'%20transform='translate(-1245%20-1388)'%3e%3cpath%20d='M1264.5%201438.05C1264.5%201426.7%201273.7%201417.5%201285.05%201417.5L1387.95%201417.5C1399.3%201417.5%201408.5%201426.7%201408.5%201438.05L1408.5%202025.95C1408.5%202037.3%201399.3%202046.5%201387.95%202046.5L1285.05%202046.5C1273.7%202046.5%201264.5%202037.3%201264.5%202025.95Z'%20stroke='%23FFFFFF'%20stroke-width='37.3333'%20stroke-miterlimit='8'%20fill='none'%20fill-rule='evenodd'/%3e%3cpath%20d='M1490.5%201435.83C1490.5%201425.71%201498.71%201417.5%201508.83%201417.5L1616.17%201417.5C1626.29%201417.5%201634.5%201425.71%201634.5%201435.83L1634.5%202028.17C1634.5%202038.29%201626.29%202046.5%201616.17%202046.5L1508.83%202046.5C1498.71%202046.5%201490.5%202038.29%201490.5%202028.17Z'%20stroke='%23FFFFFF'%20stroke-width='37.3333'%20stroke-miterlimit='8'%20fill='none'%20fill-rule='evenodd'/%3e%3cpath%20d='M1699.29%201449.98C1697.3%201439.76%201703.98%201429.85%201714.21%201427.87L1818.64%201407.57C1828.87%201405.58%201838.77%201412.26%201840.76%201422.48L1953.63%202003.18C1955.62%202013.41%201948.94%202023.31%201938.71%202025.3L1834.28%202045.6C1824.06%202047.58%201814.16%202040.9%201812.17%202030.68Z'%20stroke='%23FFFFFF'%20stroke-width='37.3333'%20stroke-miterlimit='8'%20fill='none'%20fill-rule='evenodd'/%3e%3cpath%20d='M1296%201495.92C1296%201490.99%201299.99%201487%201304.92%201487L1366.08%201487C1371.01%201487%201375%201490.99%201375%201495.92L1375%201598.08C1375%201603.01%201371.01%201607%201366.08%201607L1304.92%201607C1299.99%201607%201296%201603.01%201296%201598.08Z'%20fill='%23FFFFFF'%20fill-rule='evenodd'/%3e%3cpath%20d='M1523%201495.92C1523%201490.99%201526.99%201487%201531.92%201487L1593.08%201487C1598.01%201487%201602%201490.99%201602%201495.92L1602%201598.08C1602%201603.01%201598.01%201607%201593.08%201607L1531.92%201607C1526.99%201607%201523%201603.01%201523%201598.08Z'%20fill='%23FFFFFF'%20fill-rule='evenodd'/%3e%3cpath%20d='M1742.41%201505.25C1741.46%201500.39%201744.63%201495.69%201749.49%201494.74L1809.81%201483.02C1814.67%201482.07%201819.37%201485.25%201820.32%201490.11L1839.66%201589.61C1840.6%201594.47%201837.43%201599.17%201832.57%201600.11L1772.26%201611.84C1767.4%201612.78%201762.69%201609.61%201761.75%201604.75Z'%20fill='%23FFFFFF'%20fill-rule='evenodd'/%3e%3c/g%3e%3c/svg%3e)
Privacy Notice
GDPR and beyond!
The Essentials in Brief
Although you may not see it, at LexMea, the secure, trustworthy, and respectful processing of the data arising from your use of our services is as integral to our service as the high-quality visible online content we offer.
To adequately protect the security of your data during transmission, we use methods based on the current state-of-the-art in encryption (e.g., SSL/TLS) and secure technical systems (e.g., DDoS protection, SQL injection protection, anti-CSRF tokens…).
To guarantee the protection of your personal data, we also go beyond the already high European data protection standard of the GDPR in many areas. You can find these areas marked by our LexMea data protection shield. Here is an overview:
'%20transform='translate(1017%20-3895)'%3e%3cpath%20d='M468.994%200%200.0532316%200%200%20429.188C0.0177439%20505.633%200.0354877%20582.072%200.0532316%20658.517%200.0532316%20916.421%20394.168%201133.34%20469%201134L469%200%20468.994%200Z'%20fill='%2303364D'%20fill-rule='evenodd'%20transform='matrix(-1%200%200%201%20-80.0001%203895)'/%3e%3cpath%20d='M-548.006%203895-1016.95%203895-1017%204324.19C-1016.98%204400.63-1016.96%204477.07-1016.95%204553.52-1016.95%204811.42-622.832%205028.34-548%205029L-548%203895-548.006%203895Z'%20fill='%231F6371'%20fill-rule='evenodd'/%3e%3cpath%20d='M-383.994%204418.45C-383.994%204505.46-454.59%204576-541.674%204576L-551.326%204576C-638.404%204576-709%204505.46-709%204418.45L-709%204188.55C-709%204101.54-638.404%204031-551.326%204031L-541.674%204031C-454.59%204031-383.994%204101.54-383.994%204188.55L-383.994%204418.45Z'%20stroke='%23C3CACF'%20stroke-width='64.1667'%20stroke-miterlimit='8'%20fill='none'%20fill-rule='evenodd'/%3e%3cpath%20d='M-769.011%204710.01C-778.379%204710.01-786%204702.39-786%204693.02L-786%204350.98C-786%204341.62-778.379%204334-769.011%204334L-323.983%204334C-314.615%204334-307%204341.62-307%204350.98L-307%204693.02C-307%204702.39-314.621%204710.01-323.983%204710.01L-769.011%204710.01Z'%20fill='%23D7DCDF'%20fill-rule='evenodd'/%3e%3cpath%20d='M-324.084%204334.2C-320.848%204334.2-318.211%204336.83-318.211%204340.07L-318.211%204681.93C-318.211%204685.17-320.848%204687.8-324.084%204687.8L-768.916%204687.8C-772.153%204687.8-774.789%204685.17-774.789%204681.93L-774.789%204340.07C-774.789%204336.83-772.153%204334.2-768.916%204334.2L-324.084%204334.2M-324.084%204312-768.916%204312C-784.425%204312-797%204324.57-797%204340.07L-797%204681.93C-797%204697.43-784.425%204710-768.916%204710L-324.078%204710C-308.569%204710-295.994%204697.43-295.994%204681.93L-295.994%204340.07C-296%204324.57-308.569%204312-324.084%204312L-324.084%204312Z'%20fill='%23F8F9FA'%20fill-rule='evenodd'/%3e%3cpath%20d='M-301%204328.32C-305.966%204318.53-314.729%204312-324.74%204312L-769.26%204312C-779.271%204312-788.034%204318.53-793%204328.32-767.649%204366.6-729.229%204391.01-686.218%204391.01L-407.782%204391.01C-364.771%204391.01-326.351%204366.6-301%204328.32Z'%20fill='%23F8F9FA'%20fill-rule='evenodd'/%3e%3cpath%20d='M-507%204499.81C-507%204477.27-525.276%204459-547.819%204459-570.361%204459-588.638%204477.27-588.638%204499.81-588.638%204515.36-579.931%204528.88-567.133%204535.76L-589%204620-510.15%204619.99-528.505%204535.76C-515.707%204528.88-507%204515.36-507%204499.81Z'%20fill='%2303364D'%20fill-rule='evenodd'/%3e%3c/g%3e%3c/svg%3e)
Full Control
Always have full control over your data through our Data Protection Cockpit, where you can manage your consents and access centrally compiled links to exercise your rights.
No Sale of Your Data
We never sell your data. When we show you advertisements, our advertising partners do not receive any information about you. Instead we curate it ourselves (e.g., based on the opened law book) on our own European servers.
Only European Servers
The data you enter is hosted by us, even if this involves additional costs for us, on European servers. We have also chosen exclusively European server locations for our integrations (e.g., for IT security or analytics).
No Google Analytics or Facebook/Meta-Pixel
We do not use major US services like Google Analytics or the Facebook/Meta-Pixel.
More Rights
We do not require bureaucratic justifications when exercising your rights (e.g., right to object) and respect your decision in any case, without using legal loopholes. Privacy Notice for lexmea.de
Privacy Notice for lexmea.de
This privacy notice serves to inform users about the type, scope, and purposes of the collection and use of personal data in the context of using lexmea.de.
1. Name and Contact Details of the Responsible Party
LexMea GmbHPostal address: Leipziger Str. 44, c/o Michael B. Strecker, 10117 Berlin
Email: datenschutz@lexmea.de
2. Contact of the Data Protection Officer
Michael B. Strecker
datenschutz@lexmea.de
3. Your Rights and How to Exercise Them Easily
Every data subject has the following rights, which can be exercised at any time informally – e.g. by sending an email to datenschutz@lexmea.de:
a) Right to Withdraw Consent (Art. 7(3) GDPR)
Each data subject has the right to withdraw a given consent at any time without affecting the lawfulness of the processing based on consent before its withdrawal if the data processing is based on consent under Art. 6(1)(a) or Art. 9(2)(a) GDPR.
b) Right of Access and Right to Obtain a Copy (Art. 15 GDPR)
Each data subject has the right to obtain access to their personal data, including information on the purposes of the processing and the recipients to whom the personal data have been disclosed. This also includes the right to obtain a copy of their personal data.
c) Right to Restriction of Processing (Art. 18 GDPR)
Each data subject has the right to request the restriction of processing under the conditions set out in Art. 18 GDPR.
d) Right to Erasure and “to be Forgotten” (Art. 17 GDPR)
Each data subject has the right to have their personal data erased without undue delay.
e) Right to Restriction of Processing (Art. 18 GDPR)
Each data subject has the right to request the restriction of the processing of their personal data under the conditions of Art. 18 GDPR.
f) Right to Data Portability (Art. 20 GDPR)
Each data subject has the right to data portability under the conditions of Art. 20 GDPR.
g) Right to Object to Processing (Art. 21 GDPR)
Each data subject has the right to object to the processing of their personal data, including for direct marketing and profiling purposes.
In this case, we will no longer process the personal data and will not require further requirements such as the need to assert a "special situation" of the data subject.
h) Right to Lodge a Complaint with a Supervisory Authority (Art. 77 GDPR)
Every data subject has the right to lodge a complaint with a supervisory authority, without prejudice to any other administrative or judicial remedy. The supervisory authority responsible for LexMea is:
Berliner Beauftragte für Datenschutz und Informationsfreiheit (Berlin Commissioner for Data Protection and Freedom of Information)
Friedrichstr. 219, 10969 Berlin,
Visitor entrance: Puttkamerstr. 16 – 18 (5th floor)
Phone: +49 30 13889-0, Fax: +49 30 2155050,
Email: mailbox@datenschutz-berlin.de
4. What personal data we process for which purposes on which legal basis
a) Personalization of your statute book
aa) Personalization of your statute book – Not logged in
When using LexMea, you personalize your online statute book yourself - for example, by creating notes, references, highlights, etc. - and manage your knowledge. To enable you to use our service as extensively as possible without any entry barriers, you can make such personalisations even without registration. These are then not stored on our servers, but only in the local storage of your browser (local storage). Only when you register or log in with an existing account, this information is transferred to us and loaded into your account. The legal basis for this processing is Art. 6(1)(a) GDPR (fulfillment of a contract) in conjunction with § 25(2) No. 2 TDDDG.
bb) Personalization of your statute book - Logged in
When you are logged in, your profile data (especially email address, username, and payment data for additional booked features), the data you enter when using our product (e.g., notes), and the metadata (such as the date when a note was created - to sort them accordingly in your library) are securely stored on European servers.
Your content and personalisations are generally not displayed to other users unless you actively use the content-sharing function. You can individually manage which content should be shared with which people. The legal basis for this processing is Art. 6(1)(a) GDPR (fulfillment of a contract).
b) Use and displayed content
We collect how you use our product, e.g., which norms you view or edit, to tailor our services and the content we display to your needs, thus sparing you from uninteresting offers.
When personalized advertising, such as legal job advertisements, is displayed to you, our advertising partners do not receive any information about you, but we curate it ourselves (e.g., based on the opened law book) on our own European servers.
c) Offering and improving of our services and protection against attacks
aa) No tracking and advertising cookies, no third-party cookies
Many websites store cookies from third-party companies (so-called third-party cookies) or tracking and advertising cookies on your device, especially to evaluate user behavior or display advertising – we do not!
We do not use Google Analytics, Facebook/Meta-Pixel and also refrain from setting tracking and advertising cookies as well as third-party cookies on your device to ensure a particularly high level of data protection.
bb) Necessary cookies
We may only use cookies that are strictly necessary for the function of our site (necessary cookies) or for functions that you explicitly request (functional cookies):
- Ensuring information security (Anti-CSRF token)
- Logging into LexMea with your personal account and authenticating against our servers to retrieve your personal content
- When you log in, a cookie is stored that keeps you logged in for the following days (session cookie) without requiring you to enter your data again.
- If you optionally click on 'Stay logged in' when logging in, a second cookie is stored that keeps you logged in for the following months (remember cookie).
cc) Website improvement without Google Analytics
To make our services more user-friendly and effective for you, we use the open-source analysis tool PostHog. The data collected is hosted on European servers and not transferred to the USA. Personal user data is only used internally to improve our features and never passed on to advertising partners, let alone sold. When personalized advertising, such as legal job advertisements, is displayed to you, our advertising partners do not receive any information about you, but we curate it ourselves (e.g., based on the opened law book) on our own European servers. The legal bases for these processes are Art. 6(1)(a) GDPR (fulfillment of a contract) and Art. 6(1)(f) GDPR (legitimate interests).
dd) Log files
Your browser automatically transmits information when visiting LexMea – just like when visiting any other website – which is stored in a log file. This information includes, in particular: used web browser; operating system; the previously visited page (referrer); for visitors coming from a search engine, the search terms; date, time, time zone; content and scope of the requests and transferred data volumes as well as the IP address. The mentioned data is processed by us for the following purposes: ensuring a smooth connection setup of the website; ensuring the correct display of our content; ensuring the security of our services (e.g., protection against hacker attacks) and evaluation of system security and stability; ensuring a comfortable use of our website. The IP address is shortened by us for data protection reasons by the last three digits. Thus, it is no longer possible or only possible with a disproportionate amount of time, cost, and effort to establish a reference to a specific or identifiable natural person (so-called anonymization). If personal data is still involved, the legal basis for this processing is Art. 6(1)(f) GDPR (legitimate interests of the provider).
d) Email notifications
Without your consent, we do not send you emails about news (newsletter).
If you have given us consent during the registration process or in your privacy cockpit, we will only send you an email with really relevant news – such as new features, special Commented [A1]: Redundant? events, content, or internship/job offers in your region or legal field.
Most companies use US services such as MailChimp for sending newsletters, which transfer email addresses and data on interaction with sent emails (e.g., time of retrieval, IP address, browser type, and operating system) to servers in the USA – we do not!
Instead we may use European alternatives, such as Brevo (formerly Sendinblue), for sending emails.
For sending, organizing, and analyzing (e.g., whether a newsletter was opened and which links were subsequently clicked) our newsletters, we currently use the European provider Brevo (operated in Germany by Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany). The data generated in this context is stored exclusively on European servers by Brevo. We have concluded a data processing agreement with Brevo, in which we oblige Brevo to protect our customers' data and not to pass it on to third parties.
The legal basis for this is Art. 6(1)(a) GDPR (consent). You can revoke your consent at any time, e.g., simply by clicking on the corresponding link at the end of each email or via your privacy cockpit in the account settings. Alternatively, you can also send your unsubscribe request at any time by email to datenschutz@lexmea.de.
e) No connection to social media (Instagram, Facebook, etc.)
Many operators integrate social media plugins on their sites. These allow, for example, content to be shared directly on social media without leaving the site. However, such plugins transmit personal data about the visitors of the respective site to the social media operators, regardless of whether they have an account there or not.
We do not use social media plugins which transfer data to third parties.
We deliberately refrain from using such social media plugins because we believe that they do not provide the same level of data protection as we do (see the ECJ rulings on the 'Safe Harbor Agreement' and the 'EU-US Privacy Shield').
f) Data from received applications
We are very pleased to receive applications for jobs, internships, or legal clerkships at LexMea. Received applications are processed exclusively for selection procedures. If we can welcome you to our team, we store your data in your employee file at least until the end of the collaboration.
If a collaboration does not come about at the intended time, we only keep your data if you consent (Art. 6(1)(a) GDPR) or if we have a legitimate interest in doing so (e.g., to be able to reach you in case of important inquiries or for legal evidence purposes). You can revoke your consent at any time. Even with given consent, we delete the data at the latest 3 years later.
The legal basis for this processing is Art. 6(1)(f) GDPR (legitimate interests of the provider), Art. 6(1)(b) GDPR (contract or pre-contractual measures), Art. 6(1)( a) GDPR (consent), and Art. 9(2)(a) GDPR (processing of special categories).
In the case of the protection of vital interests, data processing is carried out in accordance with Art. 9(2)(c) GDPR. For purposes of health care, occupational medicine, medical diagnosis, provision or treatment in the health or social sector, or the management of systems and services in the health or social sector, the processing of personal data is carried out in accordance with Art. 9(2)(h) GDPR. If you voluntarily provide data of special categories, the processing is based on Art. 9(2)(a) GDPR.
5. Recipients of Personal Data
a) IT Service Providers
Our web hosting provider provides servers in the European Union and is therefore a recipient of your personal data under the contracts we have concluded for processing data.
b) Payment Service Providers
If you book a paid service extension and select an external payment service provider during the payment process, your data will be transferred to them. The legal basis for this processing is Art. 6(1)(a) GDPR (fulfillment of a contract).
c) No Disclosure to Advertising Partners
Many providers finance their products through the sale of personal data. At LexMea, we believe that a high-quality, privacy-friendly product can also be provided in other ways.
6. Transfer of Personal Data to a Third Country
Many providers relocate their headquarters to third countries for tax reasons. As LexMea, we are a Berlin-based start-up that consciously submits to European legal norms such as the obligation to ensure a high level of data protection and the obligation to pay fair taxes.
We therefore consciously host our data on European servers, even when this is associated higher costs, and only use integrations with European server locations.
Your personal data will therefore not be transferred to third countries outside the EU, unless you conclude a paid additional service and voluntarily and knowingly choose – among other possible options – a payment service provider based in such countries (such as PayPal, Mastercard, or Visa). In this case, only the data strictly necessary for the execution of these services will be transferred.
7. Duration of Storage and Deletion of Personal Data
We only store data as long as it is needed to provide our services or until your account is deleted, whichever comes first. This is determined on a case-by-case basis and depends on factors such as the nature of the data, why it is collected and processed, and relevant legal or operational storage needs. The latter includes, in particular, the retention and documentation obligations under the Commercial Code (HGB) and the Tax Code (AO).
If you delete your account in your profile settings, we will send you an email confirming the deletion process. This allows you to reactivate your account within 30 days and cancel the deletion process. After 30 days, the deletion process begins, and you will no longer be able to retrieve your added content, personalizations, or other data. Only to the extent necessary to preserve evidence regarding the provision of any paid services you have used, we store the metadata (but not the content) for the duration of the statutory limitation periods.
8. Changes to the Privacy Policy
It may become necessary in the future to change the content of this privacy policy. For example, if the legal provisions change or if LexMea introduces new functions and your data is therefore processed for purposes other than originally stated. We therefore reserve the right to change this privacy policy. We will always keep the privacy policy up to date on our website.