Privacy Policy

Privacy Policy NXT Boardroom GmbH

This Privacy Policy explains the processing of your personal data by NXT Boardroom GmbH, Leopoldstraße 18, D-80802 Munich, Germany (“we” or “NXT Boardroom“) as controller (Art. 4 No. 7 GDPR) and your rights under the GDPR.

Purposes of using your data
1.1 Communication

We process personal data that you provide in the context of using certain content and functions on our website or app. For example, if you use our contact form, we assimilate your personal data to respond to your inquiry. The same applies if you contact us in another way, for instance via e-mail, messenger or telephone. The legal base for this data processing is Art. 6 (1) b) GDPR.

1.2 Log data

When using the website, certain information, including data sent by the browser (e.g., IP address, type of cookies, previous web page, time and date, content displayed) is temporarily stored. We use this data to enable you to use our website and, if necessary, to check and enforce our rights and those of third parties in case of damage or infringement of legal regulations, our terms of use and the rights of third parties. The legal basis is Art. 6 (1) b) GDPR. The log files are stored as long as necessary for the respective purpose, generally no longer than 14 days.

1.3 Membership contract

We process your personal data in order to fulfill the membership contract, particularly for AI-based networking, events and booking of working spaces and conference rooms in the boardrooms. For this purpose, we analyze your data using AI to find contacts that are as suitable as possible for you and to compile lists of participants for events. In order to do this, we store a profile of you in the NXT Boardroom App, which is visible for other members, and is able to connect you with them (member matching). Additional rights can be granted by means of issuing on Membership Tokens (your wallet provider is responsible for any processing of personal data related to the storage in your wallet). The legal foundation in each case is Art. 6 (1) b) GDPR.

1.4 Other purposes for which we process your personal data

We process your personal data in order:

to fulfill contracts and in the context of existing or new business relationships. We will retain this personal data at least for the duration of our business relationship. During our business relationship, we may collect contact information and professional qualification data (publications, etc.). Some data is obtained from public sources and websites. Legal basis: Art. 6 (1) b) and f) GDPR.

to meet our legitimate interests, including the following:

Enter into corporate transactions (e.g., restructuring, asset deals, merger)

Protect our rights or property, enforce our terms of use and legal notices, and provide for the establishment, exercise and defense of legal claims

to fulfill our legal obligations, court orders or other binding decisions. The legal basis is Art. 6 (1) c) GDPR.

with your consent (Art. 6 (1) a) GDPR) for other purposes, such as subscription to a newsletter; in this case, you have the option to revoke your consent at any time.

2. Recipients of your data

In addition to the above-mentioned recipients of personal data, we also use other companies to process personal data on our behalf, for example for hosting, technical support of our website, sending newsletters or for analysis and advertising purposes. Such service providers only process the data on our behalf in accordance with this privacy policy as so-called order processors (Art. 28 GDPR). In particular, Zudu Ltd. provides technical support for this website on our behalf and may access log files, among other things.

Furthermore, we transmit personal data to third parties if this is provided for by law, if this is necessary for the exercise, defense and assertion of legal claims or if third parties provide certain services for us (e.g., lawyers, tax consultants, etc.).

In this respect, as we transfer personal data to third countries outside the EU, we ensure an appropriate level of data protection through contractual measures. You have the right to receive copies of these contracts.

3. Use of cookies

In addition to the processing purposes mentioned above, we also use cookies if this is technically necessary to offer our website or certain content or if we are obliged to do so. The legal base for the use of necessary cookies is § 25 (2) No. 2 TTDSG.

Cookies that are not technically necessary (e.g. for analysis purposes) are only processed with your consent. The legal basis for this is § 25 (1) 1 TTDSG.

Unless otherwise stated in this privacy policy, cookies remain stored as long as necessary to fulfill the respective processing purposes. You can object to the storage of cookies by browser preferences and delete them manually in your browser settings. Please note, however, that some cookies may be mandatory for the use of our website or individual functions.

We use the service CookieYes to manage cookies.
For more information about the cookies set on this website and how to revoke or give your consent, please click “manage consent” at the bottom right of the page.

4. Regular data deletion

Unless a specific duration of data storage is specified in this privacy policy, we will only process your data as long as this is necessary for the respective purposes or as long as there are legal retention obligations. After the respective processing purpose ceases to apply and retention obligations end, your data will be routinely deleted.

5. Your rights

You can request information about your stored data. If you have provided personal data on the basis of a contract or consent, you have the right to receive this data in a standard and machine-readable format.

In addition, in justified cases, you can also request the deletion, correction or restriction of the processing of your data.

You can revoke your consent at any time with effect for the future.

You can object to the processing of data processed on the basis of our legitimate interests at any time under the conditions of the GDPR.

6. Contact; complaint to supervisory authority

Please address your questions or concerns regarding the processing of your personal data to:

NXT Boardroom GmbH
Leopoldstrasse 18
D-80802 Munich

In case of questions and possible concerns about the data processing, you can also contact a supervisory authority. Responsible for us is:

Bavarian State Office for Data Protection Supervision
Promenade 18
91522 Ansbach