Skip to content
Close
Contact Us
Contact Us

NextTables Azure Marketplace Privacy Notice

TABLE OF CONTENTS
loading...

NextTables  Azure Marketplace Privacy Notice

Last modified: 17.12.2025

This Azure Marketplace Privacy Notice (“Notice”) explains how NextTables processes personal data in connection with our Microsoft Azure Marketplace offering(s), including free trials, transactable SaaS subscriptions, and private offers.

This Notice is Azure Marketplace–specific. For in-product processing and Customer Content processed on behalf of customers, please refer to our Product / SaaS Privacy Notice


WHO WE ARE

Controller: NextTables GmbH (Germany)
Privacy contact: privacy@nexttables.com
DPO: Not appointed

Full legal information (register details, address, management): Imprint

SCOPE

This Notice applies to personal data processed by NextTables as an independent controller when:
  • you interact with our Azure Marketplace listing (e.g., lead/contact requests, trials),
  • you purchase or subscribe to our transactable SaaS offer,
  • you request or accept private offers, and
  • we administer subscription entitlements, provisioning, and related billing/reconciliation.
Provisioning may be fully automated via marketplace fulfillment interfaces or manual (e.g., onboarding after purchase/trial), depending on the specific offer and configuration.

This Notice does not cover our general website marketing activities (cookies, web analytics, ads), which are described in our separate Website & Marketing Privacy Policy.

WHAT PERSONAL DATA WE RECEIVE VIA AZURE MARKETPLACE

Depending on the marketplace flow and the fields provided by Microsoft, we may receive:

Lead / contact data

  • Name
  • Business email address
  • Phone number (if provided)
  • Job title
  • Company name
  • Country/region

Subscription and fulfillment metadata

  • Subscription / entitlement identifiers
  • Offer/plan identifiers
  • Start/end dates, status
  • Technical identifiers needed for fulfillment and attribution (e.g., tenant and subscription identifiers)
Field availability may vary depending on the marketplace motion and configuration.

METERING AND USAGE REPORTING TO MICROSOFT

For transactable SaaS billing, usage may be reported to Microsoft using metering interfaces.

We intend to report aggregated, non-personal usage where feasible (e.g., counts such as number of tables and number of users/seats). Metering events may include tenant/subscription identifiers required to attribute usage for billing and reconciliation.

WHERE MARKETPLACE DATA IS STORED AND PROCESSED

Marketplace lead, subscription, and transaction administration data is processed in the following systems:

  • SaaSify (Spektra Systems LLC) – fulfillment/operations platform used to manage marketplace leads, subscriptions, private offers, and related transaction/administration metadata.
  • HubSpot  – may be used for lead management and customer communications. 
We aim to store and process the minimum data viable to provide and operate the marketplace offering.

PURPOSES AND LEGAL BASES

NextTables processes Marketplace data as an independent controller for:

  • Trial and subscription administration; entitlement and provisioning (GDPR Art. 6(1)(b) – performance of contract / pre-contract steps)
  • Customer communications related to onboarding, provisioning, operational notices, and subscription administration (Art. 6(1)(b) and/or Art. 6(1)(f))
  • Billing administration and reconciliation (Art. 6(1)(b); and where required, Art. 6(1)(c))
  • Compliance and record-keeping (Art. 6(1)(c))
  • Security and fraud/abuse prevention (Art. 6(1)(f))
If we use marketplace lead/contact details for sales outreach (e.g., follow-up on a trial or to manage the customer relationship), you can object to such use at any time by contacting us at privacy@nexttables.com.

WHO WE SHARE MARKETPLACE DATA WITH

We may share Marketplace data with:
  • Microsoft as required to operate marketplace flows, provisioning, and billing.
  • Service providers supporting marketplace operations (see below).
  • Professional advisors (legal, tax, audit) where necessary.
  • Authorities where required by law.
We do not sell personal data.

SERVICE PROVIDERS (MARKETPLACE)

We use (or expect to use) the providers below. Items marked “TBD” will be confirmed and updated.

Provider Role Purpose Typical data Processing locations
Microsoft (Azure Marketplace) Independent provider Marketplace operations and interfaces Lead/subscription metadata Microsoft-controlled
SaaSify (Spektra Systems LLC) Service provider Marketplace operations, subscription management, private offers, reporting Lead/contact data; subscription identifiers; transaction/admin metadata [TBD – confirm hosting/processing locations]
HubSpot  Service provider Lead management and communications Lead/contact data; communications EU, Germany


SaaSify DPA / contractual privacy terms: Available on request

INTERNATIONAL TRANSFERS

Marketplace-related personal data may be processed outside the EEA/UK depending on the locations and support model of our service providers (in particular SaaSify) and any cross-border access for support.

Where transfers outside the EEA/UK occur, we implement appropriate safeguards, which may include:
  • EU Standard Contractual Clauses (SCCs) with relevant service providers,
  • reliance on adequacy decisions where applicable,
  • technical and organizational measures such as encryption, access controls, role-based access, and audit logging, and
  • contractual restrictions and vendor oversight (including subprocessor controls).
Transfers and safeguards details: [TBD / link or “available on request”]

RETENTION

We retain Marketplace data only as long as needed for the purposes described above and to comply with legal obligations.

Suggested baseline retention (adjust to your internal policy):
  • Leads/contact records: up to 24 months after last interaction, unless the lead becomes part of an active customer relationship.
  • Subscription administration metadata: for the subscription term plus up to 24 months (to handle operational follow-up and disputes), unless legal obligations require longer.
  • Billing/tax/commercial records: retained as required by applicable German commercial and tax retention rules (commonly up to 10 years, depending on record type).
  • Operational/security logs: typically 90–180 days (unless an incident/dispute requires longer).

YOUR RIGHTS AND HOW TO CONTACT US

Where we act as controller, individuals may have rights under GDPR (access, rectification, deletion, restriction, objection, portability), subject to applicable exceptions and legal retention obligations.

To exercise rights or ask questions, contact: privacy@nexttables.com.

You may also lodge a complaint with a supervisory authority (Germany):
Hessischer Beauftragter für Datenschutz und Informationsfreiheit (HBDI), Postfach 3163, 65021 Wiesbaden