DATA SECURITY AT A GLANCE

PRIVACY POLICY

We take the protection of your personal data very seriously and comply with the data protection provisions of the European Union's General Data Protection Regulation (GDPR), which comes into force on 25 May 2018. Below we inform you about how we handle your data.

This privacy policy clarifies the nature, scope and purpose of the processing of personal data
(hereinafter referred to as ‘data’) within our website. With regard to the terms used, such as ‘processing’ or ‘controller’, we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).

NAME AND ADDRESS OF THE PERSON RESPONSIBLE

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is

Nexttop GmbH
Managing Director Christoph Rogl
Siemensstr. 57-59
48155 Münster

Phone +49 251 59060277
E-Mail: info(at)nexttop.de

DATA PROTECTION OFFICER

Said-Elham Sadat, DSB-MS
E-Mail: Datenschutz(at)dsb-ms.de

general information on data processing

Scope of the processing of personal data
We collect and use the personal data of our users only to the extent necessary to provide a functional website and our content and services.
The collection and use of our users' personal data only takes place regularly with the user's consent. An exception applies
in cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by law.

Legal basis for the processing

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data.

When processing personal data that is required for the fulfilment of
of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations necessary for the performance of
pre-contractual measures are required.

Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject,
Art. 6 para. 1 lit. c GDPR serves as the legal basis.

WHAT DATA IS COLLECTED

Browser information; Location information; IP address; Usage data; Device operating system; Device information; Referrer URL; Browser type; User agent; Geographic location; Facebook user ID; HTTP header; Pages visited; Interactions with ads, services and products; User behaviour; Ads viewed; Viewed content; Clicked items; Marketing information; Pixel ID; Facebook cookie information; Usage/click behaviour; Device ID; Non-confidential custom data; Marketing campaign success; IP address; Location information; Device information; Facebook user ID; Non-sensitive
User-defined data; Pixel-specific data; User behaviour; Ads viewed; Interactions with advertisements, services and products; Marketing information; Content viewed; Browser information; Conversion goals; Visitor ID; Facebook user ID; Pixel-specific information
Data; Browser information; Location information; Device information.

PURPOSE OF DATA COLLECTION

Cross-references (“links”) to the websites of other providers are to be distinguished from our own content. Through these links, we merely provide access to the use of third-party content in accordance with Section 8 of the German Telemedia Act. When first linking to these Internet offers, we
checked this third-party content to determine whether it might give rise to civil or criminal liability. However, we cannot constantly check these external contents for changes and therefore cannot accept any responsibility for them. The respective provider of the site is solely liable for illegal, incorrect or incomplete content and in particular for
damage resulting from the use or non-use of third-party information.

LEGAL BASIS

EU: Art. 6 para. 1 s. 1 lit. a GDPR, Art. 49 (1) a) GDPR
Switzerland: Art. 45c (b) TCA, Art. 17 sentence 1 a) FADP

Place of processing

European Union

Adverts / Ads

EU: Art. 6 para. 1 s. 1 lit. a GDPR, Art. 49 (1) a) GDPR
Switzerland: Art. 45c (b) TCA, Art. 17 sentence 1 a) FADP

Publisher

Google Ireland Limited

Description

This is a conversion tracking service. This service records what happens when a user visits a website and clicks on an advert ,
that we place via Google Ads. With conversions, we measure whether users perform a certain action
(e.g. subscribe to a service) on a website specified by us after they have clicked on
an advert placed by us via Google Ads. This allows users to understand which keywords, adverts, ad groups or
campaigns led to the desired user interaction.