Privacy Policy

Last updated: 15th January 2026

NextFrontier AG ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, and protect your information when you visit our website or use our services.

Data Controller Information

NextFrontier AG is the data controller for the personal data we process. You can contact us at:

Data Collection

We collect personal data through various means when you interact with our website and services. The data we collect includes:

Information You Provide Directly

  • Contact Information: Name, email address, phone number, company name
  • Communication Data: Messages sent through our contact forms or direct communications
  • Service Enquiry Information: Details about your business continuity planning needs and requirements

Information Collected Automatically

  • Technical Data: IP address, browser type, device information, operating system
  • Usage Data: Pages visited, time spent on pages, referring websites
  • Cookie Data: Information collected through cookies and similar technologies

How We Use Your Information

We use the personal data we collect for the following purposes, based on legitimate legal grounds under GDPR:

Service Provision (Contractual Basis)

  • Responding to your enquiries and providing requested information
  • Delivering our business continuity planning services
  • Managing client relationships and project communications

Legitimate Business Interests

  • Improving our website functionality and user experience
  • Analysing website usage patterns and performance
  • Protecting against fraud and ensuring website security

Legal Compliance

  • Meeting regulatory requirements and legal obligations
  • Maintaining records as required by Austrian and EU law

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use, please refer to our Cookie Policy.

Data Sharing and Disclosure

We do not sell, trade, or rent your personal data to third parties. We may share your information in the following circumstances:

  • Service Providers: With trusted third-party service providers who assist us in operating our website and delivering our services
  • Legal Requirements: When required by law, regulation, or legal process
  • Business Protection: To protect our rights, property, or safety, or that of our users
  • Consent: With your explicit consent for specific purposes

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy or as required by law. Our data retention periods include:

  • Contact Enquiries: 3 years from last contact or until you request deletion
  • Client Records: 7 years after service completion for legal and tax compliance
  • Website Analytics: 26 months (Google Analytics default retention)
  • Marketing Data: Until consent is withdrawn or 2 years of inactivity

Your Rights

Under GDPR and applicable data protection laws, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right of Rectification: Request correction of inaccurate or incomplete data
  • Right of Erasure: Request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Request transfer of your data to another organisation
  • Right to Object: Object to processing based on legitimate interests or for marketing purposes
  • Right to Withdraw Consent: Withdraw consent for processing where consent is the legal basis

To exercise any of these rights, please contact us at privacy@nextfrontier.world or +43 5124632156.

International Data Transfers

We primarily process data within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses approved by the European Commission
  • Binding Corporate Rules or certification schemes

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication procedures
  • Staff training on data protection and security

Children's Privacy

Our website and services are not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

NextFrontier AG - Privacy Team

Favoritenstraße 155, 6091 Innsbruck, Tyrol, Austria

Email: privacy@nextfrontier.world

Phone: +43 5124632156

Supervisory Authority

You have the right to lodge a complaint with the relevant supervisory authority if you believe your data protection rights have been violated. In Austria, the supervisory authority is:

Austrian Data Protection Authority (Datenschutzbehörde)
Barichgasse 40-42, 1030 Vienna, Austria
Website: www.dsb.gv.at