Madame Fou UG | Privacy Policy
As the responsible owner of Madame Fou UG, Sarah Fourcade attaches particular importance to data protection.
That is why I take the protection of your personal data seriously and adhere to the rules of the applicable data protection laws, in particular those of the General Data Protection Regulation (EU GDPR) and the Federal Data Protection Act (BDSG) as well as this data protection declaration.
The guiding principle for handling your data is the high standards you expect from my services and products. The confidentiality and integrity of your personal data are therefore of utmost importance to me.
I will always process and use your data carefully and for the intended purpose, in accordance with your consent, and only in compliance with the statutory data protection regulations.
With my privacy policy, I would like to give you an overview of the type, scope and purpose of the personal data collected, used and processed by you and to inform you accordingly.
My goal is to inform you how I ensure the protection of your personal data. Furthermore, my privacy policy is intended to inform data subjects about their rights, thereby creating and maintaining the basis for a trusting business relationship. With this privacy policy, I would like to explain to you how I ensure the protection of your personal data.
In principle, my website www.absatzschutz.de can be used without providing personal data. However, if a data subject wishes to use special services provided by Madame Fou UG, processing of personal data may be necessary. If the processing of personal data is necessary and there is no legal basis for it, I will, of course, obtain the consent of the data subject.
The processing of personal data, such as the first and last name, address, email address, telephone number and date of birth of a data subject, is always carried out in accordance with the General Data Protection Regulation (EU GDPR) and the Federal Data Protection Act (BDSG) as well as this data protection declaration, i.e. always in accordance with the data protection regulations applicable to me.
As the owner of Madame Fou UG, I have implemented numerous technical and organizational measures to ensure the most complete protection possible for personal data processed via my website. However, absolute protection cannot be guaranteed, as internet-based data transmissions can be subject to security gaps. Therefore, every data subject is free to transmit personal data to me via alternative means, such as by telephone or in a personal conversation at my business premises.
My privacy policy is based on the General Data Protection Regulation (GDPR) and the terms used in its adoption by the European legislator. To ensure it is easy to read and understand for everyone, I ask you to take the time to familiarize yourself with the following explanations of the terms used in my privacy policy:
Personal data is any information relating to an identified or identifiable natural person. This person is also referred to as the "data subject." An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
A data subject is any identified or identifiable natural person whose personal data is processed by the controller. Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or linking, restriction, erasure, or destruction. Restriction of processing means marking stored personal data with the aim of limiting its future processing.
The controller or person responsible for processing is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of processing personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. Recipient is a natural or legal person, public authority, agency or other body to which personal data are disclosed, whether a third party or not. However, authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be considered recipients. Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons authorised to process the personal data under the direct authority of the controller or processor.
Consent is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data concerning him or her.
Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Based on the above, I, as the owner of Madame Fou UG, hereby issue the following data protection declarations:
1. Name and contact details of the controller
This privacy information applies to data processing by
Madame Fou UG, Braunsberger Feld 13c, 51429 Bergisch Gladbach
Phone: 02207/7037961
Email: info@madamefou.de
Internet: www.absatzschutz.de
as controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature.
2. Collection and storage of personal data and the nature and purpose of their use
a) When you visit the website
When you visit the website www.absatzschutz.de, the browser used on your device automatically sends information to my website's server. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automatically deleted:
IP address of the requesting computer,
Date and time of access,
Name and URL of the retrieved file,
Website from which access is made (referrer URL),
browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
I will process the above data for the following purposes:
Ensuring a smooth connection to the website,
Ensuring comfortable use of my website,
Evaluation of system security and stability as well as
for further administrative purposes.
The legal basis for data processing is Art. 6 (1) (f) GDPR. My legitimate interest arises from the purposes for data collection listed above. Under no circumstances will I use the collected data to draw conclusions about you personally.
In addition, I use cookies and analytics services when you visit my website. Further information can be found in sections 5 and 6 of this privacy policy.
b) When using the contact form
I offer you the opportunity to contact me via a form provided on my website. You will need to provide your first or last name, a valid email address, a subject, and your request (i.e., any questions you may have) in order to answer your inquiry and know who is contacting me.
When you contact me via the contact form, personal data is collected, the extent of which is clear. This data is stored and used exclusively for the purpose of answering your request or for establishing contact and the associated technical administration. The legal basis for processing the data is my legitimate interest in answering your request in accordance with Art. 6 (1) (a) and (f) EU GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (a) and (b) EU GDPR. Your data will be deleted after your request has been finally processed. This is the case if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention periods to the contrary.
c) Creation and use of a customer account
To provide you with the greatest possible convenience when shopping, I offer you the permanent storage of your personal data in a password-protected customer account. Once you have created a customer account, you will no longer need to re-enter your personal data for the purchase process. Furthermore, you can view, change, and save the personal data stored about you in your customer account at any time.
In addition to the information requested when placing an order, you must provide a password of your choice to create a customer account. This password, along with your email address, will be used to access your customer account. Please treat your personal login information confidentially and, in particular, do not disclose it to unauthorized third parties. I cannot accept liability for misused passwords unless I am responsible for the misuse.
Alternatively, you can also set up a guest account, for which the above applies accordingly, with the exception that you do not need a password of your choice to create it. The guest account is only used for completing a one-time purchase and will be deleted after the purchase is completed.
The legal basis for this is Art. 6 (1) (b) EU GDPR, i.e. you provide me with the data on the basis of the contractual relationship between you and me or in advance of it.
This data will be passed on to third parties for the purpose of processing purchase contracts in accordance with section 2.d). I generally rule out any further transfer of this data to third parties.
If you request the deletion of your customer account, your data will be deleted accordingly.
d) Execution of contracts
Madame Fou UG's business activity is the distance selling of goods and services within the scope of officially granted permits. In this context, I process the data required for the conclusion, execution, or termination of a contract. This includes, in particular:
First name Last Name,
Billing and delivery address,
E-mail address,
Billing and payment data,
Birth date,
Telephone number (optional).
The legal basis for this is Art. 6 (1) (b) EU GDPR, i.e. you provide me with the data on the basis of the contractual relationship between you and me.
As part of the aforementioned data processing activities, your data will be processed on my behalf by contract processors, particularly those in the logistics sector. These processors are carefully selected and contractually bound in accordance with Art. 28 of the EU GDPR.
I will pass on your delivery address information to a logistics company commissioned by me for the purpose of processing the purchase contract. Only in cases of bulky goods or similar circumstances will I transmit your email address and, if applicable, your telephone number to the logistics company commissioned by me to ensure that the goods can be delivered as planned. The logistics company may contact you in advance of delivery to coordinate delivery details with you. The data will be transmitted to the commissioned logistics company solely for this purpose and processed by them for the intended purpose.
If you have selected credit card or an online payment method (e.g., PayPal) as your payment method, I will redirect you to the corresponding payment service provider after completing your order (currently PayPal in the case of credit card payment). There, after entering your login details, you can authorize payment via the service provider. In this context, please also note my explanations regarding external payment service providers in Section 12 below.
Unless I use your contact information for advertising purposes, I will store the data collected for contract processing until the expiration of the statutory or potential contractual warranty and guarantee rights. After this period, I will retain the information required by commercial and tax law relating to the contractual relationship for the legally specified periods. During this period (usually ten years from the conclusion of the contract), the data will be processed again solely in the event of an audit by the tax authorities and in response to customer inquiries.
3. Sharing of data
Your personal data will not be transferred to third parties for purposes other than those listed below.
Madame Fou UG will only share your personal data with third parties if:
You have given your express consent in accordance with Art. 6 (1) (a) GDPR,
the transfer is necessary according to Art. 6 (1) (f) GDPR to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not transferring your data,
in the event that there is a legal obligation for the transfer pursuant to Art. 6 (1) (c) EU-DSVGO, and
this is legally permissible and is necessary for the processing of contractual relationships with you according to Art. 6 (1) (b) EU-GDPR.
With reference to section 2. d), please note again that I will pass on your data to the shipping company commissioned with the delivery in order to fulfill the contract, insofar as this is necessary for the delivery of ordered goods. Depending on which payment service provider you select during the ordering process, I will pass on the payment data collected for this purpose to the credit institution commissioned with the payment and, if applicable, to the payment service provider commissioned by me or to the selected payment service. In some cases, the selected payment service providers also collect this data themselves if you create an account with them. In this case, you must log in to the payment service provider using your access data during the ordering process. The data protection declaration of the respective payment service provider applies in this respect. In this context, please also note my following explanations regarding external payment service providers in section 12.
4. Collection of general data and information
The website of Madame Fou UG collects a series of general data and information each time the website www.absatzschutz.de is accessed by a data subject or an automated system. This general data and information is stored in the server's log files.
the browser types and versions used,
the operating system used by the accessing system,
the website from which an accessing system reaches my website (so-called referrer),
the sub-websites that are accessed via an accessing system on my website,
the date and time of access to the website,
an Internet Protocol address (IP address),
the Internet service provider of the accessing system and
other similar data and information used to avert threats in the event of attacks on my information technology systems.
When using this general data and information, I do not draw any conclusions about the data subject. Rather, this information is needed to
to deliver the contents of my website correctly,
to optimise the content of my website and the advertising for it,
to ensure the long-term functionality of my information technology systems and the technology of my website and
to provide law enforcement authorities with the information necessary for prosecution in the event of a cyberattack.
This anonymously collected data and information is therefore evaluated by me on the one hand statistically and on the other hand with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data I process.
The anonymous data in the server log files are stored separately from all personal data provided by a data subject.
5. Cookies
The Madame Fou UG website uses cookies. These are small text files that are automatically created by your internet browser and stored on your computer system, i.e., your device (PC, laptop, tablet, smartphone, etc.), when you visit my website.
Cookies do not cause any damage to your device. They do not contain viruses, Trojans, or other malware.
The cookie stores information related to the specific device used. However, this does not mean that I directly obtain knowledge of your identity.
The use of cookies serves, on the one hand, to make using my services, i.e., those of Madame Fou UG, more pleasant for you. For example, I use so-called session cookies to recognize that you have already visited individual pages of my website. These are automatically deleted after you leave my website.
In addition, I also use temporary cookies to optimize user experience. These cookies are stored on your device for a specific period of time. If you visit my website again to use my services, it will automatically recognize that you have already visited me and which entries and settings you have made, so you don't have to enter them again.
I also use cookies to statistically record the use of my website and to evaluate it for the purpose of optimizing my service for you. These cookies allow me to automatically recognize that you have already visited my website when you visit it again. These cookies are automatically deleted after a defined period of time.
The data processed by cookies are necessary for the purposes mentioned to protect my legitimate interests and those of third parties in accordance with Art. 6 (1) (f) EU GDPR.
Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier for the cookie. It consists of a character string that allows websites and servers to associate the specific internet browser in which the cookie was stored. This enables the visited websites and servers to distinguish the individual browser of the data subject from other internet browsers that contain other cookies. A specific internet browser can be recognized and identified using the unique cookie ID.
Most browsers automatically accept cookies. You can prevent cookies from being set by my website at any time by selecting the appropriate settings in your browser, thus permanently denying the setting of cookies. You can configure your browser so that no cookies are stored on your computer or so that a warning always appears before a new cookie is created.
In addition, cookies already set can be deleted at any time via an internet browser or other software programs. This is possible in all common internet browsers.
However, completely deactivating cookies may mean that you cannot use all the functions of my website.
6. Use and application of Google Analytics
For the purpose of tailoring my website to meet your needs and continuously optimising it, I have integrated Google Analytics into it.
The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA (https://www.google.de/intl/de/about/).
Google Analytics is a web analytics service. Web analytics is the collection, gathering, and evaluation of data about the behavior of website visitors. A web analytics service collects, among other things, data about the website from which a data subject came to a website (the so-called referrer), which subpages of the website were accessed, and how often and for how long a subpage was viewed.
Web analysis is primarily used to optimize a website and to conduct a cost-benefit analysis of internet advertising.
The purpose of the Google Analytics component is to analyze visitor flows on the Madame Fou UG website.
Google uses the data and information obtained, among other things, to evaluate the use of the Madame Fou UG website, to compile online reports for me that show the activities on the websites, and to provide other services related to the use of my website.
As the controller, I use the "_gat._anonymizeIp" add-on for web analytics via Google Analytics. This add-on shortens and anonymizes the IP address of the data subject's internet connection if the Madame Fou UG website is accessed from a member state of the European Union or another state party to the Agreement on the European Economic Area.
Google Analytics sets a cookie on the information technology system of the data subject. Cookies have already been explained above [Section 5]. By setting the cookie, Google is enabled to analyze the use of the Madame Fou UG website. Each time one of the individual pages of my website, which is operated by me as the controller and into which a Google Analytics component has been integrated, is accessed, the Internet browser on the information technology system of the data subject is automatically prompted to transmit data to Google for the purpose of online analysis through the respective Google Analytics component.
As part of this technical procedure, Google receives knowledge of personal data, such as the IP address of the data subject, which Google uses, among other things, to trace the origin of visitors and clicks and subsequently enable commission settlements.
The information generated by the cookie about your use of my website such as
Browser type/version,
operating system used,
Referrer URL (the previously visited page),
Hostname of the accessing computer (IP address),
Time of the server request
are transmitted to a Google server in the United States of America and stored there. This information is used to evaluate website usage, to compile reports on website activity, and to provide other services related to website and internet usage for the purposes of market research and tailoring these websites to meet user needs.
This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf.
Under no circumstances will your IP address be merged with other Google data. Instead, IP addresses are anonymized so that they cannot be assigned to a specific user (so-called IP masking).
The cookie is used to store personal information, such as the time of access, the location from which access was made, and the frequency of visits to our website by the data subject.
Each time you visit the Madame Fou UG website, this personal data, including the IP address of the internet connection used by the data subject, is transmitted to Google in the United States of America. This personal data is stored by Google there, i.e., in the United States of America. Google may also transfer this personal data collected through this technical process to third parties.
The data subject can prevent the setting of cookies by my website, i.e., those of Madame Fou UG, as described above, at any time by means of a corresponding setting in the Internet browser used, thus permanently denying the setting of cookies. Such a setting of the Internet browser used would also prevent Google from placing a cookie on the information technology system of the data subject. Furthermore, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programs.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de). This browser add-on informs Google Analytics via JavaScript that no data and information relating to visits to websites may be transmitted to Google Analytics. The installation of the browser add-on is interpreted by Google as an objection. If the information technology system of the data subject is deleted, formatted, or reinstalled at a later date, the data subject must reinstall the browser add-on to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or another person within their sphere of control, it is possible to reinstall or reactivate the browser add-on. However, please note that if you do so, you may not be able to use all of the website's features to their full extent. Installing this browser plug-in affects not only this website, but generally all other websites you visit, and may therefore also impair the functionality of other websites.
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on https://tools.google.com/dlpage/gaoptout. This will set an opt-out cookie that prevents the future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for my website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
Further information about Google Analytics and Google's applicable privacy policy can be found in the Google Analytics Help Center at https://support.google.com/analytics/answer/6004245?hl=de and can also be accessed at https://www.google.de/intl/de/policies/privacy/ and at https://www.google.com/analytics/terms/de.html. Furthermore, Google Analytics is explained in more detail at https://www.google.com/intl/de_de/analytics/.
The tracking measure listed above and used by me is carried out on the basis of Art. 6 (1) (f) EU GDPR.
7. Deployment and use of social media plug-ins
Based on Art. 6 (1) (f) of the EU GDPR, I use social plug-ins from the social networks Facebook and Instagram on my website to raise awareness of my company. The underlying advertising purpose is considered a legitimate interest within the meaning of the EU GDPR. Responsibility for ensuring compliance with data protection regulations rests with the respective providers. I integrate these plug-ins using the so-called two-click method to best protect visitors to my website.
a) Facebook
My website uses social media plug-ins from Facebook to personalize its use. For this purpose, I use the "LIKE" or "SHARE" button. This is a service provided by Facebook. Therefore, components of the Facebook company are integrated into my website.
Facebook is a social network. A social network is a social meeting place operated on the Internet, an online community that generally allows users to communicate with each other and interact in virtual space. A social network can serve as a platform for exchanging opinions and experiences or allow the online community to provide personal or business-related information. Facebook allows users of the social network to create private profiles, upload photos, and network via friend requests, among other things.
The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. The controller responsible for the processing of personal data of data subjects living outside the USA or Canada is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
When you visit a page on my website that contains such a plugin, your browser establishes a direct connection to Facebook's servers. The content of the plugin is transmitted directly from Facebook to your browser, which then integrates it into the website.
By integrating the plug-in, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you don't have a Facebook account or are not currently logged into Facebook. This information (including your IP address) is transmitted directly from your browser to a Facebook server in the United States of America and stored there.
If you are logged in to Facebook, Facebook can directly associate your visit to my website with your Facebook account. If you interact with the plug-ins, for example, by clicking the "LIKE" or "SHARE" button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and displayed to your Facebook friends.
Facebook may use this information for the purposes of advertising, market research, and tailoring Facebook pages to meet your needs. For this purpose, Facebook creates user, interest, and relationship profiles, e.g., to evaluate your use of my website with regard to the advertisements displayed to you on Facebook, to inform other Facebook users about your activities on my website, and to provide other services related to the use of Facebook.
Each time one of the individual pages of this website, which is operated by the controller and on which a Facebook component (Facebook plug-in) has been integrated, is accessed, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Facebook component to download a display of the corresponding Facebook component from Facebook. A complete overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=de_DE. As part of this technical process, Facebook receives information about which specific subpage of my website was visited by the data subject.
If the data subject is logged in to Facebook at the same time, Facebook recognizes which specific subpage of our website the data subject visits with each visit to our website by the data subject and for the entire duration of their stay on my website. This information is collected through the Facebook component and associated by Facebook with the respective Facebook account of the data subject. If the data subject clicks on one of the Facebook buttons integrated on my website, e.g. the "Like" button, or if the data subject makes a comment, Facebook associates this information with the personal Facebook user account of the data subject and stores the personal data.
Facebook always receives information via the Facebook component that the data subject has visited our website, provided that the data subject is logged in to Facebook at the time of accessing our website; this occurs regardless of whether the data subject clicks on the Facebook component or not. If the data subject does not wish this information to be transmitted to Facebook, they can prevent this by logging out of their Facebook account before accessing our website.
The data policy published by Facebook, available at https://de-de.facebook.com/about/privacy/, provides information about the collection, processing, and use of personal data by Facebook. It also explains which settings options Facebook offers to protect the privacy of the data subject. Furthermore, various applications are available that allow the suppression of data transmission to Facebook. Such applications can be used by the data subject to suppress data transmission to Facebook.
If you do not want Facebook to assign the data collected via my website to your Facebook user account, you must log out of your Facebook user account before visiting my website.
For information on the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your rights and setting options for protecting your privacy, please refer to Facebook's privacy policy (https://www.facebook.com/about/privacy/).
b) Instagram
My website also uses so-called social plugins (“plugins”) from Instagram, which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”).
Instagram is a service that qualifies as an audiovisual platform and allows users to share photos and videos and further disseminate such data on other social networks. The plugins are marked with an Instagram logo, e.g., in the form of an "Instagram camera."
When you visit a page on my website that contains such a plugin, your browser establishes a direct connection to Instagram's servers. The content of the plugin is transmitted directly from Instagram to your browser and embedded into the page. Through this integration, Instagram receives the information that your browser has accessed the corresponding page on my website, even if you don't have an Instagram profile or are not currently logged into Instagram.
This information (including your IP address) is transmitted directly from your browser to an Instagram server in the United States of America and stored there. If you are logged in to Instagram, Instagram can directly associate your visit to my website with your Instagram account. If you interact with the plugins, for example, by clicking the "Instagram" button, this information is also transmitted directly to an Instagram server and stored there.
The information will also be published on your Instagram account and displayed to your contacts there. This happens regardless of whether the data subject clicks on the Instagram component or not.
If you do not want Instagram to directly assign the data collected via my website to your Instagram account, you must log out of Instagram before visiting my website.
Further information and Instagram’s applicable privacy policy can be found at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.
8. Deployment and use of Shariff
I have integrated the Shariff component into my website. The Shariff component provides social media buttons that comply with data protection regulations. Shariff was developed for the German computer magazine c't and is published via GitHub, Inc. The developer of the component is GitHub, Inc., 88 Colin P. Kelly Junior Street, San Francisco, CA 94107, USA.
Typically, the button solutions provided by social networks transmit personal data to the respective social network when a user visits a website in which a social media button has been integrated. By using the Shariff component, personal data is only transmitted to social networks when the visitor to a website actively clicks one of the social media buttons. Further information on the Shariff component is provided by the computer magazine c't at https://www.heise.de/newsticker/meldung/Datenschutz-und-Social-Media-Der-ct-Shariff-ist-im-Einsatz-2470103.html. The purpose of using the Shariff component is to protect the personal data of visitors to my website and, at the same time, to enable me to integrate a button solution for social networks on this website.
Further information and GitHub’s applicable privacy policy can be found at https://help.github.com/articles/github-privacy-policy/.
9. Use and application of YouTube
I integrate YouTube components into my website. YouTube is an online video portal that allows video publishers to upload video clips free of charge, and other users to view, rate, and comment on them free of charge. YouTube allows the publication of all types of videos, which is why both full film and television programs, as well as music videos, trailers, and videos created by users themselves, are available on the online portal.
The operator of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
Each time one of the individual pages of this website, which is operated by the controller and on which a YouTube component (YouTube video) has been integrated, is accessed, the Internet browser on the information technology system of the data subject is automatically prompted by the respective YouTube component to download a display of the corresponding YouTube component from YouTube.
Further information about YouTube can be found at https://www.youtube.com/yt/about/de/. As part of this technical process, YouTube and Google receive information about which specific subpage of our website was visited by the data subject.
If the data subject is logged in to YouTube at the same time, YouTube recognizes which specific subpage of our website the data subject is visiting when they access a subpage containing a YouTube video. This information is collected by YouTube and Google and assigned to the respective YouTube account of the data subject.
YouTube and Google always receive information via the YouTube component that the data subject has visited our website, provided the data subject is logged in to YouTube at the same time as accessing our website; this occurs regardless of whether the data subject clicks on a YouTube video or not. If the data subject does not want this information to be transmitted to YouTube and Google, they can prevent this by logging out of their YouTube account before accessing our website.
The privacy policy published by YouTube, which is available at https://www.google.de/intl/de/policies/privacy/, provides information about the collection, processing and use of personal data by YouTube and Google.
10. Contact form
Due to legal regulations, my website contains information that enables quick electronic contact with my company and direct communication with me, which also includes a general address for so-called electronic mail (e-mail address).
If you voluntarily send me inquiries via the contact form, the personal data you submit will be automatically stored by me for the purpose of processing your inquiry and in case of follow-up questions or to contact you. I will not share information from the inquiry form, including the personal data you provide and submit there, with third parties without your consent.
The data entered into the contact form will therefore be processed exclusively on the basis of your consent (Article 6 (1) (a) of the EU GDPR). You can revoke this consent at any time. To do so, simply send me an informal email. The legality of the data processing operations carried out up to the time of revocation remains unaffected by the revocation.
The data you enter in the contact form will remain with me until you request its deletion, revoke your consent to storage or the purpose for storing the data no longer applies (e.g. after your request has been processed).
Mandatory legal provisions – especially retention periods – remain unaffected.
11. Redirection to websites of my contractual partners
On my website, I sometimes redirect you to the corresponding websites of my contractual partners. I do not transmit any personal data in this context. The data required to commission the respective contractual partner is only provided by you on their website. You can identify the responsible party by the name of the contractual partner on the page and in the respective imprint. The contractual partners' websites are subject to their own privacy policies. For your security, these companies are obligated to comply with applicable data protection laws. Please note that this privacy policy applies only to my website. Information on our individual online services can be found below.
12. External payment service providers
I use external payment service providers through whose platforms users and I can make payment transactions
To fulfill contracts, I use payment service providers on the basis of Art. 6 (1) (b) of the EU GDPR. Furthermore, I use external payment service providers based on my legitimate interests pursuant to Art. 6 (1) (b) of the EU GDPR to offer users effective and secure payment options.
The data processed by the payment service providers includes inventory data, such as name and address, bank details such as account numbers or credit card numbers, passwords, TANs and checksums, as well as contract, amount, and recipient-related information. This information is required to process the transactions. However, the data entered is only processed and stored by the payment service providers. This means that I do not receive any account- or credit card-related information, but only information confirming or rejecting the payment. Under certain circumstances, the payment service providers may transmit the data to credit agencies. This transmission is for the purpose of identity and credit checks. Please refer to the terms and conditions and privacy policy of the payment service providers.
Payment transactions are subject to the terms and conditions and privacy policies of the respective payment service providers, which are available on the respective websites or transaction applications. I also refer to these for further information and to assert withdrawal, information, and other data subject rights:
PayPal as a payment method
I have integrated PayPal components into my website. PayPal is an online payment service provider. Payments are processed via so-called PayPal accounts, which are virtual private or business accounts. PayPal also offers the option of processing virtual payments via credit cards if a user does not have a PayPal account. A PayPal account is managed via an email address, which is why there is no traditional account number. PayPal enables you to initiate or receive online payments to third parties. PayPal also performs escrow functions and offers buyer protection services.
The European operating company of PayPal is PayPal (Europe) S.à.rl & Cie. SCA, 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg.
PayPal reserves the right to conduct a credit check for payment methods such as credit card via PayPal, direct debit via PayPal, or "purchase on account." For this purpose, your payment data may be passed on to credit agencies in accordance with Art. 6 (1) (f) of the EU GDPR based on PayPal's legitimate interest in determining your ability to pay. PayPal uses the results of the credit check regarding the statistical probability of default to decide whether to provide the respective payment method. The credit check may contain probability values (so-called score values). To the extent that score values are included in the result of the credit check, they are based on a scientifically recognized mathematical-statistical procedure. Address data, among other things, is used to calculate the score values.
If the data subject selects "PayPal" as a payment option during the ordering process in my online shop, the data subject's data will be automatically transmitted to PayPal. By selecting this payment option, the data subject consents to the transmission of personal data required for payment processing.
The transfer takes place in accordance with Art. 6 (1) (b) EU GDPR and only to the extent that this is necessary for payment processing.
The personal data transmitted to PayPal typically includes your first name, last name, address, email address, IP address, telephone number, mobile phone number, or other data necessary for payment processing. Personal data related to the respective order is also necessary for processing the purchase contract.
The purpose of transmitting data is to process payments and prevent fraud. The controller will transmit personal data to PayPal in particular if there is a legitimate interest in doing so. The personal data exchanged between PayPal and the controller may be transmitted by PayPal to credit reporting agencies. This transmission is for the purpose of identity and credit checks.
PayPal may share personal data with affiliated companies, service providers, or subcontractors if this is necessary to fulfill contractual obligations or if the data is to be processed on their behalf.
The data subject has the option of revoking their consent to the processing of personal data by PayPal at any time. Revoking this consent does not affect personal data that must be processed, used, or transmitted for (contractual) payment processing.
PayPal's applicable privacy policy can be found at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
If you choose the "Purchase on account" payment method of the PayPal service "BillSAFE" (www.billsafe.de), you will be asked during the ordering process to consent to the transmission of the data required for processing the payment and an identity and credit check to PayPal. If you give your consent, this data will be transmitted to PayPal. For the purpose of its own identity and credit check, PayPal or partner companies commissioned by PayPal transmit data to credit reporting agencies and receive information from them, as well as creditworthiness information based on mathematical and statistical procedures, the calculation of which includes, among other things, address data. Furthermore, Billpay may use third-party tools to detect and prevent fraud. Data obtained with these tools may be stored encrypted by third parties so that it is only readable by Billpay. This data will only be used if you select the described payment method of the PayPal service "BillSAFE"; otherwise, the data expires automatically after 30 minutes.
Detailed information on this and the credit agencies used can be found in PayPal's privacy policy, available at: https://www.billsafe.de/privacy-policy/buyer.
You can revoke your consent to PayPal at any time. However, PayPal may still be entitled to process, use, and transmit your personal data if this is necessary for contractual payment processing, is legally required, or is ordered by a court or authority.
Amazon Pay
I've integrated Amazon Pay components into my website. Amazon Pay is an online payment service provider.
If you select the "Amazon Pay" payment method, payment processing will be carried out by the payment service provider Amazon Payments Europe sca, 5 Rue Plaetis, L-2338 Luxembourg (hereinafter: "Amazon Payments"), to whom I will forward the information you provided during the ordering process, along with information about your order, in accordance with Art. 6 (1) (b) of the EU GDPR. Your data will be forwarded exclusively for the purpose of payment processing with the payment service provider Amazon Payments and only to the extent necessary for this purpose.
With my partner Amazon Pay, I provide you with payment options. Cookies are used for this purpose. They enable Amazon Pay's systems to recognize your browser so that Amazon Pay can identify you as an Amazon Payments user when you return to the Amazon Pay website or the website of a third-party Amazon Pay provider that uses Amazon Pay services using the same computer and browser. A detailed list of cookies and an explanation of their purpose can be found at https://pay.amazon.com/de/help/201751600. What cookies are, how you can prevent them from being set, and the impact this could have on the use of my website have already been explained above.
When using Amazon Pay, you may be required to provide Amazon Payments with your email address or mobile phone number (or alias). An alias can also be used instead of a mobile phone number for the mobile payment service. When sending payments, your name, email address, or mobile phone number (or alias) may be disclosed to the payment recipient. After the transaction is completed, this information will appear in the transaction list of the user who received the payment. The mobile phone number and alias information will only be disclosed for payments made using the mobile payment service. The Amazon Pay "tag" feature allows users of a mobile-initiated transaction to view a reference note related to the transaction on the Amazon Pay website.
Amazon Pay will not share your financial information (such as full credit card details) with sellers or other recipients of payments you make (the "Recipient") without your prior consent. When you make a purchase using Amazon Pay services, Amazon Pay may provide certain other personal information necessary to complete the transaction (such as your name, email address, shipping address, and phone number) to the Recipient. This may also occur in the event of a dispute regarding the transaction or as part of a fraud investigation.
Amazon Pay engages banking institutions, as well as other companies and individuals, to perform functions on Amazon Pay's behalf and to carry out the transactions you request or authorize. Examples include sending letters and emails, analyzing data, providing marketing support, processing payment transactions, verifying identities, preventing fraud, and providing customer service. These service providers have access to personal data needed to perform their functions but are not permitted to use it for any other purpose. They must also process the personal data in accordance with the Amazon Pay Privacy Policy and in compliance with applicable data protection laws.
Amazon Pay occasionally sends offers to selected Amazon.de customer groups on behalf of other companies. When this happens, this company will not receive your name or address. If you do not wish to receive such offers, simply configure your user account accordingly at www.amazon.de.
As Amazon Pay's business continues to evolve, Amazon Pay may acquire or sell companies, subsidiaries, or divisions. In such transactions, user or other customer data will generally be one of the transferred assets, but will continue to be subject to the obligations set forth in any previously existing privacy policies (unless you consent otherwise). In the event that Amazon Pay, or substantially all of its assets, are acquired, user data will also be one of the transferred assets.
Amazon Pay will disclose accounts and personal information if Amazon Pay believes disclosure is appropriate or necessary to comply with the law, to enforce or apply the Amazon Pay User Agreement and other agreements entered into, or to protect the rights, property, or safety of Amazon Pay, its users, or third parties. You agree to release Amazon Pay from any confidentiality obligations incumbent upon Amazon Pay and consent to Amazon Pay sharing and disclosing personal information to the extent described above with any applicable financial authorities tasked with combating money laundering and terrorist financing. This includes, but is not limited to, sharing data with other companies and organizations for fraud protection and credit risk reduction, as well as sharing information with Amazon Pay’s attorneys, auditors, and other representatives. With respect to Amazon Pay, this expressly does not include selling, renting, sharing, or otherwise disclosing users’ personal information for commercial purposes in violation of the obligations set forth in this Privacy Policy.
In all cases other than those listed above, Amazon Pay will inform you when personal information about you is to be shared with third parties and you will be given the opportunity to decide whether this information is to be shared.
Whenever personal data is transferred to countries outside the European Economic Area as part of the data sharing process described above, Amazon Pay ensures that the data is transferred in compliance with the Amazon Pay Privacy Policy and applicable data protection laws.
You can find further information about Amazon Payments' privacy policy at the following internet address: https://pay.amazon.com/de/help/201751600
13. Use and application of Amazon Affiliate Program features
As a participant in the Amazon Partner Program, the controller has integrated Amazon components into this website. The Amazon components were designed by Amazon with the goal of bringing customers to various websites of the Amazon group, in particular Amazon.co.uk, Local.Amazon.co.uk, Amazon.de, BuyVIP.com, Amazon.fr, Amazon.it, and Amazon.es.BuyVIP.com, in return for payment of a commission. The controller may generate advertising revenue through the use of the Amazon components.
The operating company of these Amazon components is Amazon EU S.à.rl, 5 Rue Plaetis, L-2338 Luxembourg, Luxembourg.
Amazon sets a cookie on the information technology system of the data subject. What cookies are has already been explained above. With each visit to one of the individual pages of this website, which is operated by the controller and into which an Amazon component was integrated, the Internet browser on the information technology system of the data subject is automatically prompted by the respective Amazon component to transmit data to Amazon for the purpose of online advertising and the settlement of commissions. As part of this technical procedure, Amazon receives knowledge of personal data that Amazon uses to trace the origin of orders received by Amazon and subsequently enable commission settlement. Amazon can, among other things, understand that the data subject has clicked on an affiliate link on our website.
As already described above, the data subject can prevent the setting of cookies through our website at any time by means of a corresponding setting in the Internet browser used, thus permanently denying the setting of cookies. Such a setting of the Internet browser used would also prevent Amazon from placing a cookie on the information technology system of the data subject. Furthermore, cookies already set by Amazon can be deleted at any time via an Internet browser or other software programs.
Further information and Amazon's applicable privacy policy can be found at https://www.amazon.de/gp/help/customer/display.html?nodeId=3312401.
14. Deletion and blocking of personal data
Your personal data will be deleted as soon as it is no longer necessary for the purposes for which it was collected or otherwise processed. After this period, the data will be deleted unless storage is necessary to fulfill a legal obligation to which the processing is subject under Union or Member State law to which the controller, Sarah Fourcade, is subject, or to assert, exercise, or defend legal claims. A legal obligation is the statutory retention period, which is, for example, 10 years (for accounting data, including order and payment data, wage and salary statements) or 6 years (for commercial correspondence). The data will be blocked for the duration of the retention period; after this period, it will be deleted.
15. Rights of data subjects
You have the right:
Pursuant to Art. 7 (3) of the EU GDPR, you have the right to revoke your previously granted consent at any time. This means that I may no longer continue the data processing based on this consent in the future.
Pursuant to Art. 15 of the EU GDPR, you have the right to request information about your personal data processed by me. In particular, you can request information about the purposes of processing, the categories of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing, or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected from me, and the existence of automated decision-making, including profiling, and, where applicable, meaningful information about its details.
to request the immediate correction or completion of any inaccurate personal data stored by me in accordance with Art. 16 EU GDPR;
Pursuant to Art. 17 of the EU GDPR, you have the right to request the deletion of your personal data stored by me, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest, or to assert, exercise, or defend legal claims. You can therefore request the deletion of your data, provided the legal requirements for this are met. This may be the case, for example, if:
the data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
you withdraw your consent on which the data processing is based and there is no other legal basis for the processing;
You object to the processing of your data and there are no overriding legitimate grounds for the processing;
the data were processed unlawfully;
processing is not necessary