MidMarketNow
Get the Weekly

Privacy Policy

This notice explains how MidMarketNow processes personal data under the EU General Data Protection Regulation (GDPR / DSGVO).

1. Controller

The controller responsible for processing within the meaning of Art. 4(7) GDPR is MidMarketNow. For data-protection enquiries, contact [email protected].

2. Hosting & access logs

The site is served by Vercel (Vercel Inc., USA) and fronted by Cloudflare (Cloudflare, Inc., USA); the content backend runs on EU infrastructure. When you visit, the infrastructure processes technical access data (IP address, user agent, timestamp, requested URL) to deliver the site and maintain security. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a secure, functioning service). Transfers to the USA are safeguarded by the EU–US Data Privacy Framework and/or EU Standard Contractual Clauses.

3. Product analytics (consent-gated)

We use PostHog (EU region, eu.i.posthog.com) to understand how readers use the site. It loads only after you grant consent via the banner and is configured not to capture direct identifiers (no email, IP discarded). Legal basis: Art. 6(1)(a) GDPR (consent). You can withdraw consent at any time with effect for the future (see §6); until you consent, no analytics are loaded.

4. Error monitoring

We use Sentry (EU region) to detect and fix technical errors. It may process technical context (error details, browser, truncated request data) strictly to keep the service reliable. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a stable service).

5. Newsletter

If and when the newsletter is enabled, subscription uses a double-opt-in: you submit your email and explicit consent, and we send a confirmation link; we store your email, consent record and a hashed proof, and dispatch emails via Resend. Legal basis: Art. 6(1)(a) GDPR (consent). Every email carries a one-click unsubscribe; unsubscribing withdraws consent for the future. We do not store your raw IP address for this purpose.

6. Cookies, local storage & consent

We store your analytics consent choice and any saved articles / followed entities locally in your browser. These are functional and set on your action; no advertising or cross-site tracking cookies are used. You can change or withdraw your analytics consent at any time by clearing site data or via the consent control, and you can clear saved items in your browser.

7. Recipients & third parties

Processors acting on our instructions include our hosting/CDN providers (Vercel, Cloudflare), analytics (PostHog EU), error monitoring (Sentry EU) and email delivery (Resend). Where a processor is located outside the EU/EEA, transfers are based on the EU–US Data Privacy Framework and/or Standard Contractual Clauses with appropriate safeguards.

8. Retention

We retain personal data only as long as necessary for the purpose for which it was collected or as required by law. Access logs are kept for a short period for security; analytics data is retained per the provider's configured retention; newsletter data is kept until you unsubscribe.

9. Your rights

Under the GDPR you have the right to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20) and to object (Art. 21). Where processing is based on consent, you may withdraw it at any time with effect for the future. To exercise these rights, contact us at [email protected]. You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR).

10. Changes

We may update this policy as our processing or providers change. The current version always applies.

We use privacy-respecting product analytics to understand how readers use MidMarketNow and improve it. No personal data (email, IP) is sent. See our privacy policy.