Menu

Data protection policy

This data protection policy explains to you how, to what extent and what purpose personal data (hereinafter: "data") is processed within our online activities and any connected websites, functions and contents as well as external online presences, such as our social media profile (hereinafter collectively referred to as: "online services"). With regard to definitions used, such as "processing" or "controller" we refer to definitions in Art. 4 of the General Data Protection Regulation (GDPR).

Controller

MAREDO RESTAURANTS HOLDING GMBH
Elisabethstr. 22
40217 Düsseldorf

Tel.: +49 211/38628-0
Fax: +49 211/38628-120
E-Mail: info(at)maredo.com
Internet: https://www.maredo.de

Chief Executive Officer of the Maredo Group:
Klaus Farrenkopf

Registry court: Amtsgericht Düsseldorf
Register number: HRB 52249
VAT ID: DE 814 466 438

MAREDO GASTSTÄTTEN-GMBH & CO BETRIEBS-KG
Elisabethstr. 22
40217 Düsseldorf

Tel.: +49 211/38628-0
Fax: +49 211/38628-120
Email: info(at)maredo.com
Internet: https://www.maredo.de

Registry court: Amtsgericht Düsseldorf
Register number: HRA 12689
VAT ID: DE 173 386 008

Personally liable partner: MAREDO Restaurants Holding GmbH
Elisabethstr. 22
40217 Düsseldorf

Director entitled to represent the company: Klaus Farrenkopf
Amtsgericht Düsseldorf HRB 52249
VAT ID: DE 814 466 438

IN AUSTRIA: MAREDO Restaurants GmbH
Opernring 3-5
A-1010 Wien

Tel.: +43 1-5867722
Fax: +43 1-586772220
Email: info(at)maredo.com
Internet: https://www.maredo.at

Director entitled to represent the company: Klaus Farrenkopf

Registry court: Handelsgericht Wien
Commercial Register number: FN 144190 w
VAT ID: AT U40 473 000

Verbraucherstreitbeilegungsgesetz (VSBG) [German Act on Alternative Dispute Resolution in Consumer Matters]
MAREDO does not undertake to participate in dispute resolution procedures before a consumer conciliation body.

Data protection officer: Nasanin Bahmani, maredo(at)bcdigital.de


Types of processed data

  • Basic information (e.g., personal master data, names or addresses).
  • Contact information (e.g., email, telephone numbers).
  • Content information (e.g., text entries, photos, videos).
  • Usage information (e.g., visited websites, interest in contents, access times).
  • Meta/ communication data (e.g. device information, IP-addresses).


Categories of data subjects

Visitors to and users of the online services (hereinafter data subjects will be referred to collectively as "users").


Purpose of the data processing

  • To provide access to the online services, their functions and contents.
  • Responding to contact queries and communication with users.
  • Security measures.
  • Measurement of reach/marketing


Definitions used

"Personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookies) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

"Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. This concept is very broad and covers practically all data handling.

"Pseudonymisation" means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

"Profiling" means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

"Controller' means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

"Processor" means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.


Relevant legal basis

As per the provisions of Art.13 GDPR, we herewith detail the legal grounds of our data processing. To the extent the legal basis of our data processing is not mentioned in our data protection policy the following will apply to users in the area where the General Data Protection Regulation (GDPR) is in force, i.e. the EU and the EEC: the legal basis for obtaining consent is Art. 6 (1) (a) and Art. 7 GDPR;
the legal basis for processing for the purpose of delivering our services and implementation of contractual measures as well as for responding to queries is Art. 6 (1) (b) GDPR;
the legal basis for processing for the purpose of complying with our legal commitments is Art. 6 (1) (c) GDPR; If vital interests of the data subject or those of other natural persons require the processing of personal data, then Art. 6 (1) (d) GDPR shall be applicable as legal grounds.
The legal basis for processing where processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller is Art. 6 (1) (e) GDPR.
The legal basis for processing for the purpose of protecting our legitimate interests is Art. 6 (1) (f) GDPR. Processing data for a purpose other than that for which it has been collected will be determined in accordance with the provisions of Art. 6 (4) GDPR.
Processing special data categories (in line with Art. 9 (1) GDPR) will be determined in accordance with the provisions of Art. 9 (2) GDPR.


Security measures

We implement appropriate technical and organisational measures, in accordance with the legal requirements, with consideration to technology, implementation costs, type, scope, conditions and purposes of the processing, as well as taking into account varying likelihood of occurrence, and severity of the risk to the rights and liberties of natural persons, in order to ensure a risk-appropriate level of protection.

The measures include, in particular, the protection of confidentiality, integrity and availability of data by controlling physical access to the data, as well relevant access, input, transmission, securing of availability and separation. We have further implemented processes that ensure consideration of the rights of data subjects, deletion of data and reaction to threats to the data. Furthermore, we take the protection of personal data into consideration during the development or selection of hardware, software and processes, in accordance with the principle of data protection through technology development, and through data-protection friendly pre-settings.

Cooperation with external processors, joint controllers and third parties To the extent that we disclose data to other persons and companies (external processors, joint controllers and third parties) as part of our data handling, transfer data to them, or otherwise provide them with access to data, this will only be carried out on the basis of a contractual permission (e.g. if the transfer of data to third parties, such as payment service providers, is necessary for the execution of contractual obligations), or if users have consented to this, or if it is a legal requirement or on the basis of our legitimate interests (e.g. when using agents, webhosts, etc.).

If we disclose data to other companies in our corporate group transfer data to them, or otherwise provide them with access to data this will be carried out, in particular, for administrative purposes as a legitimate interest and, furthermore, on the basis of one of the relevant statutory provisions.


Transfer to third countries

If we process data in a third country (i.e. outside the European Union (EU), outside the European Economic Area (EEA) or outside the Swiss Confederation) or if this is undertaken by using the services of third parties or by disclosing or transferring data to other persons or companies, this will only take place if it is undertaken for the compliance with our (pre)contractual obligations, on the basis of your consent, on the basis of a statutory obligation, or on the basis of our legitimate interests. Subject to statutory or contractual permissions, we process or commission data to be processed in a third country, only where statutory requirements apply. This means that processing is carried out, for example, on the basis of certain guarantees, such as the officially acknowledged setting of one of the EU-compliant data protection levels (e.g. applying the "Privacy Shield" in the USA) or by complying with officially acknowledged special contractual obligations


Rights of the data subject

You are entitled to request a confirmation about whether relevant data is being processed, and to receive information about this data as well as for further information and a copy of the data, pursuant to the statutory provisions.

Pursuant to the statutory provisions you have the right to request the completion of information related to you and the correction of incorrect data, that is related to you.

In accordance with the statutory provisions you have the right to request that the data concerned is immediately deleted, or, alternatively, pursuant to the stipulations in the statutory provisions, that the processing of the data is limited.

You are entitled to request any data related to you that you have provided us with, as well as to request that the data is transferred to other controllers, pursuant to the statutory provisions.

You also have the right, pursuant to the statutory provisions, to submit a complaint to the responsible supervisory authority.


Right to revoke

You have the right to revoke your consent with effect for the future.


Right to object

You are entitled to object, at any time, to the future processing of data relating to you, in accordance with the statutory provisions. The objection can, in particular, be against the processing of data for the purpose of direct marketing.


Cookies and the right to object to direct marketing

"Cookies" are small files which are stored on the user's computer. Various information can be stored in cookies. Cookies primarily serve to store information on a user (or on the device on which the cookie is stored) during or after their visit to one of the online services. Temporary cookies or "session cookies" or "transient cookies" are cookies that are deleted after a user leaves the online services and closes their browser. This type of cookie can, for example, store the contents of a shopping basket in an online shop or a log in status. "Permanent" or "persistent" cookies are cookies that remain stored even after the browser is closed. In this way the log in status can be saved for when users visit at a later date. The interests of the user can also be stored in these cookies, which can be used for measuring reach or marketing purposes. "Third-party cookies" are cookies that are used by providers other than the controller who operates the online services (on the other hand where there are only cookies from the controller these are called "first-party cookies").

We may use temporary and permanent cookies and you can find information on this in our data protection policy.

If users do not want cookies to be stored on their computer, they are asked to deactivate the relevant option in the system settings of their browser. Stored cookies can be deleted in the system settings of your browser. Excluding cookies can limit the functions of the online services.

A general objection to the use of cookies for online marketing purposes can be declared in regard to many different services, primarily in the case of tracking, using the USA site www.aboutads.info/choices/ or the EU site www.youronlinechoices.com. Furthermore, you can switch off the saving of cookies in your browser settings. Please note, you may not be able to use some functions of the online services if you do this.


Deleting data

Any data processed by us shall be deleted or their processing limited in accordance with the statutory provisions. Unless expressly specified as part of this data protection policy, any data saved by us will be deleted as soon as it is no longer needed for its intended purpose and there are no legal obligations to retain it.

If the data is not deleted because it is needed for other, legally permissible, purposes its processing will be limited. This means that data will be barred and not processed for any other purpose. This applies, for example, to data that must be retained for trading or fiscal law reasons.


Amending and updating the privacy policy

Please check the contents of our data protection policy regularly. We adjust the data protection policy as soon as this is necessary due to changes implemented in our data processing. We will inform you as soon as any action is required from you (such as consent) or any other individual notification is necessary due to the changes.


Processing for business purposes

We also process the

  • Contract data (e.g. subject of agreement, term, client category).
  • Payment information (e.g. bank details, payment history).

of our customers, interested parties and business partners for the purpose of performing our contractual services and customer services, marketing, advertising and market research.


Contractual services

We process the data of our contractual partners and interested parties as well as other purchasers, customers, clients, patrons or contractual partners (jointly referred to as "contractual partners" in line with Art. 6 (1) (b) GDPR in order to provide them with our contractual or pre-contractual services. The data processed, the type, scope and purpose and necessity of processing the data will be determined in accordance with underlying contractual relationship.

The processed data includes the master data of our contractual partners (e.g. names and addresses) contact details (e.g. email addresses and telephone numbers) and contract data (e.g. services used, contractual content, contractual communication, names of contact persons) and payment information (e.g. bank details, payment history).

We generally do not process special categories of personal data except where this is an integral part of a commissioned or contractual processing.

We process data which is necessary for the initiation and performance of contractual services and will indicate the necessity of the information where this is not clear for contractual partners. Disclosure to external persons or companies will only occur if this is necessary on the basis of a contract. When processing data, entrusted to us on the basis of an assignment, we act in accordance with the instructions of the Client and the statutory provisions.

When using our online services we may store the IP address and time of the relevant use activity. Storage is carried out on the basis of our legitimate interests, and the interests of users, in protection from misuse and other unauthorised use. This data will not, in general, be passed onto third parties except where this is necessary to pursue our requirements as per Art. 6 (1) (f) GDPR or where there exists a statutory obligation to do so as per Art. 6 (1) (c) GDPR.

Data will be deleted where the data is no longer necessary for the performance of contractual or statutory obligations or in the scope of any guarantee, or similar obligations, whereby the necessity of retaining the data is reviewed every three years; apart from this the statutory storage obligations apply.


Administration, financial accounting, office organisation, contact management

We process data in the context of administrative tasks as well as the organisation of our business, financial accounting and adhering to statutory obligations, such as archiving. In doing so we process the same data that we process in the course of providing our contractual services. The grounds for processing are Art. 6 (1) (c) GDPR and Art. 6 (1) (f) GDPR. Customers, interested parties, business partners and website visitors are affected by this processing. The purpose of and our interest in the processing is the administration, financial accounting, office organisation and archiving of data, i.e. tasks which serve the maintenance of our business activities, carrying out our duties and performing our services. Deletion of data with regard to contractual services and contractual communication is in line with the duties specified in these processing activities.

In doing so we disclose or transfer data to the fiscal authorities, advisers, such as tax advisers or auditors, and other tax authorities and payment service providers.

Moreover, on the basis of our business interests, we store information on suppliers, event organisers and other business partners, e.g. for the purposes of contact at a later date. In general, we store this, primarily business related, data permanently.


Business analyses and market research

In order to economically operate our business and to identify market trends and the wishes of contractual partners and users, we analyse the data we have on business transactions, contracts, requests etc. In doing so we process basic information, communication data, contract data, payment information, usage information and meta data, which belong to the data subjects, contractual partners, interested parties, customers, visitors and users of our online services, on the basis of Art. 6 (1) (f) GDPR.

The analyses are carried out for the purposes of business assessments, marketing and market research. In doing so we can assess the profiles of registered users using information, e.g. on the services they used. The analyses help us increase user-friendliness and optimise our services and operating efficiency. The analyses are used only by us and will not be disclosed externally unless they are anonymous analyses with merged values.

If these analyses or profiles are personal they will be deleted or anonymised in the event of user cancellation or two years after the end of the contract. Moreover, all the business analyses and general determination of trends will, where possible, be carried out anonymously.


Data protection notice in the application process

We process applicant data only for the purposes and in the context of the application process in accordance with the statutory provisions. Applicant data is only processed to fulfil our (pre) contractual obligations in the context of the application process within the meaning of Art. 6 (1) (b) GDPR and Art. 6 (1) (f) GDPR to the extent the data processing is necessary for us, e.g. in the context of legal proceedings (in Germany § 26 BDSG also applies).

The application process presupposes that applicants will provide us with their applicant data. The necessary applicant data is specified where we provide an online form and can, otherwise, be gleaned from the job description and in general includes information on person, postal and contact address and the documents relating to the application such as cover letters, CVs and references. Applicants may also voluntarily share additional information with us.

When an applicant submits their application to us they agree to the processing of their data for the purposes of the application process in line with the nature and scope specified in this data protection policy.

To the extent special categories of personal data, within the meaning of Art. 9 (1) GDPR, are voluntarily shared in the course of the application process they will also be processed in accordance with Art. 9 (2) (b) GDPR (e.g. data concerning health, such as severe disability or ethnic background). To the extent special categories of personal data, within the meaning of Art. 9 (1) GDPR, are requested from applicants in the course of the application process this will also be processed in accordance with Art. 9 (2) (a) GDPR (e.g. data concerning health where this is necessary for the performance of the job).

Applicants may provide us with their applications using an online form on our website, if this option is available. The data will be transferred to us in encrypted form, suited to the technology. Applicants may also submit their applications to us by email. If so we would point out that emails are generally not sent in encrypted form and the applicant will have to provide for the encryption themselves. We therefore take no responsibility for the transmission path of the application between sending and receipt on our server and would, therefore, recommend that you use the online form or postal delivery. Instead of applying via the online form and email applicants can also send their application to us by post.

The data available to the applicants may, in the event of a successful application, be further processed by us for employment purposes. Otherwise, if the application for a position is not successful the applicant's data will be deleted. The applicant's data will also be deleted if an application is withdrawn, which the applicant is entitled to do at any time.

With the exception of authorised withdrawals by the applicants, the data will be deleted after a period of six months, so that we can answer any follow-up questions on the application and can satisfy our obligations to provide evidence in line with the Gleichbehandlungsgesetz [German General Act on Equal Treatment]. Calculations of any travel expenses will be archived in accordance with fiscal law.


Comments and contributions

If users leave comments or other contributions, their IP addresses may be stored for 7 days on the basis of our legitimate interests within the meaning of Art. 6 (1) (f) GDPR. This is carried out for our security, in the event that unlawful content is left in the comments and contributions (abusive language, illegal political propaganda etc.). In this situation we, ourselves, may be sued for the comment or contribution and therefore have an interest on the identity of the author.

Moreover, we reserve the right to process the user's information for the purposes of spam detection on the basis of our legitimate interests as per Art. 6 (1) (f) GDPR.

On the same legal basis, when carrying out surveys, we reserve the right to store users' IP addresses, long term, and to use cookies to prevent multiple voting.

Information relating to person, any contact or website information or content information shared in the comments and contributions, will be stored by us, long term, until the user objects.


Contact

When contacting us (e.g. via the contact page, by email, telephone or via social media) user information is processed for the purposes of processing the contact request and its execution pursuant to Art. (6) (1) (b) (in the context of contractual/pre-contractual relations) and Art. 6 (1) (f) (other requests) GDPR. User data may be stored in a Customer-Relationship-Management System ("CRM System") or comparable organisation.

We delete requests as soon as they are no longer necessary. We review their necessity every two years; in addition, the statutory archiving obligations apply.


Newsletter - Germany

The information below is to inform you about the content of our newsletter and about registration, distribution and statistical evaluation processes as well as your right to object. When you subscribe to our newsletter you agree to receive it and to the outlined procedure.

Newsletter content: We only send newsletters, emails and other electronic notices with advertising material (hereinafter "newsletter") with the recipient's consent or with legal permission. If, in the course of registering for the newsletter, the newsletter's content is changed materially this is relevant for user consent. Otherwise, our newsletters will contain information on our services and on us.

Double opt in and recording: Registering for our newsletter follows the so-called double opt in procedure. This means after registration you will receive an email which will ask you to confirm your registration. This confirmation is necessary so that no one can register with an unknown email address. Newsletter registrations are recorded to evidence the registration process in accordance with the legal requirements. This includes storage of registration and conformation times and the IP address. Changes to your data, stored with the distribution service provider, will also be recorded.

Registration data: To register for the newsletter you only need to provide your email address. We would also ask you to, optionally, provide a name so that we can address you personally in the newsletter.

The distribution of the newsletter and the related performance assessment are carried out on the basis of the recipient's consent in accordance with Art. 6 (1) (a) and Art. 7 GDPR in conjunction with § 7 (2) no. 3 UWG, or in the event consent is not required, on the basis of our legitimate interest in direct marketing as per Art. 6 (1) (f) GDPR in conjunction with § 7 (3) UWG.

The registration process is recorded on the basis of our legitimate interests as per Art. 6 (1) (f) GDPR. Our interest is in the implementation of a secure and user-friendly newsletter system that serves our business interests, fulfils the expectations of the users, and also allows us to verify consents.

Cancellation/withdrawal - You can, at any time, cancel your subscription to our newsletter, i.e. withdraw your consent. You can find a link to cancel your newsletter at the end of each newsletter. We may store the deregistered email addresses for up to three years before we delete them, on the basis of our legitimate interests, in order to evidence previously given consent. The processing of this data is limited to the purpose of a potential defence against claims. You may make an individual request for cancellation at any time, as long as it is confirmed that a prior consent did exist.


Newsletter - Austria

The information below is to inform you about the content of our newsletter and about registration, distribution and statistical evaluation processes as well as your right to object. When you subscribe to our newsletter you agree to receive it and to the outlined procedure.

Newsletter content: We only send newsletters, emails and other electronic notices with advertising material (hereinafter "newsletter") with the recipient's consent or with legal permission. If, in the course of registering for the newsletter, the newsletter's content is changed materially this is relevant for user consent. Otherwise, our newsletters will contain information on our services and incidental information (e.g. security information), offers, promotions and our companies.

Double opt in and recording: Registering for our newsletter follows the so-called double opt in procedure. This means after registration you will receive an email which will ask you to confirm your registration. This confirmation is necessary so that no one can register with an unknown email address. Newsletter registrations are recorded to evidence the registration process in accordance with the legal requirements. This includes storage of registration and conformation times and the IP address. Changes to your data, stored with the distribution service provider, will also be recorded.

Registration data: To register for the newsletter you only need to provide your email address. We would also ask you to, optionally, provide a name so that we can address you personally in the newsletter.

The distribution of the newsletter and the related performance assessment are carried out on the basis of the recipient's consent in accordance with Art. 6 (1) (a) and Art. 7 GDPR in conjunction with § 107 (2) TKG, or in the event consent is not required, on the basis of our legitimate interest in direct marketing as per Art. 6 (1) (f) GDPR in conjunction with § 107 (2) and (3) TKG.

The registration process is recorded on the basis of our legitimate interests as per Art. 6 (1) (f) GDPR. Our interest is in the implementation of a secure and user-friendly newsletter system that serves our business interests, fulfils the expectations of the users, and also allows us to verify consents.

Cancellation/withdrawal - You can, at any time, cancel your subscription to our newsletter, i.e. withdraw your consent. You can find a link to cancel your newsletter at the end of each newsletter. We may store the deregistered email addresses for up to three years before we delete them, on the basis of our legitimate interests, in order to evidence previously given consent. The processing of this data is limited to the purpose of a potential defence against claims. You may make an individual request for cancellation at any time, as long as it is confirmed that a prior consent did exist.


Newsletter - distribution service provider

The newsletter is sent using the distribution service provider Tripicchio AG, Engesserstr. 4a, 79108 Freiburg, Germany and promi.net GmbH, Giergasse 2, 53113 Bonn, Germany. The data protection provisions of the distribution service provider can be found at: https://www.tripicchio.de/datenschutz and https://www.promio.net/content/datenschutz . The distribution service provider is used on the basis of our legitimate interests as per Art. 6 (1) (f) GDPR and an order processing agreement as per Art. 28 (3) first sentence GDPR.

The distribution service provider can use the data of the recipients in pseudonymous form, i.e. use, without allocation to a user, for the optimisation or improvement of their own services, e.g. use for technical optimisation of distribution and the presentation of the newsletter or for statistical purposes. The distribution service provider does not use the data of our newsletter recipients, however, to contact the recipients itself or to pass on the data to third parties.


Newsletter - performance assessment

The newsletters contain a so-called "web beacon", i.e. a pixel sized file that is retrieved by our servers, or if we use a distribution service provider, by their servers, when the newsletter is opened. In the course of this retrieval technical information is collected initially, such as information on your browser, its system, its IP address and the time of retrieval.

This information is used for the technical improvement of our services by means of the technical data or the target groups and their reading habits by means of the retrieval location (which can be determined with the help of the IP address) or the access times. Statistical collections also include determining whether the newsletter was opened, when it was opened and what links were clicked. This information may, for technical reasons, be attributed to the individual newsletter recipient. It is, however, not our intention, nor, if used, the intention of the distribution service provider to monitor individual users. The assessments are used, rather, to identify the reading habits of our users and to tailor our content to them or to send different content in line with the interests of our users.

A separate withdrawal from the performance assessment is, unfortunately, not possible. In this situation you must cancel your entire newsletter subscription.


Hosting and sending emails

The hosting services we use enable us to make the following services available: Infrastructure and platform services, computing capacity, memory and database services, sending emails, security services and technical maintenance services, which we use for the purposes of operating the online services.

In doing so we, or our hosting provider, process basic data, contact details, content information, contract data, usage information, meta and communication data of customers, interested parties and visitors to the online services on the basis of our legitimate interest in an efficient and secure provision of these online services in accordance with Art. 6 (1) (f) GDPR in conjunction with Art. 28 GDPR (conclusion of order processing agreement).


Collecting access data and log files

On the basis of our legitimate interests pursuant to Art. 6 (1) (f) GDPR, we, or our hosting provider, collect data about every access to the server, where this service is located (so called server log files). Access data includes the name of the accessed website or file, date and time of accessing it, the transferred data quantity, report about successful access, browser type and version, the operating system of the user, referrer URL (the previously visited site), IP-address and the inquiring provider.

Logfile-information is stored for up to 7 days for security reasons (e.g. to clarify abusive or fraudulent actions) and are then deleted. Data that is necessary to retain for longer for evidentiary purposes, are exempt from deletion until the conclusive clarification of the relevant incident.


Google Tag Manager

Google Tag Manager is a solution with which we can manage so-called website tags via an interface (and thus integrate, for example, Google Analytics and other Google Marketing services into our online services) The Tag Manger itself (which implements the Tags) does not process any personal data of the users. With regard to the processing the personal data of the users we refer you to the information below on Google services. Use policy: https://www.google.com/intl/de/tagmanager/use-policy.html.


Google Analytics

We use Google Analytics, a web analysing service of Google LLC ("Google") on the basis of our legitimate interests (i.e. our interest in the analysis, optimisation and economic operation of our online services within the meaning of Art. 6 (1) (f) GDPR). Google uses cookies. Information generated by the cookies regarding the use of the online services by the user, are usually transferred to one of Google's servers in the USA and stored there.

Google is certified under the Privacy Shield Agreement and therefore guarantees, that it will comply with the European data protection act: (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google uses this information on our behalf, in order to evaluate the use of our online services by users, to compile reports for us about the activities within the online services and to provide further services in connection with the use of our online services and internet use. During this process pseudonymous user profiles of the user may be created from the processed data.

We only use Google Analytics with activated IP-anonymisation. This means that the IP-address of the users will be abbreviated by Google within the member states of the European Union, or in other contracting states to the agreement about the European Economic Area. Only in exceptional cases will the full IP-address be transferred by Google to a server in the USA and abbreviated there.

The IP address transmitted by the user's browser will not be amalgamated with other data from Google. Users can prevent cookies from being stored in the relevant settings of their browser software; users can also prevent the data, collected by the cookie and linked to use of the online services, from being sent to and processed by Google by downloading and installing the available browser plugin under the following link: tools.google.com/dlpage/gaoptout.

As an alternative to the browser add-on, or within the browsers in mobile devices, please click this link to prevent future collection by Google Analytics within the website. To do so an opt-out cookie will be stored on your device If you delete your cookies, you will have to click this link again.

You can find further information about data use by Google and settings and objection options in Google's privacy policy (https://policies.google.com/technologies/ads) and in the settings for the display of advertising inserts by Google (https://adssettings.google.com/authenticated).

Personal data of users will be anonymised or deleted after 14 months.


Google AdWords and conversion measuring

We use the services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, ("Google") on the basis of our legitimate interests (i.e. our interest in the analysis, optimisation and economic operation of our online services within the meaning of Art. 6 (1) (f) GDPR).

Google is certified under the Privacy Shield Agreement and therefore guarantees, that it will comply with the European data protection act: (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

We use the online marketing service Google "AdWords" to place advertisements in the Google Network (e.g. in search results, in videos, on websites etc.) so that they are shown to users who are thought to have an interest in these advertisements. This allows us to show advertisements for and within our online services more systematically to only present advertisements to users, who might be interested in them. Where a user, for example, is shown advertisements for products which they had been interested in on other online services, this is known as "remarketing" For these purposes when our, and other, websites, where the Google Network is active, are accessed a code is executed directly by Google and so-called (re)marketing tags (invisible graphics or code, also known as "web beacons") are embedded in the website. Using these an individual cookie, i.e. a small file, is stored on the user's device. (Similar technology may also be used instead of cookies). This file records which websites the user searched, what content they were interested in and what offers the user clicked, as well as technical information on the browser and operating system, referring websites, visit times and other information on use of the online services.

Furthermore, we receive an individual "Conversion cookie". The information obtained from the cookies help Google to compile conversion statistics for us. We are, however, only given the anonymous total number of users who clicked on our advertisement and were redirected to a site with a conversion tracking tag. We do not, however, receive any information that can be used to identify users personally.

The user data will be processed in pseudonymous form in the Google Network. This means Google does not store and process, for example, the names or email addresses of users, but processes the relevant data obtained by cookies within the pseudonymous user profile. This means, from Google's point of view, the advertisements are not processed and displayed for a specifically identifiable person but for the cookie holder, regardless of who that cookie holder is. This does not apply where a user has expressly allowed Google to process the data without this pseudonymisation. The collected information on the users will be transferred to Google and stored on Google servers in the USA.

You can find further information on data use by Google and settings and objection options in Google's privacy policy (https://policies.google.com/technologies/ads) and in the settings for the display of advertising inserts by Google (https://adssettings.google.com/authenticated).


Facebook Pixel, Custom Audiences and Facebook Conversion

The so-called "Facebook Pixel" of the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are resident in the EU Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook") is used within our online services, on the basis of, and for the purposes, of our legitimate interest in analyses, optimisation and the economic operation of our online services.

Facebook is certified under the Privacy Shield Agreement and therefore guarantees, that it will comply with the European data protection act: (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

Using Facebook Pixel makes it possible for Facebook to identify visitors to our online services as a target group for the display of advertisements (so-called "Facebook Ads"). Correspondingly we use Facebook Pixel in order to only show the Facebook Ads placed by us to Facebook users who have also shown an interest in our online services or have specific characteristics (e.g. interests in certain subjects or products determined on the basis of visited websites) which we submit to Facebook (so-called "custom audiences"). Using Facebook Pixel we want to also ensure that our Facebook Ads match the potential interests of the users and are not annoying. Using Facebook Pixel we can also see the effectiveness of our Facebook advertisements for statistical and market research purposes. We can see whether users were redirected to our website after they click on a Facebook advertisement (so-called "conversion").

Data processing by Facebook is carried out on the basis of Facebook's data policy. Accordingly, general information on the display of Facebook Ads in Facebook's data policy: https://www.facebook.com/policy. You can find specific information and details on Facebook Pixel and its functions in the Facebook help section: https://www.facebook.com/business/help/651294705016616.

You can object to your data being recorded by Facebook Pixel and used for the display of Facebook Ads. To tailor the types of advertisements you are shown on Facebook you can go to the site provided by Facebook and follow the instructions for user-based advertising preferences: https://www.facebook.com/settings?tab=ads. These preferences will be applied on all platforms, i.e. they will be implemented on all devices, such as desktop computers or mobile devices.

You can also object to the use of cookies for measuring reach and advertising purposes via the deactivation website of the Network Advertising Initiative (http://optout.networkadvertising.org/) and also via the USA website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).


Bing Ads

We use the conversion and tracking tool "Bing Ads" of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA, in our online services, on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online services within the meaning of Art. 6 (1) (f) GDPR). In doing so cookies are stored on users' computers by Microsoft to analyse the use of our online services by users when users land on our online services via a Microsoft Bing advertisement (so-called "conversion measurement"). In this way we, and Microsoft, can identify when someone has clicked on an advertisement, has been redirected to our online services and landed on a previously determined target site (so-called "conversion sites"). In doing so we are only given the total number of users who clicked on the Bing advertisement and were then redirected to the conversion site. No IP addresses are stored. No personal information on the identity of the user is passed on.

Microsoft is certified under the Privacy Shield Agreement and therefore guarantees, that it will comply with the European data protection act: (https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active).

If users do not want to participate in the Bing Ads tracking process you can also deactivate the placing of cookies necessary for this in your browser settings or use the Microsoft opt out site: http://choice.microsoft.com/de-DE/opt-out.

Users can find more information on data protection and use of cookies by Microsoft Bing Ads in the privacy statement of Microsoft: https://privacy.microsoft.com/de-de/privacystatement.


Online presence in social media

We maintain online presence on social networks and platforms, in order to communicate with clients, interested parties and users, active in those areas and inform them about our services there.

Please note when we do user data may be processed outside the European Union. This may entail risks for users as it may, for example, be more difficult to enforce user rights. We would point out that US providers certified under the Privacy Shield Agreement are obligated to adhere to EU data protection standards.

Furthermore, the user data is generally processed for market research and advertising purposes. In doing so user profiles are created based on, for example, user behaviour, and resultant interests. The user profiles can also be used to, for example, place advertisements within and outside the platforms which match the presumed interests of the users. To this end cookies, which store user behaviour and user interests, are generally stored on the users' computers, Moreover, data can be stored in the user profiles irrespective of the devices used by the users (especially if the users are members of the relevant platform and are logged in to this).

The processing of users' personal data is carried out on the basis of our legitimate interest in providing information to users effectively and communication with users in accordance with Art. 6 (1) (f) GDPR. If users are asked for consent to the data processing by the relevant provider the legal basis of the processing is Art. 6 (1) (a) and Art. 7 GDPR.

For a detailed description of the relevant processing and objection options (opt out) we refer you to the following linked provider details.

Please note that requests for information and enforcing user rights can be asserted most effectively when directed to the provider. On the providers have access to the user data and can directly take the relevant measures and provide information. If you need further help, however, you can also contact us.


Inclusion of third party services and contents

We use third-party content and service providers within our online services on the basis of our legitimate interests (i.e. our interest in the analysis, optimisation and economic operation of our website within the meaning of Art. 6 (1) (f) GDPR), in order to integrate their content and services, such as videos or fonts (hereinafter jointly referred to as "contents").

This always means that the third-party providers of this content can see users' IP-addresses, as without the IP-address they could not send the contents to their browser. Therefore, the IP-address is necessary for the display of these contents. We endeavour to only use content from respective providers who use the IP-address only to deliver the content. Third party providers can also use so-called pixel tags (invisible graphics, also called "web beacons") for statistics or marketing purposes. Using these "pixel tags" information, such as visitor traffic on the pages of this website, can be evaluated. This pseudonymous information can also be stored in cookies on the user device and contain, among other things, technical information about the browser and operating system, linking websites, visit time and other information about the use of our online services. These can also be linked to information from other sources.

Youtube

We embed videos from the platform "YouTube" of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, opt out: https://adssettings.google.com/authenticated.

Google Fonts

We embed fonts ("Google Fonts") of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, opt out: https://adssettings.google.com/authenticated.

Google Maps

We embed maps of the provider "Google Maps" of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The processed data may include, in particular, IP addresses and user locations, which will not, however, be collected without the user's consent (usually on the basis of the settings of their mobile device). The data may be processed in the USA. Privacy policy: https://www.google.com/policies/privacy/, opt out: https://adssettings.google.com/authenticated.


Terms of Use

The use of the MAREDO pages is free of costs and accessible for everyone. Before this, however, it is required that you accept these Terms of Use. We expect that our copyright and our trademark in respect to the contents of all MAREDO pages is respected. This means that the use of the texts, graphics, images, logos or other contents (“Contents”) contained on our websites is not allowed for purposes other than for using the websites and the production of print-outs or storage for personal use. In particular, the use of contents for your own or other websites is only permitted in exceptional cases and after having obtained our expressive and written prior consent.

Although we do our best to keep the information on the MAREDO pages up to date and accurate, it is only a non-committal offer of information. Therefore, we make no representations or warranty or liability whatsoever for the correctness, completeness and topicality of the information provided. Except in the course of regular controls we are not liable for information and contents of third parties using our websites to place any information or send messages. We are not responsible for external links and their contents is excluded. The liability is incumbent upon the respective operator of the website.

The liability of MAREDO for the contents of this website, on-line concluded contracts and any legal claims arising herefrom is limited to gross negligence and intent, unless essential contractual obligations (material contractual obligations) are affected. Of course - as required by law - full liability for body, life and health is not limited. Although we do not assume that one should worry about such dangers using the Internet.

If you have any specific questions regarding specific pages of MAREDO, please send them to our customer service. You may contact the MAREDO customer service sending an email to: info(at)maredo.com or contacting:

MAREDO Restaurants Holding GmbH
Elisabethstr. 22
40217 Düsseldorf
Tel.: +49 211/38628-0
Fax: +49 211/38628-120
E-Mail: info(at)maredo.com

To the top