Privacy Policy

Protecting your personal data is our top priority, which is why we only use your data in strict compliance with applicable data protection principles. From May 25, 2018, the provisions of the EU General Data Protection Regulation (hereinafter referred to as GDPR) will apply throughout Europe. We would like to inform you in detail about how Steamplus processes personal data in accordance with the new Regulation (see Article 13 et seq. of the GDPR). Please read our Privacy Policy carefully. If you have any questions or comments about our Privacy Policy, you can contact us at any time at the email address below.

  1. Overview

The following data protection provisions inform you about the type and scope of the processing of personal data by steamplus, owned by MG DIGITAL GROUP LLC, 120 Madeira Drive Northeast STE 220, Albuquerque, NM 87108, UNITED STATES, registered in ALBUQUERQUE, NEW Mexico, under EIN number: 35-2719181

(hereinafter “ steamplus”, “we”, “us” or “our”). Personal data is information that can directly or indirectly identify you. Your use of our applications, products, services, technologies or features and all related pages, applications and services (collectively referred to as the “Offer”) is subject to this Privacy Policy.

By registering for a new account and/or by providing an appropriate explanation to existing customers, you confirm your agreement to this Privacy Policy and expressly consent to the processing, use and disclosure of your personal data as described herein.

Data processing by Steamplus can be divided into two categories :

All the data necessary for the execution of a contract with Steamplus data will be processed for the purpose of fulfilling and/or preparing the contract. If external service providers are also involved in processing the contract, such as payment service providers, optimization services, hosting providers, etc., your data will be transmitted to them to the extent required.

  • When you use our service , various pieces of information are exchanged between your device and our server or the server of the services we use. This may also include personal data. The information collected is used, among other things, to further optimize our service.

In accordance with the GDPR, you have various rights that you can exercise with us. This includes the right to withdraw your consent at any time regarding the processing of selected data, in particular the processing of data for advertising purposes. The option to withdraw your consent is always clearly indicated. You will find further information about your rights below in an additional paragraph and in the individual descriptions of the respective data processing activities.

Our offer is only available to individuals aged 16 and over. If you are under this minimum age, you may only use our offers if and to the extent that your parents have expressly consented and you have provided us with sufficient proof of such consent.

If you have any questions regarding our Privacy Policy, you can contact us at any time: hello@ steamplus.fr.

  1. Name and contact details of the data controller and the data protection officer of the company

This Privacy Policy applies to the processing of data by the Company, as controller under the GDPR for the following offers: www. steamplus.fr . The company has been designated as the responsible party within the EU in accordance with Articles 3 Paragraph 2 and 27 Paragraph 1, 3 of the GDPR.

  1. Purposes of data processing, legal bases and legitimate interests pursued by us or by a third party and categories of recipients.

3.1. USE OF OUR OFFER

When you use our service, in particular our website or application, information is automatically sent to our servers by the application or browser used on your device and temporarily stored in a log file. The following information is recorded without your intervention and stored in the log file until it is automatically or manually deleted:

  • the IP address of the device used,
  • the date and time of access,
  • the name and URL of the file accessed, the website/application from which access occurred (referrer URL),
  • the unique identifier of the browser you are using,
  • the name of your Internet service provider.

The processing of the aforementioned data is carried out in accordance with Article 6, paragraph 1, point f) of the GDPR. Our legitimate interest arises from the purposes of data collection listed below. At this stage, we would like to emphasize that the data collected does not allow us to personally identify you or to draw any inferences about you. We use your device's IP address and the other data listed above for the following purposes:

  • to ensure the correct establishment of a connection,
  • to ensure comfortable use of our offer,
  • assess the security and stability of the system and,
  • to perform other administrative tasks.

The data is stored in accordance with the legally mandated retention periods and is then automatically deleted. Furthermore, as part of our service, we use cookies, tracking tools, targeting procedures, and interfaces to other services, such as social media platforms, payment services, or app store providers. The exact procedures and how your data is used for these purposes are explained in more detail in Section 4 below.

3.2. CONCLUSION, PERFORMANCE OR TERMINATION OF A CONTRACT

Data processing during the conclusion of the contract

We define our services as a personalized health tracking technology: our technology provides a range of information about your health and well-being based on your metrics and data.

In this context, we process the data necessary for the conclusion, performance, or termination of a contract . This data includes, in particular:

  • the email address,
  • the first name and last name, if applicable,
  • billing and payment data,
  • the data entered by you and generated by the use of our Offer, such as gender, age and height, weight, etc.

The legal basis used is Article 6, paragraph 1, points a and b) of the GDPR and Article 9, paragraph 2, point a) of the GDPR. Insofar as we do not use your contact details for customer support (see section 3.3 for details), we retain the data collected for contract processing until the end of said contract or until the expiry of any contractual and warranty rights. After the expiry of this period, we will retain the personal data required by law for the prescribed statutory period. During this period (generally six to ten years from the conclusion of the contract), the data will only be reprocessed in the event of an audit by the tax authorities.

3.3. DATA PROCESSING FOR CUSTOMER SUPPORT OR CUSTOMER SERVICE

3.3.1. For informational purposes

Since you have registered for our Offer, we will guide you as an existing customer. In this case, we process your contact details in order to send you information, for example, about new, expanded, or improved features, products, and services.

3.3.2. TARGETED ADVERTISING

To ensure you only receive information that is relevant to you, we categorize and supplement your customer profile with additional information. We use statistical data as well as information about you (for example, reference data or basic data from your customer profile). The goal is to optimize our offerings based on your actual or perceived personal interests and/or needs, and to provide you with appropriate recommendations so you don't get bombarded with irrelevant promotions.

The legal basis for the aforementioned processing is Article 6(1)(b) and (f) of the GDPR, as well as Article 9(2)(a) of the GDPR. The processing of existing customer data for advertising purposes is considered a legitimate interest recognized in accordance with Recital 47 of the GDPR.

3.3.3. Customer Support

Gorgias

We use the Gorgias ticketing system, 768 Harrison St, San Francisco, CA 94107, USA (“Gorgias”), to process service, support, and other user requests based on Article 6, paragraph 1, point b) of the GDPR. If you submit a support request through one of our channels (e.g., our contact form, live chat, email, etc.), the following data (depending on the content and the selected contact channel) will be processed via Gorgias' servers:

  • the data you entered,
  • your name,
  • Your email address,
  • Information about your browser,
  • your IP address.

You can find more information about data processing by Gorgias in the Gorgias privacy policy available at: https://www.gorgias.io/privacy/gdpr . For any questions, you can also contact Gorgias' data protection officers directly at the following address: support@gorgias.io .

3.3.4. Sending the Newsletter

We offer interested customers the opportunity to subscribe to our newsletter . To ensure that the email address entered is indeed associated with the interested customer, we use a double opt-in procedure: once you have entered your email address in the registration field, we will send you a confirmation link. Only when you click on this confirmation link will your email address be added to our mailing list. We retain the data collected during this process solely for documentation and verification purposes. This data includes, in particular:

  • the email address provided,
  • the IP address of the device used,
  • the date and time of the recording,
  • the way of addressing someone,
  • the date, content and time of the confirmation email,
  • the IP address of the device used for confirmation,
  • and the date and time of your confirmation.

The legal basis for this processing is Article 6, paragraph 1, point a) of the GDPR. We retain this data until the end of the contractual relationship, as this allows us to demonstrate the legality of sending the newsletter. After this period, we will retain the personal data required by law for the legally prescribed period. During this period (generally ten years from the conclusion of the contract), the data will only be processed again in the event of an audit by the tax authorities. You can withdraw your consent at any time with effect for the future. To do so, simply click the unsubscribe button in the relevant email or send a brief notification by email. Please use the contact information for our data protection officer.

3.3.5. Right to contest

You may withdraw your consent to the processing of your data for the aforementioned purposes at any time, free of charge, separately for the respective communication channel and with effect for the future. Simply send an email or a letter to the contact details provided in point 1.

In the event of a dispute, we will block the contact address in question from further processing of promotional data. We will process your dispute as quickly as possible and implement the corresponding blocking measures immediately after verification. Please note that, in exceptional cases, product information or recommendations may still be sent even after we receive your dispute. This is done solely for technical reasons and does not mean that we will not process your dispute. Thank you for your understanding.

  1. Data processing for the provision of our services

In the following, we wish to inform you regarding the processing of data necessary for the provision of our Offer:

4.1. ONLINE PRESENCE AND WEBSITE OPTIMIZATION

We do not sell or rent your data to third parties for marketing purposes without your explicit consent. In order to offer our customers the best possible product, to improve the quality of our offering from time to time, and to protect our customers' interests, we will, under certain circumstances, disclose some data to third parties; however, such disclosure will always be subject to strict restrictions, which are described in more detail below:

4.1.1. Cookies – General Information

We use cookies on our website based on Article 6, paragraph 1, point f) of the GDPR. Our legitimate interest in optimizing our services is considered justified within the meaning of the aforementioned regulation. Cookies are small files that your browser automatically creates and stores on your device (laptop, tablet, smartphone, etc.) when you use our services. Cookies do not harm your device and do not contain viruses, Trojan horses, or other malware. Cookies allow us to store information that is specific to the device used. However, this does not mean that we can immediately identify you. The use of cookies serves, in particular, to make using our services more convenient for you. We use session cookies to detect that you have already visited certain pages of our website. If you use our services again later, the cookie automatically recognizes you. In addition, we also use temporary cookies for user-friendliness purposes, which are stored on your device for a defined period of time. These are automatically deleted when you quit.

Furthermore, we use cookies to statistically record the use of our Offers and evaluate them in order to optimize them for you and display information specifically tailored to your needs. These cookies allow us to automatically recognize you when you return to our site. These cookies are automatically deleted after a defined period of time. Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, completely disabling cookies will prevent you from accessing all the functions of our Offers. The storage duration of cookies depends on their intended use and is not the same for everyone.

4.1.3. Facebook Pixels

In order to use, further optimize, and evaluate the conversion of our Facebook campaigns as needed, we use an individual behavioral pixel from Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”) in accordance with Article 6, paragraph 1, point f of the GDPR. This pixel is integrated into our website's code. This allows us to verify that the Facebook ads we initiate are only displayed on the pages of users who have shown an interest in our services. By doing so, we ensure that our Facebook ads are relevant to the user's potential interest and do not intrude upon their attention. We also track the actions of Facebook users after they have seen or clicked on one of our Facebook ads. This allows us to evaluate the conversion of the respective campaign for statistical, market research, and billing purposes. The following information is processed:

  • timestamp,
  • the URL,
  • campaign information (including print specification, form field, activated button).

The data collected is anonymous and does not allow us to draw any conclusions about the user's identity. Processing for behavioral and interest-based advertising is considered a legitimate interest recognized under Recital 47 of the GDPR. The data is stored in accordance with the retention periods stipulated by law and is then automatically deleted.

If you log in to your Facebook account after the pixel has been placed, or if you visit our website while logged in, this data may be stored and processed by Facebook, which we are informing you about here. Facebook may connect this data to your Facebook account and use it for advertising purposes, in accordance with Facebook's Data Policy: https://www.facebook.com/about/privacy/ . You can find more information about the Facebook pixel here . You can allow Facebook and its partners to display ads on Facebook and other sites. You can withdraw your consent to this special data processing at any time by changing your Facebook settings or simply by informing us that you no longer wish this type of processing in the future. To do so, please use the contact information for our Data Protection Officer. Please note that the stated objection only applies to the device used. For more information, please refer to Facebook's Privacy Policy and Privacy Information.

4.1.4. Facebook Similar Audiences Campaigns

To use, further optimize, and evaluate the conversion rate of our Facebook campaigns as needed, we use an individual behavioral pixel from Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”) in accordance with Article 6, paragraph 1, point f of the GDPR. You can find more information about Facebook's Lookalike Audiences campaigns at: https://www.facebook.com/business/help/365463786964246

This processing for the purpose of behavioral and interest-based advertising is considered a legitimate interest recognized under Recital 47 of the GDPR. If you are part of Facebook's Lookalike Audiences, we will share your email address and device ID with Facebook. You can withdraw your consent to this specific data processing at any time by changing your Facebook settings: https://www.facebook.com/settings/?tab=ads or simply by informing us that you no longer wish this type of processing in the future. To do so, please use the contact information for our Data Protection Officer.

4.1.5. Pinterest Tag

To use, further optimize, and evaluate the conversion of our Pinterest campaigns as needed, we use a Pinterest tag, an individual code snippet from Pinterest Inc., 635 High Street, Palo Alto, CA, USA (“Pinterest”), which is integrated into the content of our website, in accordance with Article 6, paragraph 1, point f of the GDPR. This allows us to verify that the Pinterest ads we initiate are displayed only on the pages of users who have shown an interest in our services. By doing so, we ensure that our Pinterest ads are relevant to the user's potential interest and do not intrude upon their experience. We also track the actions of Pinterest users after they have seen or clicked on one of our Pinterest ads. This allows us to evaluate the conversion of the respective campaign for statistical, market research, and billing purposes. The following information is processed:

  • Information about the device (e.g., type, brand),
  • the operating system used (for example, iOS 11),
  • the IP address of the device used,
  • the time to take advantage of our offer,
  • The type and content of the campaign and
  • the reaction to the respective campaign (clicking on a button for example).

The data collected is anonymous and does not allow us to draw any conclusions about the user's identity. This processing for the purpose of interest-based advertising is considered a legitimate interest recognized under Recital 47 of the GDPR. The data is stored in accordance with the retention periods stipulated by law and is then automatically deleted.

If you log in to your Pinterest account after visiting our website, or if you visit our website while logged in, this data may be stored and processed by Pinterest, which we are informing you about here. Pinterest may also connect this data to your account and use it for advertising purposes. You can find more information in Pinterest's Privacy Policy: https://policy.pinterest.com/de/privacy-policy . You can withdraw your consent to this special data processing at any time by disabling all relevant settings under "Personalization" in your Pinterest account: https://help.pinterest.com/de/articles/edit-your-settings#Web or by enabling the "Do Not Track" setting in your browser.

4.1.6. Google Analytics

To tailor our offering to your needs and continuously optimize it, we use the Google Analytics service from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) in accordance with Article 6, paragraph 1, point f of the GDPR. Through the use of cookies, Google creates pseudonymized user profiles . The information generated by the cookie about your use of this website, such as

  • browser type/version,
  • the operating system used,
  • the referring URL (the previously visited page),
  • the hostname of the accessing computer (IP address),
  • the time of the server request.

Your data is transmitted to and stored on a Google server in the United States. This information is used to evaluate the use of the services, compile activity reports, and provide other services related to the use of the services for market research and needs-based design. This information may also be transferred to third parties if required by law or if third parties are commissioned to process this data. Your IP address will under no circumstances be merged with other Google data. IP addresses are anonymized so that attribution is not possible (this is known as IP masking).

You can prevent the use of cookies by adjusting your browser settings or withdraw your consent to further processing via cookies by clicking this link and opting out. However, please note that in this case, you may not be able to fully use all the features of our services. Furthermore, you can prevent the collection of data generated by a cookie and related to your use of our services (including your IP address) and the processing of this data by Google by downloading and installing the browser add-on . We recommend using Private Browsing mode on mobile devices. You can find more information about data protection in relation to Google Analytics on the Google Analytics webpage.

4.1.7. Google Tag Manager

Google Tag Manager allows us to manage the tags on our website (website code). These tags facilitate the management and development of our services and reduce loading times. Google Tag Manager only implements the website code. Google Tag Manager does not create cookies and does not collect any personal information. The tool only integrates the website code that we have stored elsewhere and that may be used to collect data. The tool serves only to facilitate the modification of the code and does not access the data processed by the code. We will inform you about all the tags integrated in this Privacy Policy. You can find more information about Google Tag Manager and the terms of service on Google's website.

4.1.8. Stripe Payment Processing Service

For the purposes of fulfilling the contract and, in particular, processing payments, we transmit your name and email address to our payment service provider, Stripe Payments Europe Ltd., Block 4, Harcourt Center, Harcourt Road, Dublin 2, Ireland (“Stripe”), in accordance with Article 6, paragraph 1, points a) and b) of the GDPR. By using Stripe's library, we will not process the information entered during the ordering process (address, account number, bank code, possibly credit card number, invoice amount, currency, and transaction number) but will transmit it directly to Stripe from your browser. The data is used exclusively by Stripe for the execution and completion of the payment process and is transmitted securely via SSL encryption. Stripe is PCI DSS certified. Stripe may transfer, process, and store personal information outside the European Union. You can find more information about Stripe's Privacy Policy by clicking on this link .

We use a text messaging platform, which is subject to the following terms and conditions. By opting in to our text marketing and notifications, you agree to these terms and conditions.
By entering your phone number at checkout and initiating a purchase, subscribing via our subscription form, or using a keyword, you agree that we may send you SMS notifications (regarding your order, including abandoned cart reminders) and SMS marketing offers. You acknowledge that consent is not a condition of any purchase.
Your phone number, name, and purchase information will be shared with our SMS platform, SMSBump Inc., a European Union company with an office in Sofia, Bulgaria. This data will be used to send you targeted marketing messages and notifications. When sending text messages, your phone number will be transmitted to a text messaging operator for delivery.
If you wish to unsubscribe from receiving SMS messages and notifications, reply STOP to any mobile message we have sent you or use the unsubscribe link we provided in one of our messages. You understand and agree that other methods of opting out, such as using alternative words or requests, will not be considered a valid way to unsubscribe. Message and data rates may apply.
For any questions, text "HELP" to the number from which you received the messages. You can also contact us for more information. If you wish to unsubscribe, please follow the procedures above.

  1. Recipients outside the EU

As indicated in sections 3.4 and 3.5 above, data may also be transferred to recipients located outside the European Union or the European Economic Area. This applies in particular to the processing of the aforementioned analytics and targeting technologies, which may involve the transfer of data to the servers of service providers. Affiliated service providers that we require to provide our services, such as hosting providers, CRM tools, or analytics service providers, may be other recipients. These servers may be located outside the European Union, including in the United States. We ensure that these service providers guarantee data protection standards equivalent to those of the GDPR and that applicable directives are respected. Therefore, we only work with certified service providers. For this certification, the European Commission has established the adequacy of the level of data protection under number C(2016) 4176, in accordance with Article 45 of the GDPR. The use of these certified service providers thus complies with the European standard for data processing in accordance with the law. Furthermore, service providers based outside the European Union have provided us with adequate contractual guarantees ensuring compliance with these European standards and the respect for the rights of data subjects, for example, by relying on the European Commission's standard contractual clauses .

  1. Your rights

6.1. OVERVIEW

In addition to your right to contest the consents you have given us, you may exercise the following rights if the respective legal conditions are met:

  • The right to information regarding your personal data held by us, in accordance with Article 15 of the GDPR,
  • In the event of transfers pursuant to Articles 46, 47 or 49(1)(2) of the GDPR, the right to information or reference to appropriate or adequate safeguards and the possibility of obtaining a copy of those safeguards or, if those safeguards are available,
  • Your personal data is stored with us in accordance with Article 15 of the GDPR,
  • The right to correct inaccurate data or to complete accurate data in accordance with Article 16 of the GDPR,
  • The right to delete your data held by us in accordance with Article 17 of the GDPR,
  • The right to restrict the processing of your data in accordance with Article 18 of the GDPR,
  • The right to data portability in accordance with Article 20 of the GDPR.

6.2. RIGHT TO APPEAL

Under the conditions set out in Article 21, paragraph 1 of the GDPR, it is possible to withdraw your consent concerning the processing of data for reasons relating to the particular situation of the data subject.

The aforementioned general right to object applies to all processing purposes described in this Privacy Policy, based on Article 6(1)(f) of the GDPR. Apart from the specific right to object regarding data processing for advertising purposes (see section 3.3 above), the GDPR requires us to implement a general right to object only if you provide us with compelling reasons (e.g., a risk to life or health). Furthermore, you can also contact our competent supervisory authority: the Data Protection and Freedom of Information Commissioner of Berlin, Friedrichstraße 219, 10969 Berlin, Germany.

  1. Data security

We use the strictest information security standards for our infrastructure and the processing of your data. For example, we use IT protection mechanisms such as firewalls and data encryption. Our buildings and data are subject to physical access controls. Only employees who need access to our customers' personal data to perform their work are granted access.

All data you personally provide to us, including your payment information, is transmitted via the general and secure SSL (Secure Socket Layer) standard. SSL is a secure and proven standard, notably used for online banking transactions. You can recognize an SSL connection by the "s" after "http" (https://…) in your browser's address bar or by the padlock symbol at the bottom of the browser window.

For the rest, we use appropriate technical and organizational security measures to protect your personal data stored with us against manipulation, partial or total loss, and unauthorized access by third parties. Our security measures are continuously monitored in light of technological advancements, regularly adapted to the respective risks, and improved as needed.

  1. Children's Privacy Policy.

Protecting the privacy of young children is especially important. For this reason, we do not knowingly collect or solicit personal information from anyone under the age of 16, nor do we knowingly allow them to register. If you are under 16, please do not send us any information about yourself, including your name, address, phone number, or email address. No one under the age of 16 is permitted to provide personal information to the Services. If we learn that we have collected personal information from a child under the age of 16, we will notify you.

If you are under 16 and have no parental consent, we will delete this information as quickly as possible. If you believe we may have information about or concerning a child under 16, please contact us at hello@ steamplus.fr

  1. Changes to our privacy policy.

If we change our privacy policy and procedures, we will post those changes on our website to inform you about the nature of the information we collect, how we use it, and under what circumstances we may disclose it. Changes to this privacy policy become effective when they are posted on our website.

Last updated 05/11/2025