This policy aims to inform you as to the type, extent and purpose of the collection and use of personal data during your use of our website and our memail services.
Download PDFThe controller in respect of data collection, processing and use in connection with the use of our website, memail.com, is MeMail AG, Friedrichstr. 171, 10117 Berlin, Germany.
Questions and comments on the topic of data protection can also be sent by email to privacy@memail.com.
Personal data within the meaning of European Union data protection law is all information which refers to an identified or identifiable natural person ("Data Subject"). A natural person is deemed to be identifiable if they can be directly or indirectly identified.
There is no automated decision making.
Explanation and purpose of processing:
We automatically process the following information every time you visit our website:
The IP address and information on the request(s) from your internet browser are necessary, for technical reasons, for you to visit and use the website; without this data being processed, the website cannot be accessed and webpages cannot be displayed. The processing of the IP address is anonymized by way of abbreviation or deleted once it is no longer required for technical reasons for you to access/use the website.
Information on the volume of data transmitted, the type and version of browser used, the screen resolution and the operating system used is collected and processed in order to optimize how content is displayed, determine the system capacity and make future modifications and improvements to the website, on the basis of statistical analyses where applicable.
The data is deleted as soon as it is no longer required to achieve the purpose of its collection. Where data is collected in order to provide the website, this is the case once the respective session is ended. Logfiles are deleted or anonymized after seven days at the latest, such that an attribution to the requesting client is no longer possible.
Legal basis:
The legal basis for the processing is Art. 6(1) first sentence (f) of the GDPR. The legitimate interest in processing the relevant data is that it makes accessing the website technically possible, optimizes how the content is displayed for the user and enables the continued improvement/optimization of the internet service in the future.
Right to Object:
As far as data processing based on Art. 6(1) first sentence (f) of the GDPR is concerned, you have a right to object, notwithstanding other rights. On this point, see below ("Rights of the Data Subject").
General information on cookies:
Our website uses cookies. Cookies are small text files which are stored locally, during each visit to our website, on the user's end device (e.g. PC, smartphone, tablet). They can contain a range of information about the end device used as well as about usage behavior and are sent back to the cookiesetting web server with the aim of recognizing a returning user and their settings.
You can prevent cookies being stored by adjusting your browser settings accordingly. Moreover, you can delete stored cookies using your browser. Preventing or deleting cookies may, in some circumstances, render the use of certain functions of the website impossible or inconvenient. You can also, however, set suitable preferences regarding the various cookies directly via our website (on this point, see the remarks below).
Categories of cookies and legal basis:
The cookies used on our website can originate either from us or from third party service providers whose tools we have integrated into our website and serve various different purposes. We have categorized these as follows:
Details on the specific cookies used can be found in the cookie consent tool (see below). More detailed information on cookies of third party suppliers can also be found below. The cookie tool also contains information on what the consequences are if you do not grant the consent or if you withdraw the consent.
The use of necessary cookies is also based on a legitimate interest as per Art. 6(1) first sentence (f) of the GDPR. The legitimate interest in processing the data is that it enables the functions of our website to be properly displayed and used.
As far as data processing based on Art. 6(1) first sentence (f) of the GDPR is concerned, you have a right to object, notwithstanding other rights. On this point, see below ("Rights of the Data Subject").
The use of all other categories of cookies is based on your consent as per Art. 6(1) first sentence (a) of the GDPR by way of the cookie consent tool (see next section).
Cookie consent tool
When you first visit our website using a browser and after deletion of cookies in the browser, a banner is displayed containing information on the individual cookies and enabling the user to set their preferences in respect of the use of cookies. Within this tool, you can consent to the use of cookies, either entire categories or individual cookies within the categories, by ticking the relevant fields. The same does not apply in respect of necessary cookies, the use of which is not based on your consent but based on a legitimate interest (see above); as far as the necessary cookies are concerned, you have a right to object (on this point, see “Rights of the Data Subject” below).
This granting of consent is voluntary and can be withdrawn at any time by changing the settings accordingly with effect for the future. To this end, you can change the cookie settings at any time using a link in the footer which can be found on every page of our website, and withdraw your consent by deactivating the respective cookie. Withdrawing consent has no influence on the legitimacy of the processing carried out on the basis of the consent prior to the withdrawal.
Explanation and purpose of processing:
We use the open source software Matomo provided by InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, to analyze and statistically evaluate the use of the website. We employ the tracking measures to ensure a tailored design and continued optimization of our website. We also use the tracking measures to collect statistics on the use of our website and evaluate these statistics for the purpose of optimizing our service.
This web analysis is realized by way of cookies (explanation, see above). The information generated by the cookies regarding the use of the website is summarized in pseudonymized usage profiles. The information will not be passed on to any third parties. Under no circumstances will the IP address be associated with other data related to the user. The IP addresses are anonymized such that they can not be identified (IP masking).
Legal basis and right of withdrawal:
The legal basis for data processing using Matomo is your consent as per Art. 6(1) first sentence (a) of the GDPR, which you can grant using the cookie consent tool described above. The granting of consent is voluntary and can be withdrawn at any time using the same tool with effect for the future. To this end, you can change the cookie settings at any time using a link in the footer which can be found on every page of our website, and withdraw your consent by deactivating the respective cookie.
You can alternatively set an opt-out cookie through this link (https://matomo.org/faq/general/faq_20000/), which will prevent Matomo from collecting your information in the future when you visit our website. Please note that if you delete this cookie, this opt-out cookie must be re-set.
Explanation and purpose of processing:
We use Google Analytics on our websites, a web analysis service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA ("Google"). On the basis of a data processing agreement with us, certain user and usage information is collected by Google, summarized into pseudonymized usage profiles and stored in cookies (see above). This includes, for example, information on the browser type/version used, the operating system used, the screen resolution, referrer URL (the website visited prior to this one), anonymized IP address of the computer used to access the website, time of server request, files downloaded, videos watched, advertising banners clicked on, orders placed, sequence of clicks, frequency of page impressions, first and last page visited, time spent on individual pages etc. This occurs for the purpose of statistical evaluation in view of the future optimization of the website design and its content.
This information is transmitted to a Google server which may be located in the USA and stored there. Google has committed to complying with the Privacy Shield Agreement published by the US Department of Commerce between the EU and the USA regarding the collection, use and storage of personal data from EU Member States, which ensures an adequate level of protection for transfer of data to the USA. The certificate can be viewed at https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
We have activated an IP anonymization tool, which means that your IP address is, in Member States of the European Union or in other states which are party to the Agreement on the European Economic Area, abbreviated by Google beforehand and thus transmitted in anonymized form. As a thirdparty data processor as per Art. 28 of the GDPR, Google is a recipient of the personal data.
The information collected is collected in order to statistically evaluate the use of the website in aggregated form, to create reports on the website activities and behavior of users on our website and to provide us with other analysis services related to the website and its use, e.g. on the effect of online marketing campaigns. That serves to tailor our website to the needs of users and continuously optimize it. The IP address transmitted by your browser in the scope of Google Analytics will not be associated with other data by Google.
We have activated the "Google Signals" extension offered by Google. This allows cross-device tracking, i.e. tracking across multiple devices, and offline tracking. With cross-device tracking, the data of your online behavior on different end devices (e.g. PC, smartphone, tablet PC) can be linked. Offline tracking includes tracking of, for example, your visits to offline shops. Both is only done if you have enabled the "personalized advertising" option in your Google Account settings. You can activate and deactivate the option "personalised advertising" at any time in your Google user account. Processing is carried out with IP masking activated, i.e. the IP address of users within the member states of the EU and the European Economic Area is processed in a shortened form, which makes it impossible to draw conclusions about the identity of an individual user. We only receive statistical evaluations from Google. We would like to point out, however, that Google may be able to process these data in a personalised manner, over which we have no influence.
The maximum period of storage for data collected by Google Analytics selected by us is 14 months. After this period has expired, the data will be automatically deleted.
Legal basis and right of withdrawal:
The legal basis for data processing using Google Analytics is your consent as per Art. 6(1) first sentence (a) of the GDPR, which you can grant using the cookie consent tool described above. The granting of consent is voluntary and can be withdrawn at any time using the same tool with effect for the future. To this end, you can change the cookie settings at any time using a link in the footer which can be found on every page of our website, and withdraw your consent by deactivating the respective cookie.
If you do not want your data to be tracked and processed in Google Analytics, you can install a browser add-on to deactivate Google Analytics, which you can download and install here: https://tools.google.com/dlpage/gaoptout/. If you do not wish to or cannot install this add-on (e.g. on mobile devices), you can alternatively use this link (https://developers.google.com/analytics/devguides/collection/gajs/?hl=de#disable) to set an opt-out cookie that will prevent Google Analytics from collecting your data in the future when you visit our website. Please note that this process must be repeated if you delete this cookie.
Explanation and purpose of processing:
We have integrated into our website, for marketing and optimization purposes, the marketing tool “Facebook Pixel” provided by Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA (hereinafter: “Facebook”). Facebook Pixel uses, among other things, cookies (see above).
The use of Facebook Pixel means that our advertisements on the facebook.com platform (socalled “Facebook Ads”) will only be shown to those Facebook users who have previously visited our website or have indicated, through their usage behavior, that they are interested in certain topics or products. The integration of Facebook Pixel also allows us to see whether a user has reached our website by clicking on one of our Facebook Ads. Users logged into Facebook will have the visit to our website stored by Facebook against their Facebook user profile. Even if the user is not registered with or logged into Facebook, there is the possibility that Facebook will learn and store your IP address and possibly other identifiers.
The integration of Facebook Pixel leads to data being transferred to Facebook servers which may be located in the USA. Facebook has committed to complying with the Privacy Shield Agreement published by the US Department of Commerce between the EU and the USA regarding the collection, use and storage of personal data from EU Member States, which ensures an adequate level of protection for transfer of data to the USA. The certificate can be viewed at https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.
Further information on Facebook Pixel:
More information on the terms of use and privacy can be found at the following link:
You can also obtain further information on your rights with Facebook in this regard and settings options to protect your privacy.
Legal basis and right of withdrawal:
The legal basis for data processing using Facebook Pixel is your consent as per Art. 6(1) first sentence (a) of the GDPR, which you can grant using the cookie consent tool described above. The granting of consent is voluntary and can be withdrawn at any time using the same tool with effect for the future. To this end, you can change the cookie settings at any time using a link in the footer which can be found on every page of our website and withdraw your consent by deactivating the respective cookie.
Explanation and purpose of processing:
You can register via our website to receive our newsletter in the future. To this end, you must provide your email address and consent to the use of that email address for the future sending of the newsletter. The email address andif statedname provided by you via the dedicated newsletter registration form will be used solely for the purpose of registering you to receive the newsletter, of sending the newsletter and of cancelling the newsletter.
The management of recipient data for our newsletter and its sending is performed via “MailChimp” an online tool provided by the US service provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. The Rocket Science Group, LLC also processes the personal data in the USA. That company is subject to the EUUS Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active), which ensures an adequate level of protection for the transfer to the USA.
The newsletters contain a socalled “web beacon”, i.e. a pixel sized file which is accessed by the MailChimp server when the newsletter is opened. When this web beacon is accessed, technical information is collected, including information on the browser and your system, as well as your IP address and the time of access. This information is used for the technical improvement of the content and design of the newsletter, based on the technical data or the target groups and of your reading behavior, based on the places of access (ascertainable with the help of the IP address) or the times of access. The statistical data collected also includes ascertaining whether the newsletters are opened, when they are opened and which links are clicked. This information can, for technical reasons, theoretically be attributed to the individual newsletter recipients. However, it is neither our intention nor that of MailChimp to monitor individual users. Instead, any evaluation performed helps us recognize the reading habits of our users and to adjust our content accordingly or to send different content in line with the interests of our users.
The privacy policy of MailChimp can be found here:
https://mailchimp.com/legal/privacy.
Voluntary nature of the consent and right of withdrawal
The granting of the consent necessary to receive the Newsletter is voluntary and can be withdrawn by way of a simple declaration at any time with effect for the future (e.g. by email to privacy@memail.com). Moreover, there is a link at the end of every newsletter which you can click to have yourself removed from the email mailing list and thus withdraw your consent. Withdrawing consent has no influence on the legitimacy of the processing carried out on the basis of the consent prior to the withdrawal. It is not possible to receive the newsletter without granting consent.
Duration of storage:
The data transferred in the course of the newsletter registration is processed for as long as the user remains registered to receive the newsletter.
Legal basis:
The legal basis for this data processing is Art. 6(1) first sentence (a) of the GDPR and for the transfer of data to MailChimp and the evaluation of the web beacon is Art. 6(1) first sentence (f) of the GDPR. The legitimate interest is in the effective management of the newsletter and the newsletter recipients and as far as the use of the web beacon is concerned in the analysis of user behavior to improve the content and design of future newsletters.
Right to Object:
As far as data processing based on Art. 6(1) first sentence (f) of the GDPR is concerned, you have a right to object, notwithstanding other rights.
Explanation and purpose of processing:
Even if you do not subscribe to the newsletter, we can send information emails to registered memail users containing offers from memail, if and to the extent that we can assume that these will be of interest to you and that there are no indications that you would not wish to receive such emails or that you have objected to receiving such emails. There will be a link at the end of every information email which you can use to have yourself removed from the email mailing list.
Moreover, you can use the user area to select the types of messages you would like to receive or deactivate the types of messages you would not like to receive.
Legal basis:
The legal basis for this data processing is Art. 6(1) first sentence (f) of the GDPR. The legitimate interest is in advertising our own products and services to our customers.
Right to Object:
As far as data processing based on Art. 6(1) first sentence (f) of the GDPR is concerned, the user has a right to object, notwithstanding other rights, specifically without incurring any costs other than the costs of sending according to the basic rates. On this point, see below ("Rights of the Data Subject"). A deactivation of the receipt of certain types of messages in the user area will be deemed an objection. As explained above, the emails will, however, always contain a link for removing yourself from the email mailing list.
Explanation and purpose of processing:
You can contact us with any questions or requests by way of our online contact form. In doing so, the personal data transmitted by you will be processed by us electronically in order to answer your question or deal with your request.
The personal data collected in this context will be deleted when its storage is no longer necessary or, to the extent legal obligations to retain records exist, its processing is limited, unless further processing is required by law, such as on the basis of retention obligations under commercial or tax law.
Legal basis:
The processing of your personal data when you contact us is undertaken on the basis of Art. 6(1) first sentence (f) of the GDPR. The legitimate interest is in responding to requests sent to us. Under certain circumstances, the processing of data could also be undertaken on other legal bases. In certain cases, the processing of that data could also be allowed or required on other legal bases, such as Art. 6(1) first sentence (c) of the GDPR (legal obligations e.g. retention periods under commercial or tax law) or Sec. 24(1) no. 1 of the German Federal Data Protection Act [BDSG] (assertion of/defense of civil law claims).
Right to Object:
As far as data processing based on Art. 6(1) first sentence (f) of the GDPR is concerned, you have a right to object, notwithstanding other rights. On this point, see below ("Rights of the Data Subject").
Explanation of the data processing in relation to the registration
The use of the memail functions requires prior registration. In the registration process, the user sets a username and password (login details). The basic registration, which allows memail to be viewed but not yet used, only requires a username and password to be provided but does not require any verification.
In contrast, the use of the memail services requires a verification by the user, either in the course of a double optin process by email or via a mobile telephone number. The purpose of this verification is to ensure that the registration is effected by a natural person (and not automated), that this person can be contacted by us by email or via the mobile telephone number and helps prevent misuse.
The use of paid services requires, in addition to the provision of a username and a password, the provision of contractually relevant data of the user, such as first name and surname, address, payment data etc. (full registration). The basic data collected during the registration process is processed to set up, deliver and bill the services and are stored in association with the created user account. This data can be viewed via the user account and if necessary changed by the user.
Duration of storage
The data collected at registration is deleted after expiry of the statutory documentation and data retention periods (in particular those set out under tax and commercial law). Insofar as there are no documentation and data retention periods in this regard (e.g. because the user does not use any paid services), the deletion will be performed immediately upon deletion of the respective user account, unless, in individual cases, a longer storage period is permitted or required (e.g. due to the assertion of/defense against civil law claims).
Legal basis
The processing of the data collected at registration is required in order to set up a user account and to supply, perform and bill our contractual services to the user. The legal basis for this is Art. 6(1) first sentence (b) of the GDPR.
The legal basis for the storage and processing of this data in the user account is Art. (1) first sentence (f) of the GDPR. The legitimate interest is in enabling the user to use memail comfortably as well as to view and where necessary correct the registered data.
The legal basis for the storage of the data for the duration of the statutory documentation and data retention periods is Art. 6(1) first sentence (c) of the GDPR and for the assertion of/defense against legal claims is Sec. 24 (1) no. 1 BDSG.
Right to Object:
As far as data processing based on Art. 6(1) first sentence (f) of the GDPR is concerned, you have a right to object, notwithstanding other rights. On this point, see below ("Rights of the Data Subject").
Explanation, purpose of processing and duration of storage
In the course of the use of the memail services (e.g. sending and receiving emails), it is natural that content and usage data will be generated which is processed by us and stored to the respective user account (e.g. emails, email addresses, contact names, files etc.). The purpose of this processing is the performance of our contractual obligations to the user (e.g. the storage and display of received emails in the user account).
The processing of the content and usage data will continue until such time as the user deletes the respective data (e.g. deletion of emails), until deletion upon a request by the user to delete the respective user account or until the deletion of the respective user account after termination. Details in this regard can be found in the Terms & Conditions (Section 10: Consequences of termination).
Legal basis
The legal basis for the processing described above is Art. 6(1) first sentence (b) of the GDPR.
Explanation
memail uses servers in various locations in order to ensure optimal performance of the services provided. The data processing by memail in respect of memail users based in the European Union (EU) and the European Economic Area (EEA) is performed on servers located within the EU such that the personal data provided by EU users to memail is processed by memail within the EU.
For the data processing for memail users based outside the EU/EEA, the data processing can possibly also be performed on servers located outside the EU/EEA. The required level of data protection for the associated transfer to third countries is provided in that memail exclusively uses servers from server operators which are members of the EUUS Privacy Shield Framework. The European Commission issued a socalled adequacy decision in relation to the EUUS Privacy Shield under Art. 45(1) first sentence of the GDPR by way of a decision of 12 July 2016, which confirms that the EUUS Privacy Shield ensures an adequate level of protection for a data transfer.
Beyond this, memail naturally has no influence over which third parties the user communicates with via email. If a user based in the EU/EEA sends, for example, emails to recipients in third countries (e.g. in the USA), data will be transferred to those locations accordingly. In such cases, a transfer to third countries will take place in order to perform the services memail is contractually obliged to provide to user (legal basis: Art. 6(1) first sentence (b) in conjunction with Art. 49(1) second sentence (b) of the GDPR.
Explanation and purpose of processing:
Our services can be paid for by credit card and other payment methods using the payment service provider Stripe, Inc., 510 Townsend Street, San Francisco, CA 94103, USA (stripe.com) respectively for residents of the European Economic Area (EEA), the UK and Switzerland: Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin. For this purpose (payment for the services) we will transmit the payment details, which have been provided via the memail platform, together with other contractually relevant information (name, address, email address, order number, prices etc.) to Stripe.
We hereby advise that Stripe might pass the transferred data, for the purposes of carrying out the payment, to third parties, such as service providers, subcontractors or other associated companies to the extent necessary to perform its contractual obligations arising from your order or to the extent the person data is to be processed by a third party processor. Under certain circumstances, the personal data transmitted to Stripe will also be transmitted to credit reporting agencies. This transmission is for the purposes of verifying identity and creditworthiness in relation to the order you have placed.
Further information on Stripe:
More information on the terms of use and privacy policy of Stripe can be found at the following link:https://stripe.com/privacy
Legal basis:
The legal basis for this data processing is Art. 6(1) first sentence (b) GDPR; the purpose of the processing is to implement the agreement.
Explanation and purpose of processing:
Our services can also be paid for using the payment service provider PayPal (Europe) S.à.r.l. & Cie. S.C.A., 2224 Boulevard Royal, 2449 Luxembourg, Luxemburg (www.paypal.com).
For this purpose (payment for the services) we will transmit the contractually relevant information (name, address, email address, order number, prices etc.), which has been provided via the memail platform, to PayPal. The transmitted data will possibly be transmitted to credit reporting agencies for the purposes of verifying identity and creditworthiness.
Further information on Paypal:
More information on the terms of use and privacy policy of PayPal can be found at the following link: https://www.paypal.com/de/webapps/mpp/ua/privacyfull
Legal basis:
The legal basis for this processing of data is Art. 6(1) first sentence (a) of the GDPR; the processing is performed for the purpose of implementing the agreement.
Explanation and purpose of processing:
The memail Affiliate Program (“mAP”) offers registered users the possibility of inviting third parties, via a personalized AffiliateID, to use memail and of participating in contracts concluded using that AffiliateID. Details can be found here: https://www.memail.com/terms-conditions
The AffiliateID generated by memail for every registered memail user, which is stored to their user account, can, for example, be sent to third parties in the form of a promolink (www.memail.com/AffiliateID) or directly as a promocode from the advertising user (“Affiliate”); memail itself will not send the AffiliateID to third parties. The originally generated AffiliateID is a random alphanumeric string of characters, however the memail user can change and thus personalize it.
If the third party uses the AffiliateIDas a promocode or via the promolinkto conclude a contract, this will be stored by memail to the account of the new user. At the same time, the following information will be sent to the Affiliate. The time of conclusion of the contract, location of the new memail user (country) and total price of the contract concluded. No information about the new user is sent to the Affiliate.
We hereby advise that the Affiliate, in the case of a use of their AffiliateID in the course of a contract conclusion by the third party, could, under certain circumstances, draw conclusions as to which person has concluded the new contract (e.g. if the Affiliate only sends the AffiliateID to a single third party and a conclusion of a contract follows).
Legal basis
The legal basis for the processing described above is Art. 6(1) first sentence (b) of the GDPR.
Explanation and purpose of processing:
In order to process support requests and enable communication with users in this regard, we use the support management tool, Zendesk, which is provided by the company Zendesk Inc., 1019 Market Street San Francisco, CA 94103. Details regarding support requests are stored and processed in Zendesk in order to effectively process your request. In the course of this, personal data is transferred to the servers of Zendesk.
Zendesk has committed to complying with the Privacy Shield Agreement published by the US Department of Commerce between the EU and the USA regarding the collection, use and storage of personal data from EU Member States, which ensures an adequate level of protection for transfer of data to the USA. The certificate can be viewed at https://www.privacyshield.gov/participant?id=a2zt0000000TOjeAAG&status=Active.
Legal basis:
The processing of your personal data with Zendesk is undertaken on the basis of Art. 6(1) first sentence (f) of the GDPR. The legitimate interest is in the effective collection, processing and response to support requests. Under certain circumstances, the processing of data could also be undertaken on other legal bases. In certain cases, the processing of that data could also be allowed or required on other legal bases, such as Art. 6(1) first sentence (c) of the GDPR (legal obligations e.g. retention periods under commercial or tax law) or Sec. 24(1) no. 1 of the German Federal Data Protection Act [BDSG] (assertion of/defense of civil law claims).
Right to Object:
As far as data processing based on Art. 6(1) first sentence (f) of the GDPR is concerned, you have a right to object, notwithstanding other rights. On this point, see below ("Rights of the Data Subject").
In connection with the provision of our website and our services it can occurstrictly only for specific purposesthat personal data is disclosed to third parties, including third party processors as per Art. 28 of the GDPR, whereby such third parties will fall into the following categories:
Data center/server operators:
memail’s mail servers are operated by Amazon Web Services Inc., 410 Terry Avenue North, Seattle, WA 98198, USA (“AWS”). AWS is a member of the EUUS Privacy Shield Framework. The relevant privacy policy can be found here: https://aws.amazon.com/de/privacy/
The website and its content are processed on servers operated by Microsoft Corporation, One Microsoft Way, Redmond, WA 980526399. Microsoft is a member of the EUUS Privacy Shield Framework. The relevant privacy policy can be found here: www.privacy.microsoft.com
The providers of third party tools incorporated by memail as mentioned above.
You have the right to request confirmation from us on whether we are processing personal data concerning you. If this is the case, you have a right to information regarding this personal data to the extent stipulated under the law (Art. 15 of the GDPR in conjunction with Sec. 34 BDSG). This does not apply if the data
is only stored because it may not be deleted due to data retention rules set out in the law or the company statutes or
is for the exclusive purpose of backing up data or data protection monitoring
and the provision of information would require a disproportionate cost and effort and any processing for other purposes has been excluded using appropriate technical and organizational measures.
You also have the right to request that inaccurate personal data be rectified and where applicable—taking into account the purposes of the processing—incomplete personal data be completed, including by means of a supplementary statement (Art. 16 of the GDPR).
Moreover, in the cases laid out in Art. 17(1) (a) to (f) of the GDPR, you have a right to request that personal data be deleted, provided no exception as per Art. 17(3) of the GDPR applies, as well as a right to restriction of processing in the cases laid out in Art. 18(1) of the GDPR.
There is also a right to have data portability ensured in the cases laid out in Art. 20 (1) of the GDPR.
You have the right to appeal to the competent supervisory authority, if you are of the opinion that the processing of your personal data violates the GDPR. The competent supervisory authority is the
Berlin Commissioner for Data Protection and Freedom of Information [Berliner Beauftragte für Datenschutz und Informationsfreiheit]
Friedrichstr. 219, 10969 Berlin, Germany
Tel.: +49 (0)30 138890, Fax: +49 (0)30 2155050
Email: mailbox@datenschutzberlin.de
The right to object to processing on the basis of legitimate interests
To the extent the processing of data is based on Art. 6(1) (f) of the GDPR ("legitimate interests"), you have the right to lodge an objection at any time, for reasons related to your particular situation, to the processing of personal data concerning you.
This Data Protection Policy may be modified at any time in the future in line with changing circumstances, in particular to conform to changes to legal requirements, the practice of public authorities or case law. The current version can be found at www.memail.com/privacy.
Berlin, 11 June 2020
Notice on Right of Cancellation/Revocation
You are entitled to cancel/revoke this agreement within fourteen days without specifying reasons. The cancellation/revocation period is fourteen days from the date of conclusion of the contract. In order to exercise your right of cancellation/revocation, you must notify us
MeMail AG, Friedrichstr. 171, D-10117 Berlin, Germany
Tel: +49 (0)180 300 7000, Fax: +49 (0)180 300 7001
by way of a clear declaration (e.g. a letter sent by mail, fax or email or via the online cancellation/revocation function provided in the user account) of your decision to cancel/revoke this agreement. For that purpose, you may use the attached cancellation/revocation notification template, however this is not required.
A date of sending of the notification of cancellation/revocation prior to expiry of the cancellation/revocation period shall suffice for the purposes of complying with the cancellation/revocation time limit.
Consequences of Cancellation/Revocation
If you cancel/revoke this agreement, we will return all payments we have received from you, including all shipping costs (with the exception of any additional costs which arise from your specifying another method of shipping than the lowest cost, standard delivery offered by us), without delay and at the latest within fourteen days of our receipt of your notification of cancellation/revocation of this agreement. When effecting this repayment, we will use the same method of payment that you used for the original transaction, unless expressly agreed otherwise with you; under no circumstances will you be charged any fees in connection with this repayment. If you have requested that the services begin during the cancellation/revocation period, you must pay us a reasonable amount corresponding to the proportion of the services already provided up to the time you notified us of your exercising your right of cancellation/revocation in respect of this agreement compared to the total volume of services provided for in the agreement.
End of the Cancellation/Revocation Notice
Cancellation/Revocation Notification Template
(If you would like to cancel/revoke this agreement, please complete this form and return it to us).
To:
MeMail AG
Friedrichstr. 171
D-10117 Berlin
Fax: +49 180 300 7001 or
Email: support@memail.com
I/We (*) hereby cancel/revoke the agreement entered into by me/us regarding the purchase of the following goods (*)/the provision of the following services (*):
Customer #:
Receipt # (invoice number):
Ordered on (*)/received on (*):
Name of consumer(s):
Address of consumer(s):
Signature of consumer(s) (only in the case of paper-based notification):
Date:
(*) Delete as applicable
*All prices incl.
Use the fields above to find and customize your email address.