Privacy Policy (29.04.2022)

With the following information we would like to inform you about the processing of your personal data by us and your rights resulting from the data protection laws and especially from the general data protection regulation (regulation (EU) 2016/679 – “GDPR”).

1. controller and data protection officer

Controller in accordance with Art. 4 VII GDPR is:
Next Agenda ApS
Lautrupsgade 7
2100 Copenhagen Ø
Phone: +45 72 21 21 21 21
Email: info@nextagenda.dk

If you have any questions concerning data protection, you are welcome to contact our company data protection officer:
Dr. Frederike Rehker
Konica Minolta Business Solutions Europe GmbH
Europaallee 17, 30855 Langenhagen
Phone: +49 (0)511 7404-0
Email: dataprotection@konicaminolta.eu

2. what are my rights as a data subject?

As a data subject, you have the following rights:

2.1 Right of access (Art. 15 GDPR): You have the right to be informed at any time of the categories of personal data processed, the purposes of processing, any recipients or categories of recipients of your personal data and the planned storage period.

2.2 Right of rectification (Art. 16 GDPR): You have the right to request the rectification or completion of personal data concerning you that is incorrect or incomplete.

2.3 Right to erasure (“right to be forgotten”) (Art. 17 GDPR): You have the right to request the immediate erasure of your personal data. In particular, we are obliged as the controller to delete your data in the following cases:

– Your personal data is no longer needed for the purposes for which it was collected.

– A processing of your personal data took place solely on the basis of your consent, which you have now withdrawn, and there is no other legal basis that legitimizes a processing of your personal data.

– You have objected to a processing which is based on the legitimate or public interest, and we cannot prove that there are legitimate grounds for processing.

– Your personal data has been processed unlawfully.

– The erasure of your personal data is necessary in order to comply with a legal obligation to which we are subject.

– Your personal data has been collected in connection with information society services offered in accordance with Art. 8 I GDPR.

Please be aware that the right to erasure is subject to a limitation in the following cases, so that a deletion is excluded:

– Your personal data is used to exercise the right to freedom of expression and information.

– Your personal data serves to fulfil a legal obligation to which we are subject.

– Your personal data is used to carry out a task that is in the public interest or in the exercise of official authority that has been assigned to us.

– Your personal data serves the public interest in the field of public health.

– Your personal data are necessary for archiving purposes in the public interest, for scientific or historical research or for statistical purposes.

– Your personal data serve for us to establish, exercise or defend legal claims.

2.4 Right of restriction of processing (Art. 18 GDPR): You also have the right to request that the processing of your personal data be restricted; in such a case, your personal data will be excluded from any processing. This right applies if:

– You contest the accuracy of your personal data and we have to verify the accuracy of your personal data.

– The processing of your personal data is unlawful and instead of erasing your personal data, you request a restriction of processing.

– We no longer need your personal data for the fulfilment of the specific purposes, but you still need this personal data to establish, exercise or defend legal claims.

– You object to the processing of your personal data and it has not yet been determined whether your or our legitimate reasons override this.

2.5 Right of data portability (Art. 20 GDPR): You have the right to receive the personal data concerning you that you have provided to us as a controller in a structured, common and machine-readable format and to transfer it to another controller. Furthermore, you also have the right to request that your personal data be transferred from us to another controller, insofar as this is technically feasible.

The requirements for the applicability of data portability are:

– Your personal data is automatically processed based on your consent or a contract.

– Your personal data does not serve to fulfil a legal obligation to which we are subject.

– Your personal data will not be used to perform a task that is in the public interest.

– Your personal data do not serve for the performance of a task which is performed in the exercise of an official authority delegated to us.

– The exercise of your right shall not interfere with the rights and freedoms of others.

– Your personal data is automatically processed based on your consent or a contract.

– Your personal data does not serve to fulfil a legal obligation to which we are subject.

– Your personal data will not be used to perform a task that is in the public interest.

– Your personal data do not serve for the performance of a task which is performed in the exercise of an official authority delegated to us.

– The exercise of your right shall not interfere with the rights and freedoms of others.

2.6 Right to object (Art. 21 GDPR): You have the right at any time to object to the processing of your personal data on grounds arising from your particular situation. This also applies to profiling. The requirement for this is that the processing is based on a legitimate interest on our part (Art. 6 I 1 lit. f GDPR) or the public interest (Art. 6 I 1 lit. e GDPR).

Furthermore, you may also at any time object to the processing of your personal data for the purposes of direct marketing or profiling linked to such direct marketing.

Should you object to the processing of your personal data based on a legitimate interest, we will check in each individual case whether we can show grounds worthy of protection that override your interests and rights and freedoms. In the event that there are no reasons worthy of protection on our part or your interests as well as rights and freedoms override our own, your personal data will no longer be processed. An exception is made if your personal data is still used for the establishment, exercise or defense of legal claims.

If you object to the processing of your personal data for the purposes of direct marketing or profiling, insofar as this is linked to such direct marketing, your personal data will no longer be processed for these purposes.

2.7 Right to lodge a complaint with the supervisory authority (Art. 77 GDPR): You also have the right to lodge a complaint with a supervisory authority at any time, in particular with a supervisory authority in the Member State of your residence, place of work or place of suspected infringement, if you consider that the processing of personal data concerning you is in breach of the data protection regulations.

The address of the supervisory authority responsible for our company is:

Data Protection Authority

Carl Jacobsens Vej 35

2500 Valby

Tel. 33 19 32 00

dt@datatilsynet.dk

2.8 Right of withdrawal (Art. 7 GDPR): If you have given us consent to process your personal data, you can withdraw this consent at any time without giving reasons and in an informal manner. Withdrawal of consent does not affect the lawfulness of the processing that has taken place on the basis of the consent up to the point of withdrawal.

3. General information regarding the topic “purposes”

As a matter of principle, the processing of your personal data by us is always linked to a specified, explicit and legitimate purpose, which has already been defined before the processing activity is commenced, in accordance with the principle of purpose limitation under Art. 5 I lit. b GDPR. In the further course of this privacy policy, when a processing activity is cited, a description of the specific purpose is also included.

4. General information regarding the topic “legal bases

We process your personal data in accordance with the GDPR. Accordingly, the processing of your personal data is always founded on a legal basis. Article 6 of the GDPR defines legal bases for the processing of personal data.

4.1 Legal bases for the processing of personal data

Consent

If we obtain your consent for the processing of your personal data, the processing will be carried out on the legal basis of Art. 6 I 1 lit. a GDPR. The following example serves to clarify this legal basis: You receive advertising from us by electronic mail and/or telephone and have given your prior consent.

Contract or pre-contractual measure

If the processing of your personal data is necessary for the fulfilment of a contract with you or for the implementation of pre-contractual measures taken in response to your request, the legal basis on which the processing of your personal data is based is Art. 6 I 1 lit. b GDPR.

Legal obligation

In cases where the processing of your personal data is necessary to comply with a legal obligation to which we are subject, this processing is based on Art. 6 I 1 lit. c GDPR.

Vital interest

Should the processing of your personal data be necessary to protect your vital interests or those of another person, this processing is carried out in accordance with Art. 6 I 1 lit. d GDPR.

Public interest

In cases where we process your personal data in order to perform a task which is in the public interest or in the exercise of official authority delegated to us, Art. 6 I 1 lit. he GDPR constitutes the legal basis.

Legitimate interest

If the processing of personal data is necessary to safeguard a legitimate interest of our company or a third party and at the same time the interests, basic rights and fundamental freedoms of the data subject, which require the protection of personal data, do not override our legitimate interest, Art. 6 I 1 lit. f GDPR serves as the legal basis for the processing.

4.2 Legal bases for the processing of special categories of personal data

If, in extraordinary cases, we need to process special categories of personal data, such as

– data on racial or ethnic origin (e.g. skin color or special languages),

– data on political opinions (e.g. party memberships),

– data on religious or philosophical beliefs (e.g. membership of a sect),

– data on trade union membership,

– genetic data,

– biometric data (e.g. fingerprints or photographs),

– health data (e.g. identification numbers for disabilities),

– or data concerning the sex life or sexual orientation

by you, this processing is based on one of the following legal bases, which are de-fined in Article 9 GDPR.

Explicit consent

If you have given us your explicit consent for the processing of the above categories of personal data, this constitutes the legal basis for the processing in accordance with Art. 9 II lit. a GDPR.

Performing duties under social security/protection and employment law

If the processing of special categories of personal data relating to you is necessary in order to comply with a legal obligation arising from social security/protection or employment law, the legal basis for this processing is Art. 9 II lit. b GDPR.

Protection of vital interests

If the processing of special categories of personal data relating to you should be necessary to protect your vital interests or those of another person, such processing is carried out pursuant to Art. 9 II lit. c GDPR.

Manifestly public data

Insofar as special categories of personal data of yours are processed, which have previously been made public by yourself, the processing of these data is based on Art. 9 II lit. e GDPR.

Establishment / Exercise / Defense of legal claims

Insofar as the processing of the special categories of personal data relating to you serves us to establish, exercise or defend legal claims, Art. 9 II lit. f GDPR constitutes the legal basis for the processing.

Substantial public interest

In the case of the processing of special categories of personal data concerning you in order to safeguard a substantial public interest arising from EU or national law, the processing is based on Art. 9 II lit. g GDPR.

Assessment of the person’s work capacity or other medical purposes such as health care

If the processing of special categories of personal data relating to you arises from a law of the EU or a Member State or a contract concluded with a member of a health profession and is carried out for the purposes of preventive health care, occupational medicine, assessment of an employee’s work capacity, medical diagnosis, care or treatment in the health or social field or the management of systems and services in the health or social field, this processing is based on Art. 9 II lit. h GDPR.

Public interest in the area of public health

If the processing of special categories of personal data of yours should be necessary for public health reasons, including protection against cross-border health threats such as pandemics, this processing is carried out on the legal basis of Art. 9 II lit. in the GDPR.

Archival purposes, scientific / historical research purposes, statistical purposes

Should the processing of special categories of personal data relating to you arise from a right of the EU or a member state, which stipulates processing for archiving, scientific or historical research or statistical purposes in the public interest, this processing is based on Art. 9 II lit. j GDPR.

5. General information regarding the topic “obligation to preserve records and time limits of erasure”

Unless otherwise stated, we delete personal data in accordance with Art. 17 GDPR or restrict its processing in accordance with Art. 18 GDPR. Apart from the retention periods stated in this privacy policy, we process and store your personal data only as long as the data are necessary for the fulfilment of our contractual and legal obligations. Personal data that are no longer required after the purpose has been fulfilled will be regularly deleted, unless further processing is required for a limited period of time, which may result from other legally permissible purposes.

We do not sell or rent user data in principle. A transfer to third parties beyond the scope described in this privacy policy will only take place if this is necessary for the processing of the respective requested service. For this purpose, we work together with service providers in the areas of marketing, sales, IT, logistics and human resources, among others. We select these service providers extremely carefully. In other cases we transfer data to requesting governmental authorities. However, this only takes place if there is a legal obligation to do so, for example if a court order exists.
Locations of the processing of your personal data
In principle, we process your data in Denmark and in other European countries (EU/EEA). If your data is processed in countries outside the European Union or the European Economic Area (i.e. in so-called third countries), this will only take place if you have expressly consented to it, if it is stipulated by law or if it is necessary for our service provision to you. If, in these exceptional cases, we process data in third countries, this will be done by ensuring that certain measures are taken (i.e. on the basis of an adequacy decision by the EU Commission or by presenting suitable guarantees in accordance with Art. 44ff. GDPR).

6. General information regarding the topic “disclosure of personal data”
Recipient of your data

We do not sell or rent user data in principle. A transfer to third parties beyond the scope described in this privacy policy will only take place if this is necessary for the processing of the respective requested service. For this purpose, we work together with service providers in the areas of marketing, sales, IT, logistics and human resources, among others. We select these service providers extremely carefully. In other cases we transfer data to requesting governmental authorities. However, this only takes place if there is a legal obligation to do so, for example if a court order exists.


Locations of the processing of your personal data
In principle, we process your data in Denmark and in other European countries (EU/EEA). If your data is processed in countries outside the European Union or the European Economic Area (i.e. in so-called third countries), this will only take place if you have expressly consented to it, if it is stipulated by law or if it is necessary for our service provision to you. If, in these exceptional cases, we process data in third countries, this will be done by ensuring that certain measures are taken (i.e. on the basis of an adequacy decision by the EU Commission or by presenting suitable guarantees in accordance with Art. 44ff. GDPR).

7. cookies

7.1 General information regarding the topic “cookies”

We use cookies on our website. Cookies are small text files that are stored on your hard drive in accordance with the browser you are using and through which certain information flows to the website that sets the cookie. Many of the cookies we use are deleted after the browser session ends (so-called session cookies). Other cookies remain on your end device and enable us to recognize your browser on your next visit (persistent cookies).

Cookies are used on our website for various purposes. For a better overview, each cookie has been assigned to one of the following categories:

Technically necessary

Cookies that belong to this category are necessary to ensure the core functionality and/or security of this website.

Functionality

Cookies of this category are used to increase user comfort e.g. by storing preferences such as language settings, text size adjustments, user names or local settings.

Marketing

These cookies are used by advertisers to serve ads that are relevant to their prospects.

Performance and analysis

This type of cookie is used to help us analyze website usage in order to measure and improve performance.

In the settings of the browser you use, you have the option of rejecting the acceptance of cookies or, for example, to limit this rejection to cookies from other parties, so-called third-party cookies. However, the browser settings you have made may mean that you may not be able to use all the functions of our website to their full extent.

Here you will find further information on the administration of cookies for corresponding browsers:

– Internet Explorer

– Google Chrome

– Firefox

7.2 Cookie overview
The webservice “Cookie information” scans the website and automatically informs the user of current cookies via a pop-up window.

8. central administration tool – Google Tag Manager

On our website we use the Google Tag Manager, by the Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. With the help of the Tag Manager, we can integrate and manage any software solution, such as Google Analytics, centrally on our website via corresponding code sections – also called tags. These code sections also serve to collect data about your browser, your website visits or to set cookies. However, the Google Tag Manager is only a domain that neither sets cookies nor processes personal data. A processing of your personal data takes place exclusively through the solutions integrated via the code sections, such as Google Analytics itself.

Further information on the processing of your personal data within the framework of the individual solutions used can be found in the separate sections of the individual solutions in the following.

9. In the context of which processing activities are my personal data processed?

9.1 Processing activity – visiting of our website
Insofar as you use our website solely for informational purposes, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your personal browser transmits to our server. This data is technically necessary so that the website can be displayed to you. Furthermore, this data is technically necessary to ensure the stability and security of our website. The legal basis for the processing of your personal data in this case is Art. 6 I lit. f GDPR; the legitimate interest in this case is the provision and optimal presentation of this website as well as the protection of this against external attacks and their traceability. We delete this personal data after the end of the usage process, unless we need it for purposes of abuse detection and abuse traceability; in such a case, we retain this data for up to a maximum of 30 days.
When visiting our website, the following personal data may thus be processed, which is automatically transmitted by your browser to our servers and stored there in the form of so-called “log files”:

– IP address of the terminal device used to access the website

– Date, time and duration of the request

– Country of origin of the request

– Content of the request (specific page / file)

– Access status/http status code (e.g. “200 OK”)

– Internet address of the website from which the request to access our website was made

– Browser and installed add-ons (e.g. Flash Player)

– Operating system and interface

– Language and version of the browser software

– Amount of data transferred in each case

– Time zone difference to Greenwich Mean Time (GMT)

We can only provide some of the services offered on our website if we are able to contact you. In this respect, the possibility of using these services depends on you providing us with certain personal (contact) data. We collect, use and process this personal data only to the extent necessary to provide you with the respective service. If you contact us by e-mail or via a contact form, the personal data you provide in each case (your e-mail address and other information you provide voluntarily, such as your name/telephone number) will be stored by us in order to process your request and, if necessary, answer your questions.

Here, the legal basis for the processing of your personal data is Art. 6 I 1 lit. f GDPR; the legitimate interest is to answer your request. After a final response to your request, we delete your request and the information on the processing with a period of three years after the end of the respective calendar year.

9.2 Processing activity – One.com

Our website is managed by One.com Group AB, Reg.no. 559205-2400, Malmö, Sweden.

Thus, your personal data collected on this website is stored on the servers of this service provider. The data may be, for example, your IP address, meta and communication data or data from a contact form.
The legal basis for the use of One.com Group AB as a hosting provider of our website is, according to Art. 6 I 1 lit. b GDPR, the fulfillment of the contract with our customers and potentially interested parties.


9.3 Processing activity – Cookie Information
On our website we use the Consent Platform from Cookie Information. This is a consent management tool based on JavaScript. With the help of this tool, we can give the visitor of our website both an overview of the essential software solutions used and the possibility to decide on the use of any other software solutions that require prior consent. Furthermore, the platform offers the visitor the possibility to withdraw any given consent at any time without giving reasons and thus to prevent the future processing of personal data by the respective software solution. Furthermore, with the help of the platform, we can meet the requirement resulting from the GDPR for consent management, which provides, among other things, the possibility to prove that consents have been given or not.

In the context of the use of Cookie Information, the following data may be processed, among other things:

– Consent data

– Consent -ID

– Consent status (Opt-in, Opt-out)

– Consent timestamp

– Language of the consent banner

– Version of the banner template

– Device data (http Agent, http Referrer)

The use of Cookie Information and the associated processing of personal data serves to fulfill legal obligations within the meaning of Art. 6 I 1 lit. c GDPR.

Deletion of your personal data in connection with the use of Cookie Information will take place as soon as it is no longer required to fulfill the purpose. In case of withdrawal of consent, we retain the information regarding the withdrawal for three years. The retention results on the one hand from the accountability according to Art. 5 II GDPR.


9.4 Process activity – Special Fonts



9.4.1 Google Fonts

On our website, we use fonts from Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. These fonts are grouped together by Google under the name Google Fonts. By using Google Fonts, no cookies are set on your terminal device. The fonts are loaded and integrated via the corresponding application programming interfaces (APIs for short) from Google (fonts.googleapis.com and fonts.gstatic.com). The request to load and integrate the Google Fonts takes place shortly after your visit to our website. The request transmits personal data such as your IP address or the version of your browser to the Google servers and requests the corresponding cascading style sheets (CSS files) and font files from Google. Style sheets are files that are used to change the design of a website, such as the font or font size. A font file contains any information about how the font is displayed. Requests for CSS files are stored by Google for one day and requests for font files are stored for one year. The legal basis for the processing of your personal data in the context of the use of Google Fonts is your consent pursuant to Art. 6 I 1 lit. a GDPR.

Due to Google’s localization, the transfer of your personal data to Google may involve a third country transfer, i.e. a transfer of personal data to a destination that is neither in the European Union nor in the European Economic Area, in this case especially to the USA. The processing of your personal data outside the EU/EEA will be based on your consent according to Art. 49 I lit. a GDPR. In the USA no guarantees for an adequate data protection level are in place. As a result, the processing of personal data is affected by additional risks to the rights and freedoms of data subjects. Rights of data subjects might, in the worst case, not be able to be exercised. Information on your right of withdrawal can be found under point 2.9 “Right of withdrawal (Art. 7 GDPR)” in this privacy policy.

Your personal data will not be stored by us as the controller.
Further information regarding processing by Google can be found in the privacy policy.



9.5 Processing activity – Webanalytics



9.5.1 Google Analytics

On our website we use the service Google Analytics. This is a web analytics service provided by the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: Google). We use Google Analytics to analyze the use of our website and to improve it regularly. We can use the statistics obtained to improve our offer and make it more interesting for you as a user.

Within the scope of the use of Google Analytics, cookies are set on your end device which enable an analysis of your visit / use of our website. You can find further information on the topic of cookies under “7. cookies”.
You can prevent the storage of cookies by making the appropriate setting in your browser; however, we would like to inform you that you may then not be able to use all functions of this website to their full extent. In addition, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the further processing of this data by Google by downloading and installing the browser plugin available under the following link(https://tools.google.com/dlpage/gaoptout?hl=en)
When the information stored in the cookies about your visit and use of our website is transferred to Google’s servers, it may be transferred to a third country (e.g. to the USA) due to its localization. However, due to the activated anonymization function, your IP address will be shortened within the European Union or the European Economic Area even before it is transferred to Google. Furthermore, the IP address transmitted by your browser will not be merged with other Google data.

On behalf of the provider of this website, Google will use the information received to evaluate your use of the website, to compile reports regarding the website activities and to provide further services to the website provider in connection with the use of the website and the internet.

The legal basis for the processing of your personal data in the context of the use of Google Analytics is your consent in accordance with Art. 6 I 1 lit. a GDPR. Due to Google’s localization, the transfer of your personal data to Google may involve a third country transfer, i.e. a transfer of personal data to a destination that is neither in the European Union nor in the European Economic Area, in this case especially to the USA. The processing of your personal data outside the EU/EEA will be based on your consent according to Art. 49 I lit. a GDPR. In the USA no guarantees for an adequate data protection level are in place. As a result, the processing of personal data is affected by additional risks to the rights and freedoms of data subjects. Rights of data subjects might, in the worst case, not be able to be exercised. Information on your right of withdrawal can be found under point 2.8 “Right of withdrawal (Art. 7 GDPR)” in this privacy policy.

You can find more information on the terms of use and data protection of Google under https://marketingplatform.google.com/about/analytics/terms/us/ or https://support.google.com/analytics/answer/6004245?hl=en

9.6 Processing activity – Online presence in social networks

Within social networks, we, as the provider of the website, use the offers of online platforms to inform active users about information offers and services from Nextagenda and, if interested, to communicate directly via the platforms. The social media channels thus complement our own website presence and offer interested parties who prefer this type of information an alternative means of communication. We are currently represented in the following networks with our own online profiles:

As soon as you access the respective Nextagenda profiles on the corresponding social network in your network, the terms and conditions and data processing guidelines of the respective providers apply.

We have no influence on the data collection and its further use by the social networks. Thus, we only know that your data will be processed for market research and advertising purposes and that usage profiles will be created from your usage behavior and the resulting interests. Furthermore, advertising can also be placed to this effect on the basis of supposed interests. For this purpose, cookies are usually stored on your end device.
We therefore expressly draw your attention to the fact that the personal data of users (e.g. the IP address) is stored by the providers of the networks in accordance with their data usage guidelines and used for business purposes. We would also like to point out that your data may be processed outside the European Union or the European Economic Area.

We process the data of users Nextagenda´s presences on the corresponding social networks only insofar as they contact and communicate with us via comments or direct messages. You can assert your rights as a data subject both against us (see also point 2 “What are my rights as a data subject?”) and against the provider of the social network. You can find information on the processing of your personal data by the individual social network providers as well as the options for objecting to this under point “9.7.3 Possibilities of objection in social networks” of this Privacy Policy.

The processing of users’ personal data is based on our legitimate interests in effective information of users and communication with users in accordance with Art. 6 I 1 lit. f GDPR. If you are asked by the respective providers to give your consent to data processing (i.e. declare your consent, e.g. by ticking a check box or confirming a button), the legal basis for processing is Art. 6 I 1 lit. a GDPR, i.e. your consent.

9.6.1 Possibilities of objection in social networks

For a detailed presentation of the respective processing and the possibilities of objection (opt-out), we refer to the following linked information of the providers.
Information on the individual providers of the social networks:

In addition, European marketing providers offer a new possibility of objection under the following link: http://www.youronlinechoices.com/. This is an initiative to educate about online advertising. In the preference management section https://www.youronlinechoices.com/uk/your-ad-choices you will find an overview of providers whose online advertising can be deactivated or activated there. Also in the case of access requests and the assertion of further rights of data subjects, we would like to point out that these can most effectively be asserted with the providers. Only the providers have access to the personal data of the users and can directly take appropriate measures and provide information. Should you nevertheless require assistance, you can contact us.

9.7 Processing activity – Targeting and Advertisement

9.7.1 Google Adwords

On our website we use the service Google Adwords from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: Google). This service enables us to draw attention to our appealing offers on external websites by means of advertising material (so-called Google Ads). These advertising materials are delivered by Google via so-called “Ad Servers”. Ad server cookies are used for this purpose. For further information on the topic of cookies, please go to “7. cookies”. Ad server cookies enable the evaluation of performance parameters (e.g. ad impressions, clicks or conversions). In this way we can determine how successful the individual advertising measures are. If you come to our website via an ad from Google, Google Adwords stores a cookie on your end device. This cookie stores analysis values (unique cookie ID, number of ad impressions per placement (frequency), last impression, opt-out information (marking that the user no longer wants to be addressed)). The cookies set by Google Adwords lose their validity after 30 days. These cookies are not intended to identify you personally. Rather, they enable Google Adwords to recognize your internet browser. If you visit certain pages on the website of an Adwords client, Google and the client will recognize that you have been redirected to the client’s page via a clicked advertisement. Google provides us as an Adwords customer with a statistical analysis. This analysis enables us to measure the effectiveness of our advertising measures. We do not receive any further data beyond this.

The legal basis for the processing of your personal data in the context of the use of Google Adwords is your consent according to Art. 6 I 1 lit. a GDPR. Due to Google’s localization, the transfer of your personal data to Google may involve a third country transfer, i.e. a transfer of personal data to a destination that is neither in the European Union nor in the European Economic Area, in this case especially to the USA. The processing of your personal data outside the EU/EEA will be based on your consent according to Art. 49 I lit. a GDPR. In the USA no guarantees for an adequate data protection level are in place. As a result, the processing of personal data is affected by additional risks to the rights and freedoms of data subjects. Rights of data subjects might, in the worst case, not be able to be exercised. Information on your right of withdrawal can be found under point 2.8 “Right of withdrawal (Art. 7 GDPR)” in this privacy policy.

Further information on data protection at Google can be found here:


9.8 Processing activity – Business partner localization / Google Maps

On our website we embed the service Google Maps. This service is operated by the Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: Google). Google Maps is a digital map service that enables us to include interactive maps on our website, to give you an overview of our locations and partners in your vicinity and to offer the possibility to plan your route.

By visiting a subpage where Google Maps is embedded, Google sets the cookie with the name “NID” in your browser, which results in a transfer of your personal data, such as your IP address to Google. For further information on the topic of cookies, please refer to “7. cookies”. If there is a user account for you at Google, in which you are logged in at the time of visiting the corresponding subpage, the data transferred to Google will be directly allocated to your user account. If such an allocation is not desired, you must log out of your Google account before you visit the corresponding subpage. However, Google will process your personal data even if you are not logged in to a Google user account. Google will use the transferred data to create user profiles for the purpose of demand-oriented advertising and market research. You can object to this type of processing by Google at any time by asserting your right to object to Google in accordance with Art. 21 GDPR.

Due to the localization of Google, the transfer of your personal data to Google may involve a transfer to a third country, i.e. a transfer of personal data to a destination that is neither in the European Union nor the European Economic Area, in this case especially to the USA.

The legal basis for the processing of your personal data in the context of the use of Google Maps is your consent in accordance with Art. 6 I 1 lit. a GDPR. The processing of your personal data outside the EU/EEA will be based on your consent according to Art. 49 I lit. a GDPR. In the USA no guarantees for an adequate data protection level are in place. As a result, the processing of personal data is affected by additional risks to the rights and freedoms of data subjects. Rights of data subjects might, in the worst case, not be able to be exercised. Information on your right of withdrawal can be found under point 2.8 “Right of withdrawal (Art. 7 GDPR)” in this privacy policy.

Your personal data will not be stored by us as the controller.
Further information on data protection at Google can be found at the following address: https://policies.google.com/privacy?hl=en

9.9 Processing activity – Youtube

On our websites we have integrated YouTube videos. These are stored at www.youtube.com, but can be played directly from our website. YouTube is a platform of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: Google). We have activated the enhanced privacy mode when embedding the videos on our website. This means that no information about you will be sent to YouTube if you do not play the videos. However, when you play videos, data is transferred to YouTube. First, YouTube is notified that you have visited the appropriate subpage of our website where the video is embedded. In addition, other data may be transferred to YouTube that we are not aware of. We also have no influence on the data transfer. If you are registered on YouTube, the transferred data is directly associated with your account. YouTube stores your data as usage profiles and uses them for the purpose of advertising, market research and/or the needs-based design of the website. Such an evaluation can be carried out in particular (even for users who are not logged in) for the purpose of providing need-based advertising. You have the right to object to the creation of usage profiles by YouTube in accordance with Art. 21 GDPR, which you must assert directly with YouTube.
Further information on the purpose and scope of data collection and processing can be found in the YouTube privacy policy.

Due to Google’s localization, the transfer of your personal data to Google may involve a transfer to a third country, i.e. a transfer of personal data to a destination that is neither in the European Union nor in the European Economic Area, in this case especially to the USA.

The legal basis for the processing of your personal data in the context of the use of YouTube, which is initialized by playing a YouTube video, is your consent in accordance with Art. 6 I 1 lit. a GDPR. The processing of your personal data outside the EU/EEA will be based on your consent according to Art. 49 I lit. a GDPR. In the USA no guarantees for an adequate data protection level are in place. As a result, the processing of personal data is affected by additional risks to the rights and freedoms of data subjects. Rights of data subjects might, in the worst case, not be able to be exercised. Information on your right of withdrawal can be found under point 2.8 “Right of withdrawal (Art. 7 GDPR)” in this privacy policy.

9.10 Processing activity – Application to Nextagenda

9.10.1 Review of your application
We process the personal data provided in your application for the purpose of reviewing your application and determining your suitability for the advertised position. We may use specialized service providers to review your application. Suitable applications for a position will be passed on by the human resources department to the respective specialist department or national company for further examination. In order to comprehensively assess your application, we always need your CV as well as certificates or corresponding evidence. When entering your data, the following fields are mandatory: Name, first name, e-mail address, address, salary expectations and period of notice. It is also necessary that you include at least one attachment. Further details, such as a video or a photo, are voluntary.

In addition, our applicant portal offers you the following options:

  • Application: Here you will find an overview of your applications to Nextagenda. By clicking on the individual application, you can view the details. If you are asked by us via e-mail to submit missing documents, you can upload them here. You also have the possibility to withdraw your application.
  • Appointments: As soon as we have sent you an appointment proposal by e-mail, you can view it in the “Appointments” section and confirm or reject it. If you are unable to keep an appointment, you will receive a new suggestion from us.
  • Profile: You can edit and update your data at any time. You can also delete your data at any time by logging in and clicking on “Delete user” or by contacting us. Any changes will be automatically forwarded to us.

We delete your application details five months after completion of the application process. This processing of personal data takes place on the basis of Art. 6 I 1 lit. b GDPR.

If you are under 18 years of age, we require the consent of your legal guardians in order to conclude a contract with you.

9.10.2 Applications from apprentices, students and school interns

We gladly accept applications from you as apprentices, students and school interns. We also treat these applications according to the above mentioned principles.


9.11 Processing activity – Nextagenda webinars / GoToWebinar

Nextagenda uses the GoToWebinar service provided by the LogMeIn Ireland Limited, Bloodstone Building, Block C, 70 Sir John Rogerson’s Quay, Dublin 2, Ireland (hereinafter: LogMeIn) to conduct webinars.
Our webinar offerings vary from various free webinars to several paid webinars. The registration for these webinars is always done via a form on one of our landing pages. In the course of registration and participation in a webinar, personal data will inevitably be processed using various cookies that are set on your end device. For further information on the topic of cookies, please refer to “7. cookies”. In addition, we would like to point out that personal data are processed by you even through the purely informative visit to the website. You can find more information on this under 8.1 “Processing activity – visiting our website”. In the following you will find an overview of the personal data that can be processed if you decide to attend one of our webinars using the GoToWebinar service. The mandatory data to be entered are marked with a “*”. A special feature is the address information, since this information is only required for webinars with costs in order to be able to send an invoice.

  • Email address*
  • First name*.
  • Last name*.
  • Company*.
  • Job description
  • Phone number
  • Address information* (only for webinars with costs)

The legal basis for the processing of your personal data in the course of registration and participation in a free webinar is your consent in accordance with Art. 6 I 1 lit. a GDPR. Information on your right of withdrawal can be found under point 2.8 “Right of withdrawal (Art. 7 GDPR)” in this privacy policy.

For webinars with costs, Art. 6 I 1 lit. b GDPR, i.e. the existing contract between you and us, constitutes the legal basis for the processing of your personal data.

Independent of registration and participation in a webinar, your personal data may also be used to analyze and optimize our webinar offerings. This processing is based on our legitimate interest according to Art. 6 I 1 lit. f GDPR, whereby our legitimate interest is the continuous optimization of our offer.

Due to the fact that LogMeIn acts as a processor within the meaning of Art. 28 GDPR, a contract for processing has been concluded. In addition, prior to using LogMeIn’s services, it was checked in accordance with Art. 28 I GDPR whether the service provider ensures the security of the processing by means of technical and organizational measures taken. The place of processing may extend to both the European Union and the United States, as LogMeIn has its headquarters in the United States. Due to LogMeIn´s headquarter localization, the transfer of your personal data to LogMeIn may involve a third country transfer, i.e. a transfer of personal data to a destination that is neither in the European Union nor in the European Economic Area, in this case especially to the USA. The processing of your personal data outside the EU/EEA will be based on your consent according to Art. 49 I lit. a GDPR. In the USA no guarantees for an adequate data protection level are in place. As a result, the processing of personal data is affected by additional risks to the rights and freedoms of data subjects. For more information on your right of withdrawal, please refer to section 2.8 “Right of withdrawal (Art. 7 GDPR)” in this privacy policy.

A deletion of the information about your registration and participation in a webinar as well as all related personal data will automatically take place after 365 days.

10. Konica Minolta Global Policy

To the Global Personal Data Protection Policy