Privacy policy
Data protection information of Fantec GmbH
As of May 25, 2018, the requirements of the General Data Protection Regulation [http://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32016R0679&from=EN] (hereinafter: DSGVO) apply throughout Europe. In the following, we would like to inform you about the processing of personal data carried out by Fantec in accordance with this new regulation (compare Art. 13 DSGVO). Please read our data protection information carefully. If you have any questions or comments about this data protection information, you can send them at any time to the email address given under point 2.
1. Overview
The following data protection information informs you about the nature and extent of the processing of so-called personal data by Fantec. Personal data is information that can be directly or indirectly attributed to you or can be attributed to you.
Data processing by Fantec can essentially be divided into two categories:
- For the purpose of contract processing, all data required for the performance of a contract with Fantec is processed. If external service providers are also involved in the processing of the contract, e.g. logistics companies or payment service providers, your data will be passed on to them to the extent necessary in each case.
- When you access the Fantec website/application, various pieces of information are exchanged between your terminal device and our server. This may also involve personal data. The information collected in this way is used, among other things, to optimize our website or to display advertising in the browser of your end device.
In accordance with the provisions of the GDPR, you have various rights that you can assert against us. These include the right to object to selected data processing, in particular data processing for advertising purposes. The option to object is highlighted in print/can be quickly recognized by the following symbol/...
If you have any questions about our data protection information, you are welcome to contact our company data protection officer at any time. You will find the contact details below.
2. Name and contact details of the data controller and the company data protection officer
This data protection information applies to data processing by
FANTEC GmbH
Billwerder Billdeich 605b
21033 Hamburg
Managing Director:
Fan Lou
Entry in the Commercial Register at Hamburg Local Court HRB 75732
Tel +49 (0) 40 730 9283
Fax +49 (0) 40 726 92898
E-mail info@fantec.de
("responsible person"), and for the following websites or applications: ww.Fantec.de. Questions regarding data protection can be sent by e-mail to service@Fantec.de.
3. purposes of data processing, legal bases and legitimate interests pursued by Fantec or a third party, and categories of recipients.
3.1 Calling up our website/application.
When you call up our website/application, information is automatically sent to the server of our website/application by the browser used on your end device and temporarily stored in a so-called log file. We have no influence on this. The following information is also collected without your intervention and stored until automatic deletion:
- the IP address of the requesting internet-capable device,
- the date and time of access,
- the name and URL of the file accessed,
- the website/application from which the access was made (referrer URL),
- the browser you use and, if applicable, the operating system of your Internet-enabled computer as well as the name of your access provider.
The legal basis for the processing of the IP address is Art. 6 para. 1 lit. f) DSGVO. Our legitimate interest follows from the purposes of data collection listed below. At this point, we would like to point out that we are not able to draw any direct conclusions about your identity from the collected data, nor will we do so.
The IP address of your terminal device and the other data listed above are used by us for the following purposes:
- Ensuring a smooth connection setup,
- Ensuring a comfortable use of our website/application,
- Evaluation of system security and stability.
The data is stored for a period of 14 days and then automatically deleted. Furthermore, we use so-called cookies, tracking tools, targeting methods and social media plug-ins for our website/application. The exact procedures involved and how your data is used for this purpose are explained in more detail below in section 3.4.
If you have consented to geolocation in your browser or operating system or other settings on your end device, we use this function to offer you individual services based on your current location (e.g., the location of the nearest store). We process your location data processed in this way exclusively for this function. If you terminate the use, the data will be deleted.
3.2 Conclusion, execution or termination of a contract
3.2.1 Data processing upon conclusion of a contract
The object of activity of Fantec is the sale of goods and services In this context, we process the data required for the conclusion, execution or termination of a contract. This includes:
- First name, last name
- Invoice and delivery address
- e-mail address
- Invoice and payment data
- Date of birth
- telephone number
- Order data, such as the type and quantity of goods ordered or services used
- Creditworthiness information and payment conditions
- Data due to complaints
- Legitimation and authentication data such as ID data, signature, company stamp and passwords
- Advertising and sales data including target group-specific information
- Data in the context of ongoing contact management or business initiation, such as data on communications that have taken place, including date and time as well as purpose
- Copies of correspondence, insofar as this takes place in writing, by e-mail or by fax.
The legal basis for this is Art. 6 para. 1 lit. b) DSGVO, i.e. you provide us with the data on the basis of the contractual relationship between you and us. We are also obliged to process your e-mail address due to a requirement in the German Civil Code (BGB) to send an electronic order confirmation (Art. 6 para. 1 lit. c) DSGVO). Insofar as we do not use your contact data for advertising purposes (see under 3.3), we store the data collected for contract processing until the expiry of the statutory or possible contractual warranty and guarantee rights. After expiration of this period, we retain the information of the contractual relationship required by commercial and tax law for the periods determined by law. For this period (regularly ten years from the conclusion of the contract), the data is processed again solely in the event of an audit by the tax authorities.
Furthermore, the following data processing is required for the execution of the purchase contract:
If you have selected a payment method other than prepayment or cash on delivery, we will pass on the necessary payment data to a payment service provider commissioned by us. We will pass on details of your delivery address to a logistics company commissioned by us for the purpose of processing the purchase contract. If you agree, we will transmit your e-mail address and, if applicable, your telephone number to the logistics company commissioned by us in order to ensure that the delivery of the goods is carried out according to your wishes. The logistics company will contact you in advance of the delivery to inform you of the delivery time or to coordinate details of the delivery with you. The data will be transmitted solely for this purpose and will be deleted after delivery.
3.2.2 Identity, creditworthiness and transmission to credit agencies
If necessary, we verify your identity by using information from service providers. The legal basis for this is Art. 6 para. 1 lit. b) and lit. f) DSGVO. The authorization for this results from the protection of your identity and the prevention of fraud attempts at our expense. The circumstance and the result of our inquiry will be added to your customer account or your guest account for the duration of the contractual relationship.
If you have already made a purchase from us, the data we have stored about you may be supplemented by so-called score values. Scoring is the creation of a forecast about future events based on information collected and past experience. On the basis of the data stored about you, an assignment is made to statistical groups of people who have had similar entries in the past. The underlying procedure used is a well-founded mathematical-statistical method for forecasting risk probabilities that has been tried and tested in practice for a long time.
In the event of a delay in payment, we transmit the necessary data to a company commissioned to enforce the claim if the other legal requirements are met. The legal bases for this are both Art. 6 (1) (b) and Art. 6 (1) (f) DSGVO. The assertion of a contractual claim is to be regarded as a legitimate interest within the meaning of the second-mentioned provision. We also transmit information about the delay in payment or a possible bad debt to credit agencies cooperating with us if the other legal requirements are met. The legal basis for this is Art. 6 para. 1 lit. f) DSGVO. The legitimate interest required here results from our interest and the interest of third parties in reducing contractual risks for future contracts.
3.3 Data processing for advertising purposes
The following statements relate to the processing of personal data for advertising purposes. The GDPR declares such data processing on the basis of Art. 6 (1) (f) as basically conceivable and as a legitimate interest. The duration of data storage for advertising purposes does not follow any rigid principles and is based on the question of whether the storage is necessary for the advertising approach. At Fantec, we also follow the principle of deleting data for promotional use after 12 months. Please refer to section 3.3.3 for information on how to proceed in the event of an objection.
3.3.1 Advertising purposes of Fantec and third parties
If you have concluded a contract with us, we will treat you as an existing customer. In this case, we process your postal contact data outside of the existence of a specific consent in order to send you information about new products and services in this way. From time to time, we transmit your postal contact data to contractual partners from the retail and telecommunications sectors who we have selected with particular care, so that they can also inform you about their products. We process your e-mail address in order to send you information on our own similar products, unless you have given your specific consent.
3.3.2 Interest-based advertising
To ensure that you only receive information that is of supposed interest to you, we categorize and add further information to your customer profile. Statistical information as well as information about you (e.g. basic data of your customer profile) is used for this purpose. The aim is to send you advertising that is geared solely to your actual or perceived needs and, accordingly, not to bother you with useless advertising.
3.3.3 Right of objection
You may object to data processing for the above-mentioned purposes at any time, free of charge, separately for the respective communication channel and with effect for the future. For this purpose, it is sufficient to send an e-mail or a postal letter to the contact data mentioned under 2.
If you object, the contact address concerned will be blocked for further data processing for advertising purposes. We would like to point out that in exceptional cases, advertising material may still be sent temporarily after receipt of your objection. This is technically due to the necessary lead time of advertisements and does not mean that we will not implement your objection. Thank you for your understanding.
3.3.4 Newsletter dispatch
On our website we offer you the possibility to subscribe to our newsletter. The processing of your e-mail address is based on your consent (Art. 6 para. 1 lit. a) DSGVO). In order to be able to ensure that no mistakes have been made when entering the email address, we use the so-called double opt-in procedure: After you have entered your email address in the registration field, we will send you a confirmation link. Only when you click on this confirmation link will your email address be added to our distribution list. You can revoke your consent at any time with effect for the future. For this purpose, it is sufficient to send a short note by email to the email address given under 2.
3.4 Online presence and website optimization
3.4.1 Cookies - general information
We use so-called cookies on our website on the basis of Art. 6 (1) f) DSGVO. Our interest in optimizing our website is to be regarded as legitimate in the sense of the aforementioned provision. Cookies are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your end device, do not contain viruses, Trojans or other malware. In the cookie, information is stored that arises in each case in connection with the specific end device used. This does not mean, however, that we gain direct knowledge of your identity. The use of cookies serves on the one hand to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website or that you have already logged into your customer account. These are automatically deleted after you leave our site. In addition, we also use temporary cookies for the purpose of user-friendliness, which are stored on your end device for a certain fixed period of time. If you visit our site again to use our services, it is automatically recognized that you have already been with us and which entries and settings you have made so that you do not have to enter them again.
If you have a customer account with Fantec and are logged in or activate the "stay logged in" function, the information stored in cookies will be added to your customer account.
On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you as well as to display information tailored specifically to you. These cookies enable us to automatically recognize that you have already been to our website when you visit it again. These cookies are automatically deleted after a defined period of time. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website. The storage period of cookies depends on their purpose and is not the same for all.
3.4.2 Google Analytics
For the purpose of demand-oriented design and continuous optimization of our pages, we use Google Analytics, a web analytics service provided by Google Inc ("Google"), on the basis of Art. 6 (1) f) DSGVO. In this context, pseudonymized usage profiles are created and cookies are used. The information generated by the cookie about your use of this website, such as
- Browser type/version,
- operating system used,
- Referrer URL (the previously visited page),
- host name of the accessing computer (IP address),
- time of the server request,
are transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website and internet usage for the purposes of market research and demand-oriented design of these web pages. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymized so that an assignment is not possible (so-called IP masking).
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by using this browser add-on
tools.google.com/dlpage/gaoptout
and install it. As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent the collection by Google Analytics by clicking on this link. An opt-out cookie will be set, which prevents the future collection of your data when visiting this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again. For more information on data protection in connection with Google Analytics, please visit the website of Google Analytics
support.google.com/analytics/answer/6004245
3.4.3 Use of Google Maps with recommendation components
On our site, we use "Google Maps" in combination with the so-called "share function" for easier orientation and finding our stores. "Google Maps" is a service of the company Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter "Google".
With each individual call of web pages on which a Google Maps map is embedded, a cookie is set by Google in order to process your user settings and data when displaying the visited web page. Please note that this cookie is usually not deleted by closing the browser, but expires after a certain time, unless you delete it manually beforehand.
You can prevent this data processing by Google and a loading of the embedded content, for example, by deactivating the Java Script function in your browser to disable the service of "Google Maps".
The use of "Google Maps" and the information obtained via "Google Maps" is in accordance with the Google Terms of Use
http://www.google.de/intl/de/policies/terms/regional.html
as well as the additional terms and conditions for "Google Maps
https://www.google.com/intl/de_de/help/terms_maps.html
3.4.4 Use of YouTube components with extended data protection mode
On our website, we use content (videos) of the company YouTube, LLC 901 Cherry Ave, 94066 San Bruno, CA, USA, a company of Google Inc, Amphitheatre Parkway, Mountain View, CA 94043, USA.
Thereby, videos on our website are only integrated with the option " - extended data protection mode - " provided by YouTube.
When you call up a page that has an embedded video, a preview image is loaded from YouTube's Internet servers and displayed in your browser on the website called up on your computer.
According to the information provided by YouTube, in " - extended data protection mode -" website data is only transmitted to the YouTube server, in particular which of our Internet pages you have visited when you watch the video.
If you are logged into YouTube at the same time, this information will be assigned to your member account with YouTube. You can prevent this by logging out of your member account before visiting our website.
Further information on YouTube's data protection is provided by Google at the following link:
https://www.google.de/intl/de/policies/privacy/
3.4.5 Use of Google Web Fonts:
Specially designed fonts, Google Fonts, are used in the design of our websites. Google Fonts is a web design assistant of Google Inc ("Google"). The use of Google Web Fonts causes certain fonts to be retrieved from a Google server in the USA when our website is built. When this font is retrieved, your browser also transmits to the Google server which of our individual Internet pages you are visiting in order to build the website. The IP address of your end device is also stored by Google when you call up these Internet pages.
You can find more information in Google's privacy policy, which you can access here:
www.google.com/fonts#AboutPlace:about
www.google.com/policies/privacy/
3.4.6 Targeting
The targeting measures listed below and used by us are carried out on the basis of Art. 6 (1) f) DSGVO. By means of the targeting measures used, we want to ensure that you are only shown advertising on your end devices that is based on your actual or presumed interests. It is in your interest as well as ours not to bother you with advertisements that are not of interest to you.
3.4.6.1 Onsite targeting
On our website, information is collected and evaluated using cookies in order to optimize advertising. This information includes, for example, details of which of our products you were interested in. The collection and evaluation of this information is exclusively pseudonymous and does not allow us to identify you. In particular, the information is not merged with personal data about you. On the basis of the information, we can show you offers on our site that are specifically geared to your interests, as these result from your previous user behavior. The cookie is automatically deleted after 14 days.
3.4.6.2 Re-targeting
We also use re-targeting technologies from time to time. This enables us to tailor our online offer to make it more interesting for you. For this purpose, a cookie is set to collect interest data using pseudonyms. This information is used to display interest-related advertisements about our offers on our partners' websites. No directly personal data is stored and no usage profiles are merged with personal data about you. The cookie is stored for a period of 14 and then automatically deleted.
3.4.6.3 Affiliates
We work with advertising partners to make the online offer on our site even more interesting for you. For this purpose, cookies are also set by our advertising partners when you visit our site (so-called third-party cookies). In the cookies of our advertising partners, information is also stored using pseudonyms about your user behavior and your interests when visiting our site. In some cases, information is also collected that was obtained on other sites before you visited our site. Based on this information, interest-related advertisements from our advertising partners are displayed to you. No personal data is stored and no usage profiles are merged with personal data about you. The cookie is stored for a period of 14 and then automatically deleted. You can prevent the interest-based advertising of our advertising partners by making the appropriate cookie setting in your browser (see also 3.4.1).
3.4.6.4. objection/opt-out option
You can prevent the targeting technologies explained by making the appropriate cookie setting in your browser (see also 3.4.1). In addition, you have the option to opt out of preference-based advertising with the help of the preference manager available here
www.youronlinechoices.com/de/praferenzmanagement/
which you can access here.
3.4.7 Social media plug-ins
We use social plug-ins from the social networks Facebook, Google+ and Twitter on our website on the basis of Art. 6 Para. 1 lit. f) DSGVO in order to make our company better known via these. The underlying promotional purpose is to be regarded as a legitimate interest within the meaning of the DSGVO. The responsibility for data protection-compliant operation is to be ensured by their respective providers. The integration of these plug-ins by us takes place by way of the so-called two-click method
www.heise.de/ct/artikel/2-Klicks-fuer-mehr-Datenschutz-1333879.html
in order to protect visitors to our website as best as possible.
3.4.7.1 Facebook
Our website uses so-called plug-ins of the social network Facebook, which is offered by Facebook Inc. The Facebook plug-ins are marked with a Facebook logo or the addition "Like" or "Share". An overview of the Facebook plug-ins and their appearance can be found behind the following link
developers.facebook.com/docs/plugins.
When you activate such a plug-in (first click), your browser establishes a direct connection to Facebook's servers. The content of the plug-in is transmitted by Facebook directly to your browser and integrated into the page. Through this integration, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook profile or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there. If you are logged in to Facebook, Facebook can directly assign your visit to our website to your Facebook profile. If you interact with the plug-ins, for example by clicking the "Like" button, this information is also transmitted directly to a Facebook server and stored there. The information is also published on your Facebook profile and displayed to your Facebook friends.
For the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights in this regard and setting options for protecting your privacy, please refer to the privacy policy of Facebook
www.facebook.com/policy.php
If you do not want Facebook to directly assign the information collected about your visit to our website to your Facebook profile, you must log out of Facebook before visiting our website. You can also completely prevent the loading of Facebook plug-ins with add-ons for your browser that are available on the Internet, e.g. with the "Facebook Blocker".
4. recipients outside the EU
With the exception of the processing outlined under 3.4, we do not share your data with recipients located outside the European Union or the European Economic Area. The processing operations mentioned under 3.4 result in a data transfer to the servers of the providers of tracking or targeting technologies commissioned by us. These servers are located in the USA. The data transfer takes place in accordance with the principles of the so-called Privacy Shield
www.privacyshield.gov/welcome
and on the basis of so-called standard contractual clauses
eur-lex.europa.eu/LexUriServ/LexUriServ.do
of the EU Commission.
5. automated decision in individual cases including profiling.
You have the right not to be subject to a decision based solely on automated processing - including profiling - which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
(1) is necessary for the conclusion or performance of a contract between you and us,
(2) is permitted by legislation of the Union or the Member States to which the controller is subject and that legislation contains appropriate measures to safeguard your rights and freedoms and your legitimate interests; or
(3) is made with your explicit consent.
However, these decisions may not be based on special categories of personal data pursuant to Article 9(1) of the GDPR, unless Article 9(2)(a) or (g) of the GDPR applies and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests.
With regard to the cases mentioned in (1) and (3), the controller shall take reasonable steps to safeguard the rights and freedoms as well as your legitimate interests, which include, at a minimum, the right to obtain the intervention of a person on the part of the controller, to express his or her point of view and to contest the decision.
In the context of the initiation of business relationships, we are entitled - within the scope of what is legally permissible - to examine the risk of payment defaults on the part of the buyer for the purpose of deciding on the establishment, execution or termination of the purchase contract.
In this respect, probability values for the future behavior of the customer are collected and processed. To calculate these probability values, we also use address data of the buyer and creditworthiness data from credit agencies.
For the check we use the services of credit agencies, such as SCHUFA Holding AG (Wiesbaden), or other third parties and for this purpose data from you to them or requested from them.
The collection, processing and use of data for this purpose is based on Art. 6 para. 1 lit. b) DSGVO.
Within this legal framework, we are also entitled to transmit your data to third parties if and insofar as this is necessary for the implementation of pre-contractual measures and fulfillment of this contract (e.g. for shipping, invoicing or customer service) in accordance with Art. 6 para. 1 lit. b) DSGVO or fulfillment of a legal obligation in the sense of Art. 6 para. 1 lit. c) DSGVO. In the necessary case, we may also forward this data - to the extent permitted by law - to third parties (e.g. debt collection companies) for the purpose of enforcing claims in accordance with Art. 6 (1) b) and/or f) DSGVO.
6 Data protection and third party websites
The Website may contain hyperlinks to and from third-party websites. If you follow a hyperlink to one of these websites, please note that we cannot assume any responsibility or warranty for third-party content or data protection conditions. Please make sure that you are aware of the applicable data protection conditions before you transmit personal data to these websites.
7. changes to this privacy policy
We reserve the right to change this privacy policy at any time with effect for the future. A current version is available on the website. Please visit the website regularly and inform yourself about the applicable data protection provisions.
8. your rights
8.1 Overview
In addition to the right to revoke the consent you have given to us, you have the following additional rights if the respective legal requirements are met:
- Right to information about your personal data stored by us in accordance with Art. 15 DSGVO; in particular, you may request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the origin of your data if it has not been collected directly from you,
- Right to have incorrect data corrected or correct data completed in accordance with Art. 16 DSGVO,
- Right to delete your data stored by us in accordance with Art. 17 DSGVO insofar as no legal or contractual retention periods or other legal obligations or rights to further storage are to be observed,
- Right to restriction of the processing of your data in accordance with Art. 18 DSGVO, insofar as the accuracy of the data is disputed by you, the processing is unlawful but you object to its erasure; the controller no longer requires the data, but you need it to assert, exercise or defend legal claims or you have objected to the processing in accordance with Art. 21 DSGVO,
- Right to data portability pursuant to Art. 20 DSGVO, i.e. the right to have data provided by you and stored by us about you transferred in a common, machine-readable format, or to request the transfer to another controller.
- The right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters for this purpose.
8.2 Right of objection
Under the conditions of Article 21 (1) DSGVO, data processing may be objected to for reasons arising from the particular situation of the data subject.
The above general right of objection applies to all processing purposes described in this Data Protection Information, which are processed on the basis of Art. 6 (1) (f) DSGVO. Unlike the specific right of objection directed at data processing for advertising purposes (compare above), under the GDPR we are only obliged to implement such a general objection if you provide us with reasons of overriding importance for doing so (e.g. a possible risk to life or health). In addition, you have the option of contacting a competent supervisory authority.
9. data security
All data transmitted by you personally, including your payment data, will be transmitted using the generally accepted and secure standard SSL (Secure Socket Layer). SSL is a secure and proven standard that is also used, for example, in online banking. You can recognize a secure SSL connection, among other things, by the appended s at the http (i.e. ) in the address bar of your browser or by the lock symbol in the lower area of your browser.
We also use appropriate technical and organizational security measures to protect your personal data stored by us against manipulation, partial or complete loss and against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments and the technical devices are certified by various DIN standards.