Menu
Mesaic
Legal

Legal and Privacy Policy

Mesaic Technology

Mesaic Technology GmbH

WeWork Stadthaus
Axel-Springer-Platz 3
20355 Hamburg
Germany

hello@mesaic.co
+49 40 28863690

Company representatives:
Sebastian Kellner
Niko Uphoff

Registration court:
District court of Hamburg
Registration in the commercial register:
HRB 128056
VAT-Reg.Nr:
DE 291 057 579

Responsible for content according to § 55 II RStV:
Mesaic Technology GmbH
Schulterblatt 115
20357 Hamburg
Germany

mail@mesaic.co

General information about how we handle your data

Mesaic Technology GmbH, WeWork Stadthaus, Axel-Springer-Platz 3, 20355 Hamburg, mail@mesaic.com (hereinafter referred to as "Mesaic", "we" or "us") takes the conscientious and careful handling of your personal data and the protection of your personal data very seriously. According to Art. 4 no. 1 of the General Data Protection Regulation ("GDPR"), personal data are all information which relate to an identifiable natural person (the "Data Subject").

You learn in the following Data Protection Statement which personal data we process when you visit our website (mesaic.com). We additionally explain how you can see, change or erase your data. To the extent not provided otherwise, the use of all personal data which Mesaic stores and uses when its customers used the service are subject to this Data Protection Statement.

Data controller pursuant to Art. 4 No. 7 GDPR

Mesaic is the data controller within the meaning of Art. 4 No. 7 GDPR for the following described data processing. You can contact our data protection officer via dataprotectionofficer@mesaic.io.

Data processing when accessing Mesaic's website

When you access our website, your end-device automatically transmits the following data for technical reasons:

  • domain name of the website
  • access time and date
  • browser type and used operating system
  • URL of the previously listed pages
  • IP address

Mesaic stores this information only in anonymized form (e.g. the IP address is abbreviated) and this information cannot be attributed to a specific user at any time.

Cookies

Mesaic uses certain "cookies". Cookies are small text data files on your end-device which can store information which you disclose during your internet visit. Cookies are transmitted to the hard drive of the computer by means of the respective web browser. Cookies cannot transmit any information from the computer system. Cookies make it possible to recognize your end-device again.

Functional cookies, for example, enable the reproduction of your session during the last visit. Cookies can also remain on the hard drive of the computer after visiting our website. We process the data, in order to make the renewed visit to the Mesaic website as simple and comfortable as possible. If you generally reject cookies, you can deactivate them at any time by changing your browser options. However, certain functions are only available when you permit cookies.

These cookies cannot identify you as a person. The described use of cookies is legitimate on the basis of our justified interest in structuring our website appropriately for the needs as well as statistical analysis of our website and the circumstance that your legitimate interests do not outweigh our interests, Art. 6 para. 1 lit. f GDPR.

Google Analytics

Mesaic's website and applications use Google Analytics, a web analysis service of Google Germany GmbH, Hamburg as well as Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google") which Mesaic has retained. Google Analytics uses "cookies" text data files which are stored on your end-device and make it possible to analyze how you use the website or the application. The information produced by the cookie concerning your use of the services is normally transmitted to a server of Google in the USA and stored there. Our website uses the service "_anaonymizelp()"; with which your IP address is first abbreviated by Google within the Member States of the European Union or in other countries which are members of the Convention on the European Economic Area. The complete IP address is only transmitted in exceptional situations to a server of Google in the USA and abbreviated there. Google uses this information on behalf of the operator of this website, in order to analyze your use of the website and compile reports about website activities and to provide services to the website operator which are related to the use of the website and the use of the internet. The IP address transmitted by your browser is not combined by Google with other data under Google Analytics.

You can prevent the storage of the cookies with a corresponding setting in your browser software; however, we wish to inform you that in this event, it is possible that not all functions of this website can be fully used. You can also prevent the transfer to Google of the data produced by the cookie which relate to your use of the website (incl. your IP address) as well as the processing of these data if you download and install the browser plugin which is available at the following link (http://tools.google.com/dlpage/gaoptout?hl=de). You can find more information about this at http://tools.google.com/dlpage/gaoptout and at http://www.google.com/intl/de/analytics/privacyoverview.html (general information about Google Analytics and data protection).

Google Analytics is used on the basis of our legitimate interest in structuring the website appropriately for the needs, statistical analysis as well as the efficient advertising for our website and the circumstance that your legitimate interests do not outweigh our interests, Art. 6 para. 1 lit. f GDPR.

Google Conversion Tracking

Mesaic's website uses Google Conversion Tracking. Google AdWords uses Google Conversion Tracking to place a "conversion cookie" (see above with regard to cookies) on your end-device through our website if you have come to our website using a Google AdWords advertisement. These cookies are deleted after thirty days and do not contain any personal data. They only serve the purpose of enabling us to verify that a user has come to our website by clicking on an advertising banner. However, we do not receive any information with which we can identify specific individuals.
If you would like to object to the placing of a cookie for conversion tracking, you can use the browser add-on to deactivate Google Analytics (see above). This simultaneously deactivates Google Conversion Tracking. You can also deactivate the use of cookies by third party providers.


Google Conversion Tracking is used on the basis of our legitimate interest in structuring the website appropriately for the needs, statistical analysis as well as efficient advertising of our website and the circumstance that your legitimate interests do not outweigh our interests, Art. 6 para. 1 lit. f GDPR.

Google AdSense

We use Google AdSense, an advertising network of Google Inc. Google AdSense uses cookies which make it possible to analyze the use of the website. Google AdSense also uses so-called "web beacons" (hidden graphics). Information such as the visitor traffic on these pages can be analyzed by using these web beacons. The information produced by cookies and web beacons about the use of this website (including the abbreviated IP address) and the delivery of advertising formats is transmitted to a server of Google in the USA and stored there. This information can be disclosed by Google to contract partners. However, Google does not combine this information with other data stored by you.

You can find further information about data protection at Google here:
http://www.google.com/intl/en/privacy/ads/. You can object at any time to the use of your pseudonym data by installing a browser add-on. You can download this here: https://www.google.com/settings/u/0/ads/plugin?hl=de.

The use of Google AdSense is based on our legitimate interest in refinancing our investments for the operation of our website by advertising and the circumstance that your legitimate interests do not outweigh our interests, Art. 6 para. 1 lit. f GDPR.

Hotjar

We use Hotjar, a service provided by Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta. Hotjar enables us to collect non-personal data (for example, mouse movements and clicks on our internet site, including your abbreviated IP address) and accordingly evaluate and optimize the design of our internet site. Hotjar produces pseudonym user profiles and uses this information to analyze your use of the website, provide the analyses to us and to provide further services related to the use of the website.

You can object to the use of Hotjar at any time. You can find corresponding instructions here: https://www.hotjar.com/opt-out. The use of Hotjar is based on our legitimate interest in structuring our website appropriately for the needs, statistical analysis as well as efficient advertising of our website and the circumstance that your legitimate interests do not outweigh our interests, Art. 6 para. 1 lit. f GDPR.

Facebook

This website uses the remarketing function "Custom Audiences" of Facebook Inc. ("Facebook"). This function has the purpose of presenting interest related advertising ("Facebook Ads") to visitors of Mesaic when visiting the social network Facebook. The remarketing tag of Facebook was implemented on the website for this purpose (so-called "Facebook Pixel"). This tag establishes a direct connection to the Facebook servers when visiting the website. The fact that you have visited this website is transmitted to the Facebook server and Facebook attributes this information to your personal Facebook user account.

The purpose of this process is to analyze the effectiveness of the Facebook Ads for statistical and market research purposes and can contribute to optimizing future advertising measures on Facebook. The collected data are anonymous for us and do not permit us to draw any conclusions about the identity of the users. However, the data are stored and processed by Facebook, so that a link to the respective user profile is possible, and Facebook can use the data for own advertising purposes in accordance with the Facebook guideline on using data. These data can make it possible for Facebook as well as its partners to activate adds on and outside of Facebook. A cookie can also be stored on your computer for these purposes.

You can deactivate the remarketing function "Custom Audiences" here: https://www.facebook.com/settings/?tab=ads#_=_
You must be registered with Facebook for this purpose. You can find additional information about data processing at Facebook at: https://www.facebook.com/policy

The use of Facebook Custom Audiences is based on our legitimate interest in efficiently advertising our website and the circumstance that your legitimate interests do not outweigh our interests, Art. 6 para. 1 lit. f GDPR.

Social Media Plugins

Mesaic can use social media plugins ("plugins") of the following social networks on the website:

  • facebook.com, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"),
  • twitter.com, which is operated by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA ("Twitter")
  • xing.com, which is operated by XING SE, Dammtorstraße 30, 20354 Hamburg, Germany ("XING")
  • linkedin.com, which is operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn")
  • medium.com, which is operated by A Medium Corporation, 799 Market Street, 5th Floor, San Francisco, CA 94103, USA ("Medium")

When you visit our website, the plugins are initially deactivated. In order to protect your privacy, we have decided not to immediately activate the respective plugins when you visit our website and instead we have installed a two-step solution. This solution gives you the possibility to activate the respective plugins as needed by yourself. So long as you have not clicked the respective button, no personal data about you are transmitted to the respective operator. A transfer of your data to the respective social media provider first takes place when you have activated the respective plugins by yourself. You can find more about the two-click solution at www.heise.de/ct/artikel/2-Klicks-fuer-mehr-Datenschutz-1333879.html.

The plugins are marked with a logo of Facebook, Twitter or Instagram and/or the statements Facebook plugin "recommended" / Twitter plugin "Tweet". When you access our internet site containing such a plugin and activate this plugin with a click, your browser establishes a direct connection to the servers of the respective social media provider and transmits data. According to our knowledge, this can include:

  • date and time of the visit to the website
  • URL of the website accessed by the visitor
  • URL of the website which the visitor previously visited used browser

If you are logged in with Facebook, Google+ and/or Twitter, the respective operator can attribute the visit to your account and can link this to other information they have.

If you interact with the activated plugins, for example, by confirming the "like" or the "tweet" button or by making a comment, the corresponding information is directly transmitted by your browser to the respective provider and stored there.
The purpose and scope of the collection of data and the further processing of use of the data by the operator as well as your corresponding rights and possibilities for setting to protect your privacy can be found in the respective data protection guidelines.
You can find them at:

We have no influence and also no knowledge about the further use of the data by the named operators of the social media portals. If you do not want the respective operators to collect data about you by means of our internet site, you should log out of the social media sites when you visit our internet site, and you should not activate the plugins with a click. It is also possible to block Facebook social plugins with add-ons for your browser, for example, using the Facebook blocker (http://webgraph.com/resources/facebookblocker/).

Contact form

If you submit inquiries to us using our contact form, your information in the contact form, including the contact data you have provided there (name, email address, possibly include further data) are stored and used for the purpose of processing the inquiry.

We collect these data, in order to be able to receive and process your inquiry. The legal basis is accordingly the performance of the contractual relationship resulting from your inquiry pursuant to Art. 6 para. 1 lit. b GDPR.

To the extent that we process your data for the purpose of receiving and processing your inquiries, as described above, you must provide these data to us. Without these data, we are not able to receive and process your inquiries.

Newsletter data

If you would like to receive the newsletter offered on the website, we need your email address as well as, as an option, your first name and last name. . We use these data exclusively for sending out the requested information and do not disclose these data to third parties.

You can cancel the newsletter at any time. Every newsletter contains the information about how you can cancel the newsletter with effect for the future. You can, for example, use the "cancel" link in the newsletter.

The collection and processing of your personal data in this situation is for the purpose of being able to offer the newsletter as you have ordered it, i.e. for the purpose of performing the contractual relationship on the basis of Art. 6 para. 1 lit. b GDPR.
The data provided by you and stored with us for the purpose of obtaining the newsletter are stored by us until you cancel the newsletter and are deleted after cancellation of the newsletter. Data which we store for other purposes (e.g. email addresses for the members area) are not affected by this.

We also receive information about whether the newsletter we have sent has been opened, which links have been accessed there, as well as the point in time when the newsletter was opened, the IP address, the used browser time and the used operating system. We statistically analyze these data, in order to adapt our newsletter to the way in which our subscribers use the newsletter. We process these data on the basis of our legitimate interest in structuring our newsletter appropriately for the demand and on the basis of the circumstance that your interests, rights and freedoms do not outweigh our interests, Art. 6 para. 1 lit. f GDPR. You can find details about the data processing in the following section on "MailChimp".

MailChimp

This website uses the service of MailChimp for sending out newsletters. The provider is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
MailChimp is a service with which, among other aspects, the sending out of newsletters can be organized and analyzed. When you enter data for the purpose of obtaining the newsletter (e.g. email address), these data are stored on the servers of MailChimp in the USA. We collect the following personal data when sending out our newsletter:

  • email address
  • first name and last name (optional)

MailChimp has a certification in accordance with the "EU-US Privacy Shield". The "Privacy Shield" is an agreement between the European Union (EU) and the USA which is intended to assure compliance with European data protection standards in the USA.
We can analyze our newsletter campaigns by means of MailChimp. When you open an email sent with MailChimp, a data file contained in the email (so-called counting pixel) is connected to the servers of MailChimp in the USA. This makes it possible to determine whether a newsletter message has been opened and which links might have been clicked. Technical information is also obtained (e.g. time of the accessing, IP address, browser type and operating system). This information cannot be attributed to the respective recipient of the newsletter. These data are used exclusively for statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.
If you do not want any analysis by MailChimp, you must cancel the newsletter
(https://mesaic.us15.list-manage.com/unsubscribe?u=9fe56352253186fbb3b8f6e43&id=69782f7d1a). We provide a corresponding link in every newsletter message. You can also directly cancel the newsletter on the website.

Does Mesaic disclose the data it receives?

We use your personal data in general only for those purposes for which you have expressly granted your consent or if this use is permitted by law or if we are required by law to use these data. The data can only be disclosed in the following situations:

  • Personal data are forwarded to criminal prosecution authorities and, if appropriate, to harmed third parties if this is necessary to investigate illegal use of our services or for purposes of criminal prosecution. However, this only occurs if there are specific indications about illegal or improper conduct. A disclosure also can occur if this serves the purpose of enforcing terms and conditions of use or other agreements. We are also required by law to provide information upon request to certain governmental agencies. These can be criminal prosecution authorities and public authorities which prosecute misdemeanors that are subject to fines and the tax authorities.

  • These data are disclosed on the basis of our legitimate interest in combating misuse, prosecution of criminal acts and securing, asserting and enforcing claims and the fact that your rights and interests in the protection of your personal data do not outweigh these interests, Art. 6 para. 1 lit. f GDPR.

  • To the extent we are required to provide the data, the information is provided in accordance with the respective statutory duty on the basis of Art. 6 para. 1 lit. c GDPR.

  • Offers of third parties (e.g. Vimeo) can be included in the Mesaic website. The IP address is transmitted to the third party provider for this purpose due to necessary technical reasons. We have no influence on how the third party providers store these data.

  • These data are disclosed on the basis of our legitimate interest in an attractive and contemporary structuring of our website and the fact that your rights and interests in protection of your personal data do not outweigh these interests, Art. 6 para. 1 lit. f GDPR.

  • We must use third party companies and external service providers ("contract processors") who are bound to us by contracts in order to provide our services. Personal data are forwarded to these contract processors in such situations, in order to enable them to conduct the further processing. We carefully select and regularly examine these contract processors, in order to make sure that your privacy is protected. The contract processors can use the data exclusively for the purposes we determine and are also required by us under contract to handle your data. exclusively in accordance with this Data Protection Statement as well as German laws on data protection.

  • To the extent we use contract processors outside the European Economic Area ("EEA"), we make sure that the respective recipient assures a reasonable level of data protection within the meaning of the General Data Protection Regulation.

  • The European Commission issued the decision in a resolution dated 12 July 2016 with regard to the USA that a reasonable level of data protection exists under the rules of the EU-US Privacy Shield (resolution on reasonableness, Art. 45 GDPR). We use the following service providers which are certified in accordance with the EU-US Privacy Shield:

MailChimp for sending out newsletters. The provider is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA

Stripe for payment processing. The provider is Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Irland

Amazon Simple Email Service (Amazon SES) for sending out emails. The provider is Amazon Web Services, Inc. 410 Terry Avenue North, Seattle WA 98109, USA.

Twillio for sending out SMS. The provider is Twilio Inc., 375 Beale Street, Suite 300, San Francisco, CA 94105, USA.

Facebook Pixel as tracking tool. The provider is Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA.

Google Analytics as tracking tool. The provider is Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Conversion Tracking as tracking tool. The provider is Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Cloud Messaging (GCM) for sending out push notifications. The provider is Google LLC, Amphitheatre Parkway, Mountain View, CA 94043, USA.

Apple Push Notifications (APN) for our native partner app. The provider is Apple Inc, One Apple Park Way, Cupertino, California 95014, USA.

Amazon Web Services (AWS) for website hosting. The provider is Amazon Web Services, Inc. 410 Terry Avenue North, Seattle WA 98109, USA.

Erasing your data

We erase or anonymize your personal data as soon as the data are no longer needed for the purposes described in the above sections.
We normally store your personal data collected through the website for the time in which the website is used plus a period of time of 14 days in which we retain back-up copies after erasing the data.

Your rights as the Data Subject

Right to information:

You have the right to obtain information from us at any time upon request about your personal data that we process in the extent set forth in Art. 15 GDPR. You can submit a request by regular mail or email to the address set forth above.

Right to correction of incorrect data:

You have the right to demand from us the immediate correction of your personal data if these data are incorrect. Please, use the contact address set forth above for this purpose.

Right to erasure:

You have the right, under the prerequisites described in Art. 17 GDPR, to demand that we erase your personal data. These prerequisites especially provide for a right of erasure if the personal data are no longer needed for the purposes for which the data were collected or otherwise processed as well as in situations involving the illegal processing, the existence of an objection or the existence of a duty to erase under the law of the European Union or the law of the Member State which governs us. Reference is also made to point 13 of this Data Protection Statement with regard to the period of time in which the data are stored. In order to assert your above right, please use the contact address set forth above.

Right to limit processing:

You have the right to demand that we limit the processing in accordance with Art. 18 GDPR. This right especially exists if the accuracy of the personal data are disputed between the user and us and for the time which is needed to examine the addressee as well as in the event that the user demands limited processing instead of erasure when a right to erasure exists; you also have the right to demand limited processing in the event that the data are no longer needed for our purposes but the user needs the data in order to assert, exercise or defend claims under the law as well as when the effective exercise of an objection is still in dispute between us and the user. In order to assert your above right, please contact the contact address set forth above.

Right to data transfer:

You have the right to receive your personal data which we have provided in a structured, common, machine-readable format in accordance with Art. 20 GDPR. In order to assert your above right, please contact the above stated contact address.

Right to object:

You have the right to submit an objection in accordance with Art. 21 GDPR at any time against the processing of your personal data that occurs on the basis of Art. 6 para. 1 lit. e or f GDPR for reasons resulting under your specific situation. We will stop processing your personal data, unless we can prove mandatory reasons for the processing deserving of protection which outweigh your interests, rights and freedoms or if the processing serves to assert, exercise or defend against claims under the law.

Right to submit a complaint:

You also have the right to submit complaints to the supervisory authorities.
You can reach the public authority having jurisdiction through Mesaic Technology GmbH at the following contact address:

The Hamburg Authority for Data Protection and Freedom of Information
[Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit]
Kurt-Schumacher-Allee 4
20097 Hamburg

Tel.: 040 / 428 54 - 4040
Telefax: 040 / 428 54 - 4000
Email: mailbox@datenschutz.hamburg.de

(August 2018)
End of the Data Protection Statement

🍪

We use cookies in order to provide you with a most comfortable website visit. By using this website you agree to our cookie guidelines