How can I create a folder and give backend user access rights to it, but not inside fileadmin folder, as I don't want this folder to be accessed by browsers. Or is there a way to create a folder inside fileadmin, but not being public?
You can restrict access from outside with a .htaccess file or configuration.
Also you can define additional file storages other than /fileadmin but as far as they are inside webroot they also are visible from outside.