions that cannot be captured directly. This enables more realistic statements to be made in reports, advertising campaigns to be optimized and automatic bidding to be improved. You can find more information on this at: https://support.google.com/analytics/answer/10710245.
Finally, the data is analyzed using Analytics statistics. Google provides automatic and user-defined statistics. You can find out more about this at: https://support.google.com/analytics/answer/9443595.
By default, Google already automatically anonymizes user IP addresses when collecting user data. Google also does not log or store the IP addresses. The truncating of IP addresses does not mean that data is processed entirely in anonymized form. Thus, when Google Analytics is used, usage data is collected that is to be evaluated as personal data, such as identification features of the individual users, which also allow a link to an existing Google account, for example.
On our behalf, Google will use this information to evaluate your usage of our website, to compile reports on website activity, and to provide other services related to website and Internet usage to us. The pseudonymized user profiles are not combined with personal data about the bearer of the pseudonym unless separate consent has been obtained for this.
For more information on Google Analytics, see: https://support.google.com/analytics/answer/12017362.
Please note that Google also has independent access to your data collected via Google Analytics and may also use this data for its own purposes. Google may, for example, link this data to other information about you, such as search history, personal account, usage data from other devices, and all other data that Google has about you.
The legal basis for the use of Google Analytics is based on your consent, based on § 25 para. 1 sentence 1 TDDDG for the storage and access to information in terminal equipment and Art. 6 para. 1 sentence 1 lit. a GDPR for our further processing of your data. You give your consent to this via our cookie banner. Please note that Google is a company from the USA. Information about Google’s data centers locations can be found at www.google.com/about/datacenters/locations/. The new EU standard data protection clauses were agreed as appropriate safeguards to ensure an adequate level of protection for the transfer of data. In addition, Google LLC is an active participant in the EU-U.S. Data Privacy Framework, which ensures the secure transfer of personal data to the USA. You can find further information here: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
7.2. Google reCaptcha
We use Google reCAPTCHA (hereinafter “reCAPTCHA”) on our website. This is a service provided by Google. The purpose of reCAPTCHA is to check whether the data input on our website (e.g. when registering for a newsletter) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor accesses or enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Google. The reCAPTCHA analyses run completely in the background. You will not be informed separately that an analysis is taking place.
The legal basis for the use of reCAPTCHA is your consent, based on § 25 para. 1 sentence 1 TDDDG for the storage and access to information in terminal equipment and Art. 6 para. 1 sentence 1 lit. a GDPR for our further processing of your data. You give your consent to this via our cookie banner. Please note that the provider is a company from the USA. Information about the locations of Google’s data centers can be found at www.google.com/about/datacenters/locations/. The new EU standard data protection clauses have been agreed as suitable guarantees to ensure an appropriate level of protection when transferring data. In addition, Google LLC is an active participant in the EU-U.S. Data Privacy Framework, which guarantees the secure transfer of personal data to the USA. Further information can be found here: https://www.dataprivacyframework.gov/list.
Further information on reCAPTCHA and Google’s privacy policy can be found at the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.
7.3. Google Ads Conversion
We use the “Google Ads Conversion” service to advertise our products on external websites with the help of advertising material and to determine success of our advertising measures. These advertising materials are delivered by Google via so-called “ad servers”. If you access our website via a Google ad, Google Ads will store a cookie on your end device. These cookies generally lose their validity after 30 days and are not used to identify you personally. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wishes to be addressed) are usually stored as analysis values for this cookie.
Aforementioned cookies enable Google to recognize your internet browser. Therefore, if you have visited certain websites of an Ads customer and the cookie stored on your computer has not yet expired, Google and the Ads customer can recognize that you clicked on the ad and were redirected to this page. Cookies cannot be tracked via the websites of Ads customers. We ourselves do not collect and process any personal data in aforementioned advertising measures. We only receive statistical evaluations from Google. Based on these evaluations, we can recognize which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising material; in particular, we cannot identify you based on this information.
The legal basis for the use of Google Ads Conversion is your consent, based on § 25 para. 1 sentence 1 TDDDG for the storage and access to information in terminal equipment and Art. 6 para. 1 sentence 1 lit. a GDPR for our further processing of your data. You give your consent to this via our cookie banner. Please note that the provider is a company from the USA. Information about Google’s data center’s locations can be found at www.google.com/about/datacenters/locations/ The new EU standard data protection clauses have been agreed as suitable guarantees to ensure an appropriate level of protection when transferring data. In addition, Google LLC is an active participant in the EU-U.S. Data Privacy Framework, which guarantees the secure transfer of personal data to the USA. You can find more information here: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.
Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on scope and further use of data collected by Google through use of this tool and therefore inform you according to our level of knowledge as follows: By integrating Ads Conversion, Google receives information that you have accessed the relevant part of our website or clicked on one of our ads. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider will find out your IP address and store it.
You can find more information on data protection at Google here: https://support.google.com/google-ads/answer/93148 https://ads.google.com/intl/de_de/home/faq/gdpr/
7.4. Google Tag Manager
We use Google Tag Manager “GTM”. This Google service allows website tags to be managed via an interface. However, GTM only implements tags. In this respect, no cookies are used. GTM only triggers other tags, which in turn may collect data, but GTM does not access this data. Data is only analyzed in the respective tool (see the tools listed in section 8 for details). However, the GTM records your IP address and online identifiers (including cookie identifiers), which may also be transmitted to Google in the USA. You can find additional information on GTM at https://support.google.com/tagmanager/answer/6102821?hl=de
The legal basis for the use of GTM is your consent, based on § 25 para. 1 sentence 1 TDDDG for the storage and access to information in terminal equipment and Art. 6 para. 1 sentence 1 lit. a GDPR for our further processing of your data. You give your consent to this via our cookie banner.
Please note that the provider is a company from the USA. Information about Google’s data center’s locations can be found at www.google.com/about/datacenters/locations/. The new EU standard data protection clauses have been agreed as suitable guarantees to ensure an appropriate level of protection when transferring data. In addition, Google LLC is an active participant in the EU-U.S. Data Privacy Framework, which guarantees the secure transfer of personal data to the USA. Further information can be found here: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active.
8. Social Plugins – You Tube
Our website uses plug-ins from YouTube, which is operated by Google. If you visit one of our websites featuring a YouTube plug-in and actively click on the corresponding field, a connection to YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited. If you are logged in to your YouTube account, you allow YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
The legal basis for the use of YouTube is based on your consent pursuant to § 25 para. 1 sentence 1 TDDDG for the storage and access to information in end devices, as well as pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR for the further processing of your data. You give your corresponding consent via our cookie banner. Please note that Google is a company from the USA. Information about the locations of Google’s data centers can be found at www.google.com/about/datacenters/locations/. The new EU standard data protection clauses were agreed as appropriate safeguards to ensure an adequate level of protection for the transfer of data. In addition, Google LLC is an active participant in the EU-U.S. Data Privacy Framework, which ensures the secure transfer of personal data to the USA. You can find further information here: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
Further information on how user data is handled is available in see YouTube’s Privacy Policy at: https://www.google.de/intl/de/policies/privacy.
9. (Social) Media presence
9.1. Data processing by Nextron and legal basis
Our website contains links to (social) networks (X, LinkedIn, Discord, GitHub and YouTube). These websites are operated exclusively by third parties. If you follow the links, the respective provider may process personal data about you. Please note the data protection information of the provider in this regard.
9.2. Data processing by Nextron and legal basis
Our social media presences and links to third-party providers (e.g. X, LinkedIn, Discord, GitHub and YouTube) serve the purpose of informing you about Nextron as well as new developments, services and products of Nextron. Depending on the offer of the respective providers, you have the possibility of different interaction (comments, recommendations etc.) e.g. in connection with our social media presence. The interaction of the users is an important criterion for us in order to carry out targeted marketing. For example, we can determine which articles are read preferentially. We therefore also use the statistics determined by the providers in this regard for our own purposes. Insofar as we process personal data of users in this context, the legal basis for this is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest then consists in particular in targeted information / advertising. The providers will inform you separately about the legal basis on which they process your data for their own purposes.
9.3. Joint responsibility
In some cases, we are jointly responsible with the social media providers for processing your personal data. In this case you can assert your rights (see section 14) generally either against us or against the social media provider. However, the social media provider is the first point of contact.
We have concluded a joint responsibility agreement with LinkedIn Ireland for the processing of personal data. This applies in relation to so-called “page insights”. These are aggregated page statistics, whereby LinkedIn does not provide us with any personal data from you. Details on the insights data and our agreement with LinkedIn can be found at the following link.
Please note that the social media providers also process your data outside the EU/EEA. LinkedIn Corporation is an active participant in the EU-U.S. Data Privacy Framework, which ensures the secure transfer of personal data to the USA when data is transferred to them. Further information can be found here: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC&status=Active
With regard to the storage period of the data we process from you for our own purposes, please refer to our explanations under section 13. Otherwise, please observe the data protection provisions of the social media provider.
10. Links to websites of other providers
Our websites may contain links to websites of other providers which are not covered by this Privacy Policy. Insofar as the collection, processing or use of personal data is connected to the use of the websites of other providers, please note the privacy policy of the respective providers.
11. Data transfer
A transfer of your personal data to third parties generally does not take place unless we are legally obliged to do so, the data transfer is necessary for the execution of the contractual relationship, or you have previously expressly consented to the transfer of your data.
We cooperate with several service providers who assume technical and content-related tasks in the provision of our website. This includes services such as hosting and maintenance of our website. The following service provider is currently in use: Host Europe GmbH, Hansestrasse 111, 51149 Köln. In these cases, however, the scope of the transmitted data is limited to the necessary minimum. Insofar as our service providers process your personal data on our behalf, we ensure within the scope of Art. 28 GDPR that they comply with the provisions of the data protection laws in the same manner.
We attach importance to processing your data within the EU / EEA. Insofar as necessary for our purposes, we will only transfer personal data to recipients outside the EU if you have given your consent, if there is a legal obligation to do so, or if the transfer of data is permitted on another legal basis. As part of data processing, your data will also be transferred to recipients based in the USA, for example. An appropriate level of data protection is ensured by the conclusion of the new so-called EU standard contractual clauses and/or the participation of the service provider in the USA in the EU-U.S. Data Privacy Framework. An overview of the participants in the EU-U.S. Data Privacy Framework can be found here: https://www.dataprivacyframework.gov/s/participant-search
12. Duration for which personal data is stored /criteria for determining the duration
Your personal data will be stored by Nextron for as long as it is necessary for the afore-mentioned purposes of processing, in the event of an objection no compelling reasons worthy of protection oppose Nextron or in the event of a revocation no other legal basis for data processing exists. In certain cases, e.g. if there is a legal obligation to retain data, your personal data will not be deleted immediately, but blocked initially.
If an application (see section 5) is successful, your data will be transferred to the personnel file and stored beyond the period of the application process in accordance with the statutory provisions. If your application is not successful, we will store your data beyond the period of the application process for a maximum of 6 months, unless you have given your consent to further data processing.
13. Your rights
Within the framework of the legal requirements, you have a fundamental claim against Nextron for
- confirmation as to whether personal data concerning you is processed by Nextron,
- information about these data and the circumstances of processing,
- correction, if this data is incorrect,
- deletion, unless the processing is not justified and there is no (longer an) obligation to keep the data,
- restriction of processing in special cases determined by law,
- objection in case of data processing on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR and
- transmission of your personal data – if you have provided it – to you or a third party in a structured, common and machine-readable format.
Insofar as the processing of your personal data is based on your consent, you have the right to revoke this consent at any time, with the consequence that the processing of your personal data will become inadmissible for the future. However, this does not affect the lawfulness of the processing carried out on the basis of the consent up to the point of revocation.
Please address your specific request in writing or by e-mail to our data protection officer (see section 1), clearly identifying yourself.
Insofar as we process your data in joint controllership with third parties within the meaning of Art. 26 GDPR (see section 10.3), the third party is centrally responsible for the exercise of all rights of the persons concerned. However, you are free to assert your rights against us as well.
Finally, we would like to draw your attention to your right of appeal to the supervisory authority.
14. Data security
For security reasons and to protect the transmission of confidential content that you send to us as a site operator, our website uses an SSL or TLS encryption. Thus, the data that you submit via this website is for others not readable. You will recognize an encrypted connection at the “https://” address bar of your browser and at the lock icon in the browser bar.
15. No automated individual decision
We do not use your personal data for automated individual decisions
16. Changes to our privacy policy
We reserve the right to change this Privacy Policy at any time in accordance with applicable privacy laws. The current status is October 2024.