Privacy Policy 

of Your Family Entertainment AG, Nordendstr. 64, 80801 Munich, Germany

Version May 24, 2018

Your Family Entertainment AG (hereafter: “YFE” or “we”) takes the protection of your personal data seriously. With this privacy policy we would like to inform you in detail about, for what purpose and which data we collect, process and use when you contacting us in the context of (pre) contractual negotiations, as a user of our websites, as a user of our applications or through other interactions with us.

The processing of your personal data takes place in accordance with the provisions of the European General Data Protection Regulation (hereinafter: GDPR) and the German Federal Data Protection Act (hereinafter: FDPA) and the German Telemedia Act (hereinafter: GTA).

This privacy policy applies to all interactions you have with YFE, unless otherwise required by applicable law.

If you, as a representative of a company, contact YFE, please pass on this information to the current and future authorized representatives and beneficial owners of your company as well as to any co-obligors. These include e.g. board, management, authorized officer or project managers.

1. Who is responsible for your data?

Responsible for the lawful collection, processing and use of your data according to

Art. 30 (1) DS-GVO is

Your Family Entertainment AG

Managing board: Dr. Stefan Piech

Registration court AG Munich, Registration number.: HRB 164992

Nordenstr. 64

80801 Munich

Telephone: 0049 (0) 89-997271-0

Telefax: : 0049 (0) 89 997271-91


(responsible position)

Contact of our data protection officer according to Art. 30 (1) a) DS-GVO is



Leopoldstr. 21

80802 München

2. Which data do you need to provide and which data sources do we use and process?

To use the website (hereinafter: the website), generally no personal data are required.

a) Cookies and general data

Our website uses cookies. Cookies are text files that are stored on a computer system via an Internet browser.

You can prevent the setting of cookies by our websites at any time by adjusting the settings on the used Internet browser and thus permanently contradict the setting of cookies.

By using cookies, we can provide you with more user-friendly services that would not be possible without the cookie setting.

By means of a cookie the information and offers on our website can be optimized in the sense of the user. Cookies enable us to recognize you as a user of our website. The purpose of this recognition is that e.g. you do not need to enter access data every time you visit the website because this is taken over by the website and the cookie stored on the user’s computer system.

When you visit our website, the following cookies are used:

1. So-called temporary cookies, which serve to optimize our website. These cookies do not contain any personal data and expire after the end of the session;

2. So-called long-term cookies, which remain on your computer and recognize him at the next visit. This allows us to give you better access to our site. These cookies also contain no personal information.

Furthermore, already set cookies can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If the concerned person deactivates the setting of cookies in the used Internet browser, not all functions of our website may be fully usable.

Our website collects a series of general data and information with each visit to the website by you. This general data and information is stored in the log files of the server.

The following data can be collected: the (1) used browser types and versions, (2) the operating system used by the accessing system, (3) the internet page from which an accessing system accesses our website (so-called referrers), (4) the sub-web pages which can be accessed via (5) the date and time of access to the website, (6) an Internet Protocol address (IP address), (7) the Internet service provider of the accessing system and (8) other similar data and information used in the event of attacks on our information technology systems.

When using this general data and information, we draw no conclusions about you. Rather, this information is required to (1) correctly deliver the contents of our website, (2) to optimize the content of our website and to advertise it, (3) to ensure the continued functioning of our information technology systems and the technology of our website, and (4) to provide law enforcement authorities with the necessary information for law enforcement in the event of a cyber attack. This anonymously collected data and information is statistically and further evaluated with the aim of increasing the privacy and data security of our company in order to ultimately ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by an affected person.

b) Personal Data

The use of certain services or products provided by YFE requires in individual cases the provision of personal data requested there.

You can refuse this at any time.

However, if you choose not to provide any data that is necessary for the provision of the services or products, or for the purpose of entering into a business relationship and performing the related contractual obligations, we will be required to do so as a rule, they must be unable to provide the services or products, or they must be able to refuse to conclude or execute new contracts, or they must be unable to conclude an existing contract and may have to terminate it.

If you want to enter to or continue a business relationship with us, you must provide YFE with the necessary personal data. This also applies in particular, if you want to use any services or products of YFE or require any information from us, for whose use or decryption we should send you an individualized access code.

These collected data regularly include the following information:

Your first and last name, your e-mail address, your postal address (also professional), your telephone numbers (also professional and mobile).

In individual cases, the collection of further data may be required. In individual cases, appropriate notice is given.

E-mail addresses and other personal information, provided in the context of inquiries, which you send to us, are used solely for the purpose of processing these requests and for the purpose for which they are sent to us.

In addition to these data provided by you, we process data that we have received from third parties (such as Creditreform) for legitimate purposes (such as to fulfill contracts or on the basis of your consent).

To the offer of some of our services, we offer links to third parties through our website and allow them to place content on our sites. Setting external links does not mean that YFE owns the content behind the link. These third parties may, if you link to them, also place cookies on your computer and collect information about your online activity on websites or online services.

This currently includes i.a. the following company:

EQS Group AG, Munich, Germany (

For more information on each company’s practices, including the offered options, click on the company’s name above. Our privacy policy does not extend to third party websites. In addition, we have no influence on the further processing of your data by these third party providers.

3. For what purpose and on what legal basis do we process your data?

The aforementioned personal data are collected by us in accordance with the provisions of the GDPR, the FDPA and the TKG.

3.1. Processing for the fulfilment of contractual obligations (Article 6 (1) (b) GDPR)

The processing of personal data takes place for the purpose of the inclusion of pre-contractual business relationships initiated by you or for the performance of existing contracts between you and us.

The purpose of the data processing is primarily based on your product interests and may include, but is not limited to, needs analysis, consulting, execution of service, works delivery or purchase contracts. This also includes your previous shopping behaviour to offer you, on this base, optimised offers.

3.2 Processing in the context of weighing interests (Article 6 (1) (f) GDPR)

If necessary, we process your data in addition to the actual fulfilment of your request or the contract for the protection of legitimate interests of us or third parties.

– Review and optimization of procedures for analysis of needs and direct customer approach; including customer segmentation and calculation of contract probabilities

– Advertising or market- and opinion research, as long as you have not objected to the use of your data

– Assert legal claims and defence in legal disputes

– Ensure our IT security and IT operations

– Prevention and investigation of criminal offences

– Video surveillance in our premises for the protection of the domestic authority, the collection of evidence in industrial espionage or for proof of proper and professional contract performance by us

– Measures for building- and plant safety (e.g. access control)

– Measures to ensure domestic authority

– Measures for business control and further development of our products and services.

3.3 Data processing based on your consent (Article 6 (1) a GDPR)

Insofar as you have given us consent to the processing of personal data for specific purposes (e.g. the commencement or continuation of a business relationship, inclusion in newsletters, invitations to in-house exhibitions, etc.), the legality of such processing is based on your consent.

With your consent, you authorise us to use your data in accordance with this privacy policy for the duration of the business relationship or the legally binding storage and documentation obligations. Any given consent may be revoked at any time.

This also applies to the revocation of declarations of consent that were given to us before the validity of the EU General Data Protection Regulation, so before 25 May 2018. Please note that the revocation only works for the future. Processing that occurred before the revocation are not affected. You can request a status overview of the consents you have given us, at any time.

3.4. Data processing due to legal requirements (Article 6 paragraph 1 c GDPR) or in the public interest (Article 6 paragraph 1 e GDPR)

As a company operating worldwide there are various legal obligations, i.e. legal requirements (e.g. customs- or export law). The purposes of the processing including among others, creditworthiness assessment, identity verification, prevention of fraud and money laundering, the fulfilment of tax control and reporting obligations as well as the assessment and management of risks in society and in alliance, including export controls.

4. Who gets insight into your data through us?

Through us, those entities gain access to your data, which they need to fulfil our (pre-) contractual and legal obligations. Service providers and vicarious agents employed by us in accordance with Art. 28 GDPR (processor) may receive data from us for this purpose, if the vicarious agents comply with our written data protection directives or comparable data protection obligations and provide evidence that the processing of the data complies with GDPR, the FDPA and accordingly the equivalent legal data protection level in Europe.

If there is a legal or regulatory obligation, the transfer of the aforementioned information to public authorities and institutions will continue.

Other data recipients may also be those for whom you have given us their consent to the data transmission or for which they have exempted us from a duty of confidentiality or consent.

If further transmission in third countries should be required in exceptional cases, these shall only be carried out in accordance with the admissibility provisions in accordance with §§ 4b and 4c FDPA.

5. How long do we save your data?

Regularly starting with you contacting us, as defined above, we store, as far as necessary, your personal data for the duration of the business relationship, where there are regular deliveries or consultations by us, until the conclusion of this.

Furthermore, we are subjecting to various legal storage and documentation requirements. These arise exemplarily of civil law regulations, insurance regulations, the Commercial Code, the Civil Code, the prevention of Money Laundering Act and other relevant provisions which we can explain in detail on a case-by-case basis.

Corresponding statutory storage and documentation obligations are regularly between 2 and 10 years.

In addition, we only store personal data, if this is necessary in connection with claims asserted against us (statutory limitation period according to §§ 195 BGB up to 30 years).

Basically, your personal data will be deleted or anonymised as soon as they are no longer required for the purposes mentioned above, and we are not obliged to further storage on the basis of statutory proof and retention requirements. Deletion also takes place upon assertion of your cancellation claim in accordance with clause 6 below.

6. Which information- and cancellation claim do you have?

With regard to the processing of your personal data, you may request information about your personal data pursuant to Art. 15 GDPR, the correction of your personal data, pursuant to Art. 16 GDPR, the requires deletion of your personal data, pursuant to Art. 17 GDPR, the require restriction of the processing of your personal data in accordance with Art. 18 GDPR and require the transfer of certain personal data to you or a third party designated by them (right to data portability), pursuant to Art. 20 GDPR. Concerning to the right of information and cancellation, apply the restrictions according to §§ 34 and 35 FDPA.

You can assert these rights at any time free of charge to the responsible person or to our data protection officer. Any affected person can contact our data protection officer at any time with any questions or suggestions regarding data protection.

At the same time, according to Art. 77 GDPR in conjunction with § 19 FDPA you have a right to appeal to the data protection supervisory authority of either the (federal) country in which you have your residence or habitual residence or the federal state of Bavaria, where we have our headquarter, the

Bayerische Landesbeauftragten für den Datenschutz

Wagmüllerstr. 18

80538 Munich

Tel. 089-212672-0


and the Bayrische Landesamt für Datenschutzaufsicht

Promenadenstr. 27

91522 Ansbach

Tel. 098153-1300

7. No automated decision-making

In principle, we do not use automated decision-making according to Art. 22 GDPR to establish or conduct business relationships. In the unlikely event of a deviation from this procedure, insofar as this is legally required, you will be separately informed by us.

8. Right of objection according to Art. 21 GDPR

On the basis of reasons arising from your particular situation, you have the right to object at any time against the processing of personal data concerning you, which are collected pursuant to Art. 6 (1) GDPR and Art. 6 (1S) GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that have transferred their interests, rights and freedoms, or the processing is for the purposes of asserting, exercising or defending legal claims.

In individual cases, we process your personal data in order to operate direct mail (for example: newsletter or invitation to trade fairs). You have the right to object at any time to the processing of personal data concerning you for the purposes of such direct mail.

The objection can be asserted at any time free of charge to the company data protection officer or the responsible person.

9. Changes to the privacy policy

We reserve the right to change this privacy policy at any time in accordance with applicable privacy policies. We will notify you of any significant changes to the privacy policy by making a well-publicized announcement on our website.