MeonataGmbH

Legal Information
Deutsch

Privacy

Information on the processing of personal data under the GDPR.

1. Controller

The controller responsible for data processing on this website is:

Meonata GmbH
Gleisweg 12
48619 Heek
Germany
E-mail: hello@meonata.com

2. Data Protection Officer

A data protection officer is not required under Art. 37 GDPR in conjunction with § 38 BDSG and has therefore not been appointed.

3. General Information on Data Processing

We process personal data exclusively in accordance with the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and all other applicable data protection provisions.

Personal data means any information relating to an identified or identifiable natural person, such as name, e-mail address, or IP address.

4. Website Hosting (IONOS)

Our website is hosted by the following external hosting provider:

IONOS SE
Elgendorfer Str. 57
56410 Montabaur
Germany

Within the scope of hosting, server log files are processed (e.g., IP address, date/time, requested URL, browser and system information) to the extent technically required to provide the website and ensure security.

Processing is based on Art. 6(1)(f) GDPR (legitimate interest in secure and stable operation) and within the framework of a data processing agreement pursuant to Art. 28 GDPR.

Server log files are generally deleted or anonymized no later than after 7 days, unless longer retention is required to investigate abuse.

5. Contact by E-mail

If you contact us by e-mail, we process the personal data you provide (e.g., name, e-mail address, message content) to handle your request.

Legal basis

Art. 6(1)(b) GDPR (pre-contractual measures or contract performance)

Art. 6(1)(f) GDPR (legitimate interest in communication)

Retention period

Your data will be deleted once the request has been conclusively processed, provided no statutory retention obligations apply.

Requirement to provide data

Providing your data is voluntary. However, without the necessary details we may not be able to respond to your request.

6. E-mail and Office Services (Microsoft 365)

For e-mail communication as well as office and collaboration applications, we use Microsoft 365 provided by:

Microsoft Ireland Operations Ltd.
One Microsoft Place
South County Business Park
Leopardstown
Dublin 18
Ireland

In particular, the following personal data may be processed:

  • E-mail addresses
  • Communication content
  • Communication metadata
  • Documents and files

Processing is carried out on the basis of a data processing agreement pursuant to Art. 28 GDPR.

Transfers of personal data to third countries (in particular the USA) cannot be ruled out. Such transfers are based on EU Commission Standard Contractual Clauses (Art. 46 GDPR) and supplementary technical and organizational safeguards. Microsoft is also certified under the EU-US Data Privacy Framework.

Legal basis

Art. 6(1)(b) GDPR

Art. 6(1)(f) GDPR

7. Cookies and Similar Technologies

Our website only uses technically necessary cookies required for operation and security of the website.

No tracking, analytics, or marketing cookies are used.

Legal basis

Art. 6(1)(c) GDPR in conjunction with § 25(2) no. 2 TDDDG.

8. Disclosure of Personal Data

Personal data is only disclosed if:

  • this is necessary for contract performance,
  • there is a legal obligation, or
  • external service providers are used within the framework of data processing agreements.

No further transfer takes place.

9. Retention Period

Personal data is stored only as long as necessary for the respective processing purposes or as required by statutory retention obligations. Data will be deleted once the processing purpose no longer applies.

10. Security of Processing

We implement suitable technical and organizational measures in accordance with Art. 32 GDPR to protect personal data against loss, destruction, manipulation, and unauthorized access.

11. Data Subject Rights

You have the right at any time to:

  • access (Art. 15 GDPR)
  • rectification (Art. 16 GDPR)
  • erasure (Art. 17 GDPR)
  • restriction of processing (Art. 18 GDPR)
  • data portability (Art. 20 GDPR)
  • object to processing (Art. 21 GDPR), insofar as processing is based on Art. 6(1)(f) GDPR

Where processing is based on your consent, you may revoke this consent at any time with effect for the future.

12. Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority if you consider that the processing of your personal data violates the GDPR.

In particular, the supervisory authority at your habitual residence or at the place of the alleged infringement is competent.

13. Version of this Privacy Policy

Version: February 2026