Data Policy
We are pleased about your visit to our website www.mepla.net and your interest in our company and our offers. Despite careful content control, we assume no liability for external links to third-party content, as we have neither initiated the transmission of this information, nor selected the recipient of the transmitted information, nor selected or modified the transmitted information itself.
The protection of your personal data during its collection, processing, and use in connection with your visit to our website is an important concern for us and is carried out in accordance with legal regulations, which you can find, for example, at www.bfdi.bund.de.
In the following, we explain which information we collect during your visit to our website and how it is used:
1. Collection and Storage of Personal Data as well as the Type and Purpose of Its Use
a.) When Visiting the Website
(1) Each time a customer (or any other visitor) accesses our website, the internet browser used on your device (computer, laptop, tablet, smartphone, etc.) automatically sends information to the server of our website. This information is temporarily stored in a so-called log file (protocol file).
(2) The following data is collected without your intervention and stored until it is automatically deleted:
- (pseudonymized) IP address of the requesting computer, as well as device ID or individual device identifier and device type,
- Name of the retrieved file and the amount of data transmitted, as well as the date and time of access,
- Notification of successful retrieval,
- Requesting domain
- Description of the type of internet browser used and, if applicable, the operating system of your device, as well as the name of your access provider.
- Your browser history data as well as your standard web log information,
(3) We do not collect location data ourselves. However, we would like to point out that a rough location can always be determined from the IP address – however, we do not commission any third-party providers for this purpose.
(4) Our legitimate interest pursuant to Art. 6(1) sentence 1 lit. f GDPR in collecting the data is based on the following purposes:
- Ensuring a smooth connection setup and a convenient use of the website
- Analysis of system security and stability, as well as
- For further administrative purposes
(5) Under no circumstances do we use the collected data to draw conclusions about your identity.
(6) The aforementioned data is deleted after leaving the website.
b.) When Using Our Contact Form
(1) If you have any questions, we offer you the opportunity to contact us via a form provided on our website. At a minimum, a valid email address and your last and first name are required so that we know who the inquiry is from and can respond accordingly. Additional information can be provided voluntarily.
(2) The processing of data for the purpose of contacting us is carried out in accordance with Art. 6(1) sentence 1 lit. a GDPR based on your voluntarily given consent.
(3) The personal data collected by us for the use of the contact form will be automatically deleted after your inquiry has been processed.
(4) To protect your inquiries via the online contact form, we use the hCaptcha service provided by Intuition Machines, Inc., 2211 Selig Drive, Los Angeles, CA 90026, USA (hereinafter referred to as "Intuition"). This verification serves to distinguish whether the input is made by a human or abusively through automated, machine processing. The verification includes the transmission of the IP address and, if applicable, other data required by Intuition for the hCaptcha service. For this purpose, your input is transmitted to Intuition and further processed there.
(5) The processing of your data is carried out on the basis of Art. 6(1) lit. f GDPR. We have a legitimate interest in protecting our online services from abusive surveillance and spam.
(6) We have concluded a data processing agreement with Intuition.
(7) You can find Intuition's privacy policy here: https://www.hcaptcha.com/privacy.
(8) If your data is transferred to the USA, this is done on the basis of an adequacy decision pursuant to Art. 45 GDPR. This adequacy decision was issued based on the EU-U.S. Data Privacy Framework. Intuition has certified itself in accordance with the requirements of the EU-U.S. Data Privacy Framework: https://www.dataprivacyframework.gov/list.
c.) Subscription to Our Newsletter
(1) If you have expressly consented in accordance with Art. 6(1) sentence 1 lit. a GDPR via the double opt-in procedure, we will use your email address to regularly send you our newsletter.
(2) You can unsubscribe at any time, for example, via a link at the end of a newsletter. Alternatively, you can also send your unsubscribe request at any time via email to info@mepla.net (preferably with the subject: "Unsubscribe Newsletter").
2. Disclosure of Personal Data
(1) Your data will not be transferred to third parties for purposes other than those listed below.
(2) We only disclose your data to third parties if:
- You have given your explicit consent in accordance with Art. 6(1) sentence 1 lit. a GDPR,
- This is necessary for the execution of contractual relationships with you in accordance with Art. 6(1) sentence 1 lit. b GDPR,
- There is a legal obligation to disclose the data in accordance with Art. 6(1) sentence 1 lit. c GDPR,
- The disclosure is necessary for the establishment, exercise, or defense of legal claims, and there is no reason to
- assume that you have an overriding legitimate interest in the non-disclosure of your data in accordance with Art. 6(1) sentence 1 lit. f GDPR.
(3) In these cases, however, the scope of the transmitted data is limited to the necessary minimum.
(4) Our data protection regulations comply with the applicable data protection laws, and data is processed only within the Federal Republic of Germany. However, we also collaborate with third-party providers who may process data outside the EU. All third-party providers we work with are listed in our privacy policy.
3. Rights of Data Subjects
(1) Upon request, we will gladly inform you whether and which personal data concerning you is stored (Art. 15 GDPR), in particular but not limited to about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage duration, the existence of a right to rectification, deletion, restriction of processing, or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, as well as the existence of automated decision-making, including profiling.
(2) You also have the right to have any incorrectly collected personal data corrected or incomplete data completed (Art. 16 GDPR).
(3) Furthermore, you have the right to request the restriction of the processing of your data from us, provided that the legal requirements for this are met (Art. 18 GDPR).
(4) You have the right to receive the personal data concerning you in a structured, commonly used, and machine-readable format or to request the transfer of this data to another controller (Art. 20 GDPR).
(5) Additionally, you have the so-called "right to be forgotten," meaning you can request the deletion of your personal data from us, provided that the legal requirements for this are met (Art. 17 GDPR).
(6) Regardless of this, your personal data will be automatically deleted by us if the purpose of data collection no longer applies or if the data processing has been carried out unlawfully.
(7) In accordance with Art. 7(3) GDPR, you have the right to revoke your consent at any time. This means that we may no longer continue the data processing based on this consent in the future.
(8) You also have the right to object to the processing of your personal data at any time, provided that a right to object is legally provided. In the event of a valid objection, your personal data will also be automatically deleted by us (Art. 21 GDPR).
(9) If you wish to exercise your right of withdrawal or objection, simply send an email to: info@mepla.net.
(10) In the event of violations of data protection regulations, you have the right to lodge a complaint with the competent supervisory authority in accordance with Art. 77 GDPR. The competent supervisory authority is both the Hessian Commissioner for Data Protection (https://datenschutz.hessen.de/service/meldung-eines-datenschutzbeauftragten) as well as any other supervisory authority.
4. Duration of Data Storage
The collected data will be stored by us for as long as it is necessary for the execution of the contracts entered into with us or until you exercise your right to deletion or your right to data transfer to another company.
5. Cookies
(1) We use cookies on our website. These are small text files that your browser automatically creates and stores on your device when you visit our website. The cookie contains information related to the specific device being used. However, this does not mean that we directly obtain knowledge of your identity.
(2) These cookies are set either as so-called first-party cookies ("own cookies") or third-party cookies ("third-party cookies"). First-party cookies are set by the website you are currently visiting and are not accessible across domains by browsers. A third-party cookie, on the other hand, is set by a third party, meaning it is not created by the actual website you are currently visiting.
(3) Furthermore, cookies are distinguished between technically necessary and technically non-necessary cookies. On our website, both technically necessary and technically non-necessary cookies are set in accordance with the following provisions.
a.) Technically Necessary Cookies
(1) Technically necessary cookies are essential for the operation of our website and enable certain functions to be available to you. These technically necessary cookies, which are only required and set for the individual online session, are automatically deleted after you leave our website.
(2) The legal basis for the use of these technically necessary cookies is Art. 6(1) sentence 1 lit. f GDPR.
b.) Technically Non-Necessary Cookies
(1) Provided that you have given the corresponding consent, we use so-called technically non-necessary cookies on our website. These technically non-necessary cookies are primarily used to analyze the use of the website and user behavior, compile reports on visitor activities on the website, and provide other services related to the use of the website.
(2) The technically non-necessary cookies we use are explained in our cookie banner with regard to their functionality, duration, and potential third-party recipients of the data. If certain third-party providers set cookies as part of the services they provide for us, this will also be specifically indicated in our privacy policy.
(3) The legal basis for the use of technically non-necessary cookies is Art. 6(1) sentence 1 lit. a GDPR, provided that you have given your consent.
(4) You can revoke your consent at any time. Furthermore, you always have the option to configure the setting of cookies. For example, you can set your browser to inform you in advance about the placement of cookies or to completely refuse cookies.
6. Data Security
We take all necessary technical and organizational security measures to store your personal data in a way that prevents access by third parties or the public. If you wish to contact us via email, please be aware that the confidentiality of transmitted information cannot be fully guaranteed through this communication channel. Therefore, we recommend that you send confidential information exclusively via postal mail.
7. Updates and Changes to This Privacy Policy
(1) This privacy policy is currently valid and is effective as of February 10, 2025.
(2) Due to the further development of our website and the services offered on it, or due to changes in legal or regulatory requirements, it may become necessary to amend this privacy policy.
8. Name and Contact Details of the Data Controller
This privacy policy applies to data processing by:
Mepla Software GmbH
Pallaswiesenstraße 12
64289 Darmstadt