PRIVACY POLICY FANSEA
This Privacy Policy explains the processing of your personal data by Fansea GmbH, Kaiserstraße 40, 60329 Frankfurt, Germany ("we" or "Fansea") as the controller (Art. 4 no. 7 GDPR) and your rights under the GDPR.
1. PURPOSES OF PROCESSING
1.1. PROCESSING OF PERSONAL DATA YOU PROVIDE
We process personal data that you provide in the context of using certain content and functions on our website or app. For example, if you use the contact form, we process your personal data to respond to your inquiry. The same applies to contact by other means, such as email, messenger or telephone. The legal basis for this processing of your personal data is Art. 6 (1) b) GDPR.
1.2. PURCHASING OF 3D COLLECTIBLES
When you buy 3D Collectibles, the cryptographic key is stored in your wallet. This will include your blockchain address and other information necessary to complete the transaction. Subsequently, the purchased 3D Collectibles will be displayed in your account. The legal basis is Art. 6 (1) b) GDPR.
1.3. PURCHASING OF 3D PRINTS
When you buy 3D Prints, for the delivery of the physical 3D Print you need to provide us your name, address, zip code, city and country. The legal basis is Art. 6 (1) b) GDPR.
1.4. LOG DATA
When using the website, certain personal data, including data sent by the browser (e.g., IP address, type of cookies, previous website, time and date, content displayed) are temporarily stored. We use this log data to enable you to use our website and, if necessary, to check and enforce our rights and the rights of third parties in the event of damage or infringement of legal regulations, our terms of use and the rights of third parties. The legal basis is Art. 6 (1) f) GDPR. The log files are stored for as long as is necessary for the respective purpose, generally no longer than 14 days.
1.5. SIMPLE ANALYTICS
To get critical information about the behavior of our visitors, we use Simple Analytics. This analytics software gives us insight about our visitors only in general, but not about individuals by itself, as it does not track visitors and does not store any personal identifiable information. Go to their documentation to find out what Simple Analytics collects (and most importantly what they don’t).
1.6. GOOGLE ANALYTICS
We use Google Analytics with your consent (Art. 6 (1) a GDPR) to better understand our visitors and their interests and to continuously improve our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics allows us to analyze traffic and usage patterns of individual users (without further identifying them) or groups (which offers are used how often, how often users return, how long they stay, from which websites users come, from which regions, etc.). Google acts as our processor. The cookies used for this purpose expire after 14 months.
1.7. GOOGLE WEB FONTS
Our pages use so-called Google Fonts, i.e. fonts from the third-party provider Google. These web fonts can either be retrieved locally from our server or from the server of the respective third-party provider. In this case, personal data may be transferred to Google, in which case Google's Privacy Policy applies. The legal basis for this processing is Art. 6 (1) b GDPR.
1.8. GOOGLE TAG MANAGER
Google Tag Manager is a tag management system provided by Google that we use on our websites. Google Tag Manager allows us to add code snippets, pixels or similar, to our web pages. Google will only process your IP address as a processor and in accordance with the EU standard contractual clauses. Google will not combine your IP address with personal information from other sources. The legal basis is Art. 6 (1) f) GDPR.
1.9. GOOGLE ADS
With your consent (Art. 6 (1) a GDPR), we use various Google services for marketing measures.
We use Google Ads to display ads in the Google search engine or on third-party websites. Google Ads can be used to display targeted ads based on the user data available at Google (so-called "target group targeting"). As a website operator, we can evaluate this data by analyzing, for example, which search terms led to the display of our ads. This allows us to optimize our offer and our advertisements.
DoubleClick is used to show you interest-based advertising across the Google advertising network. For example, our advertising may be displayed in Google search results or in advertising banners associated with DoubleClick. For this, DoubleClick must be able to recognize the respective viewer and assign to him, among other things, the web pages visited. For this purpose, DoubleClick uses cookies or other recognition technologies.
1.10. PAYMENT SERVICE PROVIDERS
We use PayPal and Stripe as payment service providers. In addition to your IP address and browser data, they have access to your payment data (esp. credit card number). Paypal is an offer of PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg. The provider of Stripe is Stripe Payments Europe Limited, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland. The legal basis is Art. 6 (1) b) GDPR. We do not collect or process your personal data when you make a purchase via an App Store in our App. This data, in particular data for electronic payment processing, is only collected and processed directly by the app store concerned. When using the app stores, please note their data protection declarations (Apple App Store: www.apple.com/de/privacy/; Google Play Store: policies.google.com/privacy).
1.11. OTHER PURPOSES FOR WHICH WE PROCESS YOUR PERSONAL DATA
We process your personal data for:
· fulfill existing and implement new business relationships. We will retain these for the duration of our business relationship. During our business relationship, we may collect contact information, professional qualification data (publications, etc.). Some data is obtained from public sources and websites. Legal basis: Art. 6 (1) b) and f) GDPR.
· To meet our legitimate interests (Art. 6 (1) f) GDPR), including the following:
Enter into corporate transactions (e.g., restructuring, sale or assignment of assets, merger); and
Protect our rights or property, enforce our terms of use and legal notices, and provide for the establishment, exercise and defense of legal claims.
· to fulfill our legal obligations, court orders or other binding decisions. The legal basis is Art. 6 (1) c) GDPR.
· with your consent (Art. 6 (1) a GDPR) for other purposes, such as subscription to a newsletter; in this case, you have the option to revoke your consent at any time.
1.12. NEWSLETTER
With your consent (Art. 6 (1) a GDPR), we use Sendinblue as our Newsletter provider.
When registering for the newsletter, personal information such as name, email address and IP address is stored and administered. The newsletter is sent using the email delivery service Sendinblue GmbH, a German company based at Köpenicker Str. 126, 10179 Berlin.
This allows us to analyse user behaviour when opening and clicking on the newsletter in order to improve our services. This consent can be revoked at any time by using the unsubscribe link in the newsletter. The data will be deleted once you have unsubscribed.
Further information on data processing can be found on the Sendinblue websites at https://de.sendinblue.com/legal/privacypolicy/ and https://de.sendinblue.com/informationen-newsletter-empfaenger/.
2. RECIPIENTS OF PERSONAL DATA
In addition to the recipients of personal mentioned above, we also use other companies to process personal data on our behalf, for example for hosting, technical support of our website, sending newsletters or for analysis and advertising purposes. Such service providers only process the data on our behalf as so-called processors (Art. 28 GDPR).
Furthermore, we will share your name and email address as necessary with our Creators, for example AC Milan, Sporthilfe or Frankfurt Galaxy, in the event of a previous purchase or free mint of a Collectible from the respective Creator. This only serves for the implementation of the cooperation or performance of a contract (e.g. for the allocation of rewards or utilities).
Furthermore, we transmit personal data to third parties if this is required by law, if this is necessary for the exercise and defense of legal claims or if third parties provide certain services for us (e.g., lawyers, tax consultants).
Insofar as we transfer personal data to third countries outside the EU, we ensure an appropriate level of data protection through contractual measures. You have the right to receive copies of these contracts.
3. COOKIES USE
In addition to the processing purposes mentioned above, we also use cookies when technically necessary to provide our website or certain content or when we are obliged to do so. For example, we set a cookie to store which cookies you have agreed to or which you have refused. This cookie expires after six months. The legal basis for the use of necessary cookies is Art. 6 (1) b) GDPR or Art. 6 (1) c) GDPR for legally obligatory processing of personal data.
Furthermore, we also use cookies to provide certain functionalities that are not technically necessary but make the use of our website more user-friendly. For example, cookies can be used to save certain preferences of the user, e.g. the display language, and to load them automatically the next time our website is called up. The legal basis for the use of functional cookies is Art. 6 (1) f) GDPR.
Non-required and non-functional cookies (e.g. for marketing purposes), on the other hand, are only processed with your consent. The legal basis for this is Art. 6 (1) a) GDPR.
Unless otherwise stated in this Privacy Policy, cookies remain stored for as long as necessary to fulfill the respective processing purposes. You can prevent the storage of cookies by browser preferences and delete them manually in your browser settings. Please note, however, that some cookies may be mandatory for the use of our website or individual functions.
You can find more information about the cookies set on this website and the possibility to revoke or give your consent here.
4. RETENTION PERIODS
Unless a specific duration of data storage is specified in this Privacy Policy, we will only process your data as long as this is necessary for the respective purposes or as long as there are legal retention obligations. After the respective processing purpose ceases to apply and retention obligations end, your data will be routinely deleted.
5. YOUR RIGHTS
You can request information about your stored data. If you have provided personal data on the basis of a contract or consent, you have the right to receive this data in a standard and machine-readable format.
In addition, in justified cases, you can also request the deletion, correction or restriction of the processing of your data.
You can revoke your consent at any time with effect for the future.
You can object to the processing of data processed on the basis of our legitimate interests at any time under the conditions of the GDPR.
6. CONTACT; COMPLAINT TO SUPERVISORY AUTHORITY
Please address your questions or concerns regarding the processing of your personal data to:
Fansea GmbH
Kaiserstraße 40,
60329 Frankfurt
Germany
In case of questions and in case of possible concerns about the data processing, you can also contact a supervisory authority. The responsible supervisory authority for Fansea is:
The Hessian Commissioner for Data Protection and Freedom of Information
Gustav-Stresemann-Ring 1
65189 Wiesbaden
***