info@meadandgreed.de
Resonanzwerk Oberhausen
Visit our FacebookVisit our InstagramVisit our YouTube channel

Data protection

Table of Contents

Person responsible

Meed and Greed UG

Birkhahnstr. 15a, 46145 Oberhausen

Commercial Register: 36378
Represented by the managing directors: Ingo Henkel

contact

Phone: +49160/97923207
Email: info@meadandgreed.de

 

Imprint:

https://meadandgreed.de/impressum

Relevant legal bases

Relevant legal bases under the GDPR: Below you will find an overview of the GDPR legal bases on which we process personal data. Please note that in addition to the GDPR regulations, national data protection regulations may apply in your or our country of residence or domicile. Should more specific legal bases apply in individual cases, we will inform you of these in the privacy policy.

  • Consent (Article 6 (1) (a) GDPR) – The data subject has given his or her consent to the processing of personal data concerning him or her for one or more specific purposes.
  • Contractual performance and pre-contractual inquiries (Art. 6 (1) (b) GDPR) – Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
  • Legal obligation (Article 6 (1) (c) GDPR) – Processing is necessary to fulfill a legal obligation to which the controller is subject.
  • Legitimate interests (Article 6 (1) (f) GDPR) – Processing is necessary to protect the legitimate interests of the controller or of a third party, unless such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

National data protection regulations in Germany: In addition to the data protection provisions of the GDPR, national data protection regulations apply in Germany. These include, in particular, the Federal Data Protection Act (BDSG). The BDSG contains, in particular, special provisions on the right to information, the right to erasure, the right of objection, the processing of special categories of personal data, processing for other purposes, and transmission, as well as automated decision-making in individual cases, including profiling. Furthermore, state data protection laws of individual federal states may apply.

Reference to the validity of GDPR and Swiss DSG: This privacy policy serves to provide information in accordance with both the Swiss Federal Data Protection Act (Swiss DSG) and the General Data Protection Regulation (GDPR). For this reason, we ask you to note that, due to their broader geographical application and comprehensibility, the terms of the GDPR are used. In particular, instead of the terms "processing" of "personal data," "overriding interest," and "particularly sensitive personal data" used in the Swiss DSG, the terms "processing" of "personal data," "legitimate interest," and "special categories of data" used in the GDPR are used. However, the legal meaning of the terms will continue to be determined by the Swiss DSG within the scope of the Swiss DSG.

Overview of processing

The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects.

Types of data processed

  • Inventory data.
  • Payment details.
  • Contact details.
  • Content data.
  • Contract data.
  • Usage data.
  • Meta, communication and procedural data.

Categories of data subjects

  • Interested parties.
  • Communication partner.
  • Users.
  • Business and contractual partners.

Purposes of processing

  • Provision of contractual services and fulfillment of contractual obligations.
  • Contact requests and communication.
  • Security measures.
  • Reach measurement.
  • Office and organizational procedures.
  • Managing and responding to inquiries.
  • Feedback.
  • Profiles with user-related information.
  • Provision of our online offering and user-friendliness.
  • Information technology infrastructure.

Security measures

In accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, we take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data, as well as the access, input, and transfer of data, ensuring its availability, and segregation. Furthermore, we have established procedures that ensure the exercise of data subjects' rights, the deletion of data, and responses to data threats. Furthermore, we consider the protection of personal data right from the development and selection of hardware, software, and processes in accordance with the principle of data protection, through technology design, and through data protection-friendly default settings.

TLS encryption (https): To protect the data you transmit via our online service, we use TLS encryption. You can recognize such encrypted connections by the prefix https:// in your browser's address bar.

Use of cookies

Cookies are small text files or other storage devices that store information on end devices and read information from end devices. For example, they can store the login status in a user account, the contents of a shopping cart in an e-shop, the content accessed, or the functions used in an online offering. Cookies can also be used for various purposes, such as improving the functionality, security, and convenience of online offerings, as well as creating analyses of visitor flows.

Notes on consent: We use cookies in accordance with legal regulations. We therefore obtain prior consent from users unless this is not required by law. In particular, consent is not necessary if the storage and reading of information, including cookies, is absolutely necessary in order to provide users with a telemedia service expressly requested by them (i.e. our online offering). Strictly necessary cookies generally include cookies with functions that serve to display and operate the online offering, load balancing, security, storing user preferences and selection options, or similar purposes related to providing the main and secondary functions of the online offering requested by users. The revocable consent is clearly communicated to users and contains information about the respective cookie usage.

Information on data protection legal bases: The legal basis under data protection law for processing users' personal data with the help of cookies depends on whether we ask users for their consent. If users consent, the legal basis for processing their data is their declared consent. Otherwise, the data processed with the help of cookies is processed on the basis of our legitimate interests (e.g. in the commercial operation of our online offering and improving its usability) or, if this occurs as part of the fulfillment of our contractual obligations, if the use of cookies is necessary to fulfill our contractual obligations. We explain the purposes for which we process cookies in the course of this data protection declaration or as part of our consent and processing procedures.

Storage period: With regard to the storage period, the following types of cookies are distinguished:

  • Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest after a user has left an online offering and closed his or her device (e.g. browser or mobile application).
  • Persistent cookies: Persistent cookies remain stored even after the device is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, the user data collected through cookies can be used to measure reach. Unless we provide users with explicit information about the type and storage period of cookies (e.g., when obtaining consent), users should assume that cookies are permanent and can be stored for up to two years.

General information on revocation and objection (so-called “opt-out”): Users can revoke their consent at any time and object to processing in accordance with legal requirements. To do so, users can, among other things, restrict the use of cookies in their browser settings (although this may also limit the functionality of our online offering). An objection to the use of cookies for online marketing purposes can also be made via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/ be explained.

  • Legal basis: Legitimate interests (Art. 6 (1) (f) GDPR). Consent (Art. 6 (1) (a) GDPR).

Further information on processing procedures, methods and services:

  • Processing of cookie data based on consent: We use a cookie consent management process within which users' consent to the use of cookies, or to the processing operations and providers specified in the cookie consent management process, can be obtained, managed, and revoked by users. The declaration of consent is saved so that it does not have to be requested again and so that consent can be proven in accordance with legal requirements. The data can be stored on the server and/or in a cookie (so-called opt-in cookie or using comparable technologies) in order to be able to assign consent to a user or their device. Subject to individual information about the providers of cookie management services, the following information applies: Consent can be stored for up to two years. A pseudonymous user identifier is created and stored along with the time of consent, information on the scope of the consent (e.g., which categories of cookies and/or service providers), as well as the browser, system, and device used. Legal basis: Consent (Article 6 (1) (a) GDPR).

Business services

We process data of our contractual and business partners, e.g. customers and interested parties (collectively referred to as “contractual partners”) within the framework of contractual and comparable legal relationships as well as related measures and within the framework of communication with the contractual partners (or pre-contractually), e.g. to answer inquiries.

We process this data to fulfill our contractual obligations. This includes, in particular, the obligation to provide the agreed services, any update obligations, and remedy in the event of warranty and other service disruptions. Furthermore, we process the data to protect our rights and for the purposes of the administrative tasks associated with these obligations, as well as company organization. Furthermore, we process the data on the basis of our legitimate interests in proper and efficient business management and in security measures to protect our contractual partners and our business operations from misuse and the endangerment of their data, secrets, information, and rights (e.g., the involvement of telecommunications, transport, and other auxiliary services, as well as subcontractors, banks, tax and legal advisors, payment service providers, or tax authorities). Within the framework of applicable law, we only pass on contractual partners' data to third parties to the extent necessary for the aforementioned purposes or to fulfill legal obligations. Contractual partners will be informed of other forms of processing, e.g., for marketing purposes, within the framework of this privacy policy.

We will inform our contractual partners which data is required for the aforementioned purposes before or during data collection, e.g. in online forms, by special marking (e.g. colors) or symbols (e.g. asterisks or similar), or in person.

We delete the data after statutory warranty and similar obligations have expired, i.e. generally after four years, unless the data is stored in a customer account, e.g. as long as it must be retained for legal archiving reasons. The statutory retention period is ten years for documents relevant to tax law as well as for commercial books, inventories, opening balance sheets, annual financial statements, the work instructions necessary to understand these documents and other organizational documents and accounting documents, and six years for received commercial and business letters and reproductions of sent commercial and business letters. The period begins at the end of the calendar year in which the last entry was made in the book, the inventory, opening balance sheet, annual financial statements or management report was prepared, the commercial or business letter was received or sent, or the accounting document was created, furthermore the recording was made or the other documents were created.

To the extent that we use third-party providers or platforms to provide our services, the terms and conditions and data protection notices of the respective third-party providers or platforms apply to the relationship between users and the providers.

  • Types of data processed: Inventory data (e.g., names, addresses); payment data (e.g., bank details, invoices, payment history); contact data (e.g., email, telephone numbers). Contract data (e.g., subject matter of the contract, term, customer category).
  • Affected persons: Interested parties. Business and contractual partners.
  • Purposes of processing: Provision of contractual services and fulfillment of contractual obligations; contact requests and communication; office and organizational procedures. Administration and response to inquiries.
  • Legal basis: Contractual performance and pre-contractual inquiries (Art. 6 (1) (b) GDPR); Legal obligation (Art. 6 (1) (c) GDPR); Legitimate interests (Art. 6 (1) (f) GDPR).

Further information on processing procedures, methods and services:

  • Agency services: We process our customers’ data within the scope of our contractual services, which may include, for example, conceptual and strategic consulting, campaign planning, software and design development/consulting or maintenance, implementation of campaigns and processes, handling, server administration, data analysis/consulting services and training services; Legal basis: Contractual fulfillment and pre-contractual inquiries (Art. 6 (1) (b) GDPR).

Provision of the online offer and web hosting

We process user data to provide them with our online services. For this purpose, we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's browser or device.

  • Types of data processed: Usage data (e.g., websites visited, interest in content, access times). Meta, communication, and procedural data (e.g., IP addresses, time information, identification numbers, consent status).
  • Affected persons: Users (e.g. website visitors, users of online services).
  • Purposes of processing: Provision of our online offering and user-friendliness; information technology infrastructure (operation and provision of information systems and technical equipment (computers, servers, etc.)); security measures. Provision of contractual services and fulfillment of contractual obligations.
  • Legal basis: Legitimate interests (Article 6 (1) (f) GDPR).

Further information on processing procedures, methods and services:

  • Collection of access data and log files: Access to our online offering is logged in the form of so-called "server log files." Server log files may include the address and name of the accessed web pages and files, the date and time of access, the amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), and, as a rule, IP addresses and the requesting provider. Server log files may be used for security purposes, e.g., to prevent server overload (particularly in the case of abusive attacks, so-called DDoS attacks), and to ensure server capacity utilization and stability. Legal basis: Legitimate interests (Article 6 (1) (f) GDPR). Deletion of data: Log file information is stored for a maximum of 30 days and then deleted or anonymized. Data that needs to be retained for evidentiary purposes is exempt from deletion until the respective incident has been finally resolved.
  • 1&1 IONOS: Services in the field of providing information technology infrastructure and related services (e.g. storage space and/or computing capacity); Service provider: 1&1 IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany; Legal basis: Legitimate interests (Article 6 (1) (f) GDPR); Website: https://www.ionos.dePrivacy Policy: https://www.ionos.de/terms-gtc/terms-privacyData processing agreement: https://www.ionos.de/hilfe/datenschutz/allgemeine-informationen-zur-datenschutz-grundverordnung-dsgvo/auftragsverarbeitung/.

Contact and inquiry management

When you contact us (e.g. by post, contact form, email, telephone or via social media) as well as within the framework of existing user and business relationships, the information provided by the person making the inquiry will be processed to the extent necessary to answer the contact inquiries and any requested measures.

  • Types of data processed: Contact data (e.g., email, telephone numbers); content data (e.g., entries in online forms); usage data (e.g., websites visited, interest in content, access times); meta, communication, and procedural data (e.g., IP addresses, time information, identification numbers, consent status).
  • Affected persons: Communication partner.
  • Purposes of processing: Contact requests and communication; administration and response to inquiries; feedback (e.g., collecting feedback via online form). Provision of our online offering and user-friendliness.
  • Legal basis: Legitimate interests (Article 6 (1) (f) GDPR).

Web analysis, monitoring and optimization

Web analytics (also known as "reach measurement") is used to evaluate visitor traffic to our online offering and may include behavior, interests, or demographic information about visitors, such as age or gender, as pseudonymous values. Reach analysis allows us to determine, for example, when our online offering or its functions or content are most frequently used or encourage reuse. Likewise, we can understand which areas require optimization.

In addition to web analysis, we can also use testing procedures to, for example, test and optimize different versions of our online offering or its components.

Unless otherwise stated below, profiles, i.e., data summarized for a usage process, may be created for these purposes, and information may be stored in a browser or on a device and read from it. The information collected includes, in particular, websites visited and elements used there, as well as technical information such as the browser used, the computer system used, and information on usage times. If users have consented to the collection of their location data by us or by the providers of the services we use, location data may also be processed.

Users' IP addresses are also stored. However, we use an IP masking process (i.e., pseudonymization by shortening the IP address) to protect users. Generally, no real user data (such as email addresses or names) is stored for web analysis, A/B testing, and optimization; instead, pseudonyms are used. This means that neither we nor the providers of the software used know the actual identity of the users, but only the information stored in their profiles for the purposes of the respective processes.

  • Types of data processed: Usage data (e.g., websites visited, interest in content, access times). Meta, communication, and procedural data (e.g., IP addresses, time information, identification numbers, consent status).
  • Affected persons: Users (e.g. website visitors, users of online services).
  • Purposes of processing: Reach measurement (e.g., access statistics, recognition of returning visitors); profiles with user-related information (creation of user profiles). Provision of our online offering and user-friendliness.
  • Security measures: IP masking (pseudonymization of the IP address).
  • Legal basis: Legitimate interests (Article 6 (1) (f) GDPR).

Further information on processing procedures, methods and services:

  • Google Analytics 4: We use Google Analytics to measure and analyze the use of our online offering based on a pseudonymous user identification number. This identification number does not contain any unique data such as names or email addresses. It is used to assign analysis information to a device in order to recognize which content users have accessed within one or more usage processes, which search terms they used, accessed these again, or interacted with our online offering. The time and duration of use are also stored, as are the sources of users who refer to our online offering and technical aspects of their devices and browsers. Pseudonymous profiles of users are created with information from the use of various devices, and cookies may be used for this purpose. Google Analytics does not log or store individual IP addresses for EU users. However, Analytics does provide rough geographic location data by deriving the following metadata from IP addresses: city (and the derived latitude and longitude of the city), continent, country, region, subcontinent (and ID-based counterparts). For EU traffic, IP address data is used exclusively for this derivation of geolocation data before being immediately deleted. It is not logged, is not accessible, and is not used for any other purpose. When Google Analytics collects measurement data, all IP queries are performed on EU-based servers before the traffic is forwarded to Analytics servers for processing. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: Legitimate interests (Article 6 (1) (f) GDPR); Website: https://marketingplatform.google.com/intl/de/about/analytics/Privacy Policy: https://policies.google.com/privacyData processing agreement: https://business.safety.google/adsprocessorterms/Basis for third country transfer: EU-US Data Privacy Framework (DPF), Standard Contractual Clauses (https://business.safety.google/adsprocessorterms); Opt-out option: Opt-out plugin: https://tools.google.com/dlpage/gaoptout?hl=de, Settings for displaying advertisements: https://adssettings.google.com/authenticatedFurther information: https://privacy.google.com/businesses/adsservices (Types of processing and data processed).

Created with free Datenschutz-Generator.de by Dr. Thomas Schwenke

Clarity
This website uses Clarity, a service provided by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland, https://docs.microsoft.com/en-us/clarity/ (hereinafter "Clarity").

Clarity is a tool for analyzing user behavior on this website. Clarity specifically tracks mouse movements and creates a graphical representation of which part of the website users scroll to most frequently (heat maps). Clarity can also record sessions so we can view page usage in the form of videos. We also receive information about general user behavior within our website.

Clarity uses technologies that enable user recognition for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting). Your personal data is stored on Microsoft servers (Microsoft Azure Cloud Service) in the USA.

If consent has been obtained, the use of the above-mentioned service is based exclusively on Art. 6 (1) (a) GDPR and Section 25 of the German Telemedia Act (TTDSG). Consent can be revoked at any time. If no consent has been obtained, this service is used on the basis of Art. 6 (1) (f) GDPR; the website operator has a legitimate interest in effective user analysis.

Further details on Clarity's privacy policy can be found here: https://docs.microsoft.com/en-us/clarity/faq.

The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards when processing data in the United States. Every company certified under the DPF is committed to adhering to these data protection standards. Further information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000KzNaAAK&status=Active

Use of Google reCAPTCHA

To protect your inquiries via our contact form, we use the service reCAPTCHA of the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This query is used to distinguish whether the input was made by a human or abusively by automated, machine processing.

When using reCAPTCHA, the following data, among others, is transferred to Google:

  • Visitor's IP address

  • Length of stay on the website

  • Mouse movements and interactions on the page

  • any previously set cookies from Google

This data is subject to Google's privacy policy. For more information, see:

The legal basis for processing is Art. 6 (1) (f) GDPROur legitimate interest lies in preventing spam and misuse of our web forms.

Order processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law, which guarantees that the personal data of our website visitors will only be processed according to our instructions and in compliance with the GDPR.

 
Visit our InstagramVisit our LinkedIn
Copyright © Mead & Greed
imprintData protection
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.