Privacy policy

Privacy Policy of Boutiqua Portuguesa - Inh. Marc Alexander Marques Rodrigues

Thank you for your interest in our company. We take data protection seriously.

You can use our website without providing any personal data. If a data subject wants to use services of our enterprise via our website, processing of personal data could become necessary. If the processing of personal data is necessary and if there is no legal basis for such processing, we will always obtain the consent of the data subject.

The processing of personal data (e.g. name, address, e-mail address or telephone number of a data subject) shall only take place if the data subject has given his or her consent. Name, address, e-mail address or telephone number of a data subject) shall always be in line with the General Data Protection Regulation (DSGVO) and in accordance with the country-specific data protection regulations applicable to us.

With the following data protection declaration, we would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Likewise, this data protection declaration informs data subjects of the rights to which they are entitled.

As the controller, we have implemented numerous technical and organisational measures in order to ensure the most complete protection possible for the personal data processed via our website. However, data transmissions via the Internet can always contain security vulnerabilities. Therefore, 100% protection cannot be guaranteed. Therefore, every data subject can of course also alternatively transmit personal data to us, e.g. by telephone.

    1. Definitions

      This privacy statement is based on the definitions used by the European Directive and Regulation Maker when adopting the GDPR (Article 4 GDPR). This data protection declaration should be both easy to read and easy to understand for any person. To ensure this, we would first like to explain the terms used. In this data protection declaration, these definitions, among others, are used:

      • "personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
      • "data subject" means any identified or identifiable natural person whose personal data are processed by the controller.
      • "processing" means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
      • "Restriction of processing" the marking of stored personal data with the aim of restricting their future processing;
      • "Profiling" any form of automated processing of personal data which consists in using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or change of location;
      • "controller" means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for by Union or Member State law;
      • "recipient" means a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data in the context of a specific investigation mandate under Union or Member State law shall not be considered as recipients and the processing of such data by those authorities shall be carried out in accordance with the applicable data protection rules, in accordance with the purposes of the processing;
      • "Third Party" means any natural or legal person, public authority, agency or other body, other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or processor, are authorised to process the personal data;
      • "consent" of the data subject means any freely given specific, informed and unambiguous indication of his or her wishes in the form of a statement or other unambiguous affirmative act by which the data subject signifies his or her agreement to personal data relating to him or her being processed.
        2. Name and contact details of the controller

          This privacy notice applies to data processing by:

          Controller: Marc Alexander Marques Rodrigues, e-mail:, phone: +49 (0)152 254 688 39

            3. Collection and storage of personal data and type and purpose of their use
              a) When visiting the website

                You can generally use our website without disclosing your identity. When you call up our website, information is automatically sent to our website server by the browser used on your end device. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automatic deletion:

                • IP address of the requesting computer,
                • date and time of access,
                • name and URL of the accessed file,
                • website from which the access is made (referrer URL),
                • browser used and, if applicable, the operating system of your computer as well as the name of your computer. the operating system of your computer and the name of your access provider.

                The aforementioned data are processed by us for the following purposes:

                • To ensure a smooth connection setup of the website,
                • To ensure a comfortable use of our website,
                • Evaluation of system security and stability as well as
                • for further administrative purposes.

                The legal basis for the data processing is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest follows from the purposes for data collection listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person.

                In addition, we use cookies and analysis services when you visit my website. You can find more detailed explanations on this under sections 5 and 7 of this data protection declaration.

                  b) When using our contact form

                    For questions of any kind, we offer you the possibility to contact us via a form provided on our website. In doing so, it is necessary to provide a valid e-mail address so that we know who the enquiry is from and so that we can answer it. Further information can be provided voluntarily. It is your free decision whether you wish to enter this data within the framework of the contact form.

                    The data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO on the basis of your voluntarily given consent.

                    The personal data collected by us for the use of the contact form are automatically deleted after the request you have made has been dealt with.

                      c) When ordering via our website

                        You can either place orders via our website as a guest without registering or register in our shop as a customer for future orders. The advantage of registering is that you can log in directly to our shop with your e-mail address and password in the event of a future order without having to enter your contact details again.

                        Your personal data is entered in an input mask and transmitted to us and stored. If you place an order via our website, we first collect the following data, both in the case of a guest order and in the case of registration in the shop:

                        • First name, last name,
                        • A valid e-mail address,
                        • Address,
                        • Phone number (landline and/or mobile)

                        This data is collected,

                        • in order to identify you as our customer;
                        • to process, fulfil and handle your order;
                        • to correspond with you;
                        • to invoice you;
                        • to handle any liability claims that may arise, as well as to pay any money owed to us.
                        • for the processing of any liability claims, as well as the assertion of any claims against you;
                        • to ensure the technical administration of our website;
                        • to manage our customer data.

                        As part of the ordering process, consent is obtained from you to process this data.

                        The data processing is carried out in response to your order and/or registration and is necessary for the aforementioned purposes in accordance with Art. 6 para. 1 p. 1 lit. b DSGVO for the appropriate processing of your order and for the mutual fulfilment of obligations arising from the purchase contract.

                        The personal data collected by us for the processing of your order will be stored until the expiry of the legal obligation to keep records and will then be deleted, unless we are required to do so in accordance with Article 6 para. 1 S. 1 lit. c DSGVO we are obliged to store the data for a longer period of time due to tax and commercial law retention and documentation obligations (from HGB, StGB or AO) or you have consented to a storage beyond this according to Art. 6 Abs. 1 S. 1 lit. a DSGVO.

                          d) Facebook Pixel

                          This website uses the visitor action pixel from Facebook to measure conversions. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.

                          This allows the behaviour of page visitors to be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of the Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimised.

                          The data collected is anonymous for us as the operator of this website, we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook data usage policy. This enables Facebook to serve advertisements on Facebook pages as well as outside of Facebook. This use of the data cannot be influenced by us as site operator.

                          The use of Facebook Pixel is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in effective advertising measures including social media.

                          If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.

                          The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:

                          To the extent that personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO).

                          The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the forwarding is not part of the joint responsibility. Our joint obligations have been set out in a joint processing agreement. The text of the agreement can be found at:

                          According to this agreement, we are responsible for providing the data protection information when using the Facebook tool and for the data protection-secure implementation of the tool on our website. Facebook is responsible for the data security of the Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert data subject rights with us, we are obliged to forward them to Facebook.

                          In Facebook's privacy notices, you can find further information on protecting your privacy:

                          You can also disable the Custom Audiences remarketing feature in the Settings for

                          Advertising section at To do this, you must be logged into Facebook.

                          If you do not have a Facebook account, you can disable usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website: 

                            4. Transfer of data

                              We only transfer your personal data to third parties to the service partners involved in the processing of the contract, such as the logistics company commissioned with the delivery and the credit institution commissioned with payment matters. In cases where your personal data is passed on to third parties, however, the scope of the data transferred is limited to the minimum required.

                              When you pay via PayPal, credit card via PayPal, direct debit via PayPal or "purchase on account" via PayPal, we pass on your payment data to PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal") as part of the payment processing. PayPal reserves the right to conduct a credit check for the payment methods credit card via PayPal, direct debit via PayPal or "purchase on account" via PayPal. PayPal uses the result of the credit check with regard to the statistical probability of non-payment for the purpose of deciding whether to provide the respective payment method. The credit report may contain probability values (so-called score values). Insofar as score values are included in the result of the credit report, they have their basis in a scientifically recognised mathematical-statistical procedure. Among other things, address data is included in the calculation of the score values. Further information on data protection can be found in the PayPal data protection principles:

                              We also only pass on your personal data to third parties if:

                              • you have given your express consent to do so in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO,
                              • the disclosure in accordance with Art. 6 para. 1 p. 1 lit. f DSGVO is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
                              • in the event that the disclosure is necessary pursuant to Art. 6 para. 1 p. 1 lit. c DSGVO a legal obligation exists, as well as
                              • this is legally permissible and necessary according to Art. 6 para. 1 p. 1 lit. b DSGVO for the processing of contractual relationships with you.

                              As part of the ordering process, consent is obtained from you for the transfer of your data to third parties.

                              Note on data transfer to the USA

                              Our website includes tools from companies based in the USA. If these tools are active, your personal data may be passed on to the US servers of the respective companies. We would like to point out that the USA is not a safe third country in the sense of EU data protection law. US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this.

                              It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence over these processing activities.

                                5 Use of cookies

                                  We use cookies on our site. These are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone or similar) when you visit our website. Cookies do not cause any damage to your end device and do not contain any viruses, Trojans or other malware.

                                  In the cookie, information is stored that arises in each case in connection with the specific end device used. However, this does not mean that we gain direct knowledge of your identity.

                                  On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. We use so-called session cookies to recognise that you have already visited individual pages of our website. These are automatically deleted after you leave our site.

                                  In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your end device for a certain fixed period of time. If you visit our site again to make use of our services, it is automatically recognised that you have already been with us and which entries and settings you have made so that you do not have to enter them again.

                                  On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you (see section 7). These cookies enable us to automatically recognise that you have already been to our website when you visit it again. These cookies are automatically deleted after a defined period of time.

                                  The data processed by cookies are necessary for the aforementioned purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 para. 1 p. 1 lit. f DSGVO.

                                  6. Cookie consent with beeclever

                                  Our website uses the cookie consent technology of beeclever to obtain your consent to the storage of certain cookies on your end device and to document this in a data protection compliant manner. The provider of this technology is beeclever, Universitätsstraße 3, 56070 Koblenz, Germany (hereinafter "beeclever").

                                  When you enter our website, a connection is established to beeclever's servers in order to obtain your consent and other declarations regarding cookie use. Subsequently, beeclever stores a cookie in your browser in order to be able to allocate the consents granted to you or their revocation. The data collected in this way is stored until you request us to delete it, delete the beeclever cookie yourself or until the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected.

                                  The use of beeclever takes place in order to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 p. 1 lit. c DSGVO.

                                  The privacy policy of beeclever can be found at:

                                    7. Links to third-party websites

                                      The links published on our website are researched and compiled by us with the greatest possible care. However, we have no influence on the current and future design and content of the linked pages. We are not responsible for the content of the linked pages and expressly do not adopt the content of these pages as our own. The provider of the linked website is solely liable for illegal, incorrect or incomplete content as well as for damages resulting from the use or non-use of the information. The liability of the person who merely refers to the publication by means of a link is excluded. We are only responsible for external references if we have positive knowledge of them, i.e. also of possible illegal or punishable content, and if it is technically possible and reasonable for us to prevent their use.

                                        8. Analysis and tracking tools

                                          The tracking measures we use are carried out on the basis of Art. 6 para. 1 p. 1 lit. f DSGVO. With the analysis methods used, we want to ensure a needs-based design and the ongoing optimisation of our website. On the other hand, we use the analysis methods to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.

                                            9. Data subject rights

                                              You have the right:

                                              • in accordance with Art. 15 DSGVO to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data, insofar as they have not been collected from me, as well as about the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;
                                              • in accordance with Art. 16 DSGVO to demand the correction of inaccurate or incomplete personal data stored by us without delay;
                                              • in accordance with Art. 17 DSGVO to demand the deletion of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
                                              • in accordance with Art. 18 DSGVO to restrict the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it to assert, exercise or defend legal claims, or you object to the processing of your personal data in accordance with Art.
                                              • In accordance with Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another responsible party;
                                              • In accordance with Art. 7 (3) DSGVO, to revoke your consent given to us at any time. This means that we may no longer continue the data processing based on this consent in the future and
                                              • in accordance with Art. 77 DSGVO to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office for this purpose.
                                                10. Right of objection

                                                  If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, insofar as there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which will be implemented by us without specifying a particular situation.

                                                  If you wish to exercise your right of withdrawal or objection, an email to:

                                                    11. Data security

                                                      We use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser when visiting the website. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can see whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

                                                      We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

                                                        12. Up-to-dateness and amendment of this data protection declaration

                                                          This data protection declaration is currently valid and was updated in February 2021.

                                                          Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to amend this data protection declaration. The current data protection declaration can be accessed at any time on our website under the following link and printed out:



                                                          Source: Sample data protection declaration prepared by lawyer Andreas Gerstel (