As of: September 11, 2025
The following information provides details about the nature, scope, and purposes of the processing of personal data when visiting Lady-Sas.com, as well as your rights as a data subject (Articles 13 and 14 of the GDPR).
1. Responsible body
Saskia Schmidt, c/o IP Management #6988,
Ludwig-Erhard-Straße 18, 20459 Hamburg
The above address is a complete and legally valid address within the meaning of Section 5 (1) No. 1 DDG. Postal items, deliveries from courts or authorities, and registered letters will be accepted there with legal effect and forwarded to the responsible party without delay.
Email: datenschutz@lady-sas.com
Editorially responsible (Section 18 (2) MStV):
Saskia Schmidt, address as above
Competent supervisory authority for data protection (Hamburg):
The Hamburg Commissioner for Data Protection and Freedom of Information, Ludwig-Erhard-Str. 22, 20459 Hamburg, email: mailbox@datenschutz.hamburg.de
2. Hosting and server log files
We host this website with Namecheap, Inc., 4600 East Washington Street, Suite 300, Phoenix, AZ 85034, USA. When you visit our website, server log files are automatically processed (IP address, date/time, URL accessed, referrer URL, HTTP status, user agent). Purpose: technical provision, stability, and IT security. Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in a secure and functional website).
Third country transfer: Namecheap is a provider based in the USA. Insofar as personal data is transferred to the USA, this is done on the basis of the Standard Contractual Clauses (SCC) agreed with Namecheap or Namecheap’s Data Processing Addendum. We also take technical and organizational measures.
3. Cookies, similar technologies & consent
We use cookies and similar technologies. Non-essential services (e.g., statistics/convenience) are only activated after you have given your consent. Legal basis: § 25 TDDDG (access/storage on end devices) in conjunction with Art. 6 (1) (a) GDPR (consent); We base necessary cookies on Art. 6 (1) (f) GDPR (legitimate interest). You can revoke your consent at any time in the cookie settings.
We provide a list of the cookies/tools used (purpose, provider, duration) in the cookie settings.
4. Services used
4.1 Google Analytics 4 (statistics)
We use Google Analytics 4 (“GA4”) to measure reach, integrated via Google Tag Manager where applicable. According to Google, GA4 does not store IP addresses of EU users; IP data is discarded via EU domains/servers before logging. Use only with consent. Legal basis: Section 25 TDDDG, Art. 6 (1) (a) GDPR. Recipient: Google LLC. Transfers to the US are subject to Google’s EU-US Data Privacy Framework (DPF). Revocation at any time in the cookie settings.
Notes: You can configure additional data protection features (e.g., signals/region settings) in GA4.
4.2 YouTube integrations
We embed videos from YouTube on individual pages, preferably via the nocookie domain. Depending on consent and interaction, usage data may be transferred to Google/YouTube. Use only with consent. Legal basis: Section 25 TDDDG, Art. 6 (1) (a) GDPR. Recipient: Google LLC (USA, DPF). Revocation at any time in the cookie settings.
4.3 Google reCAPTCHA (spam/abuse protection)
We use Google reCAPTCHA to protect forms. The service analyzes interactions (e.g., mouse movements) to detect bots; technical data (e.g., IP address, browser information) is processed in the process. Use only with consent. Legal basis: Section 25 TDDDG, Art. 6 (1) (a) GDPR. Recipient: Google LLC (USA, DPF). Revocation via cookie settings.
4.4 Google Fonts (local)
Fonts are hosted locally; there is no retrieval from Google servers.
5. Newsletter (EmailOctopus)
If you subscribe to our newsletter, we process your email address (and any voluntary information) for shipping purposes. We use the service provider EmailOctopus (Three Hearts Digital Ltd, 86-90 Paul St, London EC2A 4NE, United Kingdom) as a processor. The newsletter is sent using the double opt-in procedure; you can revoke your consent at any time (unsubscribe link in every email). Legal basis: Art. 6 para. 1 lit. a GDPR. The United Kingdom has an adequacy decision from the EU (data transfers are permitted).
If statistical performance measurement (opens/clicks) is carried out, this is also done on the basis of your consent; you can object to this at any time.
6. Contact & forms
When you contact us by email or form, we process your information to handle your request. Legal basis: Art. 6 (1) (b) GDPR (pre-contractual communication) or Art. 6 (1) (f) GDPR (general communication). Emails can be sent and received via Namecheap and Gmail services (order processing; for Google: transfers to the US under DPF).
7. Comments
If you leave comments, the data you enter (e.g., name/pseudonym, comment text, email if provided) will be processed and published in the post. We do not store IP addresses. Legal basis: Art. 6 para. 1 lit. a GDPR (your consent by submitting), supplemented by Art. 6 para. 1 lit. f GDPR (prevention of misuse, community moderation).
The IP address is not stored permanently; any short-term technical storage (e.g., by security/firewall systems) is used exclusively for the prevention of misuse in accordance with Art. 6 (1) f GDPR and is automatically deleted.
8. Storage period
We only store personal data for as long as is necessary for the respective purposes or as long as there are legal storage obligations. According to your information, contact requests, newsletter data, and comments are generally stored until the purpose no longer applies or you request deletion, provided that there are no legal storage obligations to the contrary. You can object to the storage or request deletion, provided that there are no legal obligations to the contrary.
9. Recipients & data transfers to third countries
- Processors: Namecheap (hosting/email), EmailOctopus (newsletter), Google (GA4, YouTube, reCAPTCHA, Gmail) if applicable.
- US transfers: For Google services, we base transfers on the EU-US Data Privacy Framework (DPF). For Namecheap, we use SCC within the framework of the DPA. For the United Kingdom, there is an adequacy decision.
10. Your rights
- Information (Art. 15 GDPR), correction (Art. 16), deletion (Art. 17), restriction (Art. 18), data portability (Art. 20), objection (Art. 21)
- Withdrawal of consent with effect for the future
- Right to lodge a complaint with a data protection supervisory authority, e.g. in Hamburg: mailbox@datenschutz.hamburg.de
11. Security and technical age verification
We take appropriate technical and organizational measures to protect your data. The content of this website is intended for persons aged 18 and over; an age verification prompt is displayed. Our website is marked as “18+” via the files age.xml and age-de.xml.
In addition, we use the international version of the age rating so that youth protection programs worldwide can recognize it uniformly.
These measures enable recognized youth protection programs to classify our content correctly and restrict access for minors.
Youth protection contact
If you have any questions about youth protection, age labeling (age.xml/age-de.xml), or blocking access for minors, please contact: Saskia Schmidt, email: jugendschutz@lady-sas.com.
12. Technical security
- SSL encryption: yes
- Regular updates: yes
- Security plugins active: yes
- Regular backups: yes
- GDPR-compliant newsletter tool (double opt-in, no hidden catches): yes
SSL/HTTPS active on all pages: yes
13. Affiliate links, advertising, images
- There are no affiliate links on the site, so the links are not marked as affiliate links. Links to Amazon lead exclusively to our own publications (books). These are recognizable as advertising.
- There are no advertisements/sponsored posts on the site. We kindly ask you to refrain from making any inquiries in this regard.
- Some editorial images are from Shutterstock, and the licenses have been purchased. The images in the interviews were provided by the respective interview partner.