PRIVACY POLICY FANSEA
This Privacy Policy explains the processing of your personal data by Fansea GmbH, Bethmannstr. 7-9, 60311 Frankfurt/Main, Germany (“we” or “Fansea“) as the controller (Art. 4 no. 7 GDPR) and your rights under the GDPR.
1. PURPOSES OF PROCESSING
1.1. PROCESSING OF PERSONAL DATA YOU PROVIDE
We process personal data that you provide in the context of using certain content and functions on our website or app. For example, if you use the contact form, we process your personal data to respond to your inquiry. The same applies to contact by other means, such as email, messenger or telephone. The legal basis for this processing of your personal data is Art. 6 (1) b) GDPR.
1.2. PURCHASING OF 3D COLLECTIBLES
When you buy 3D Collectibles, the cryptographic key is stored in your wallet. This will include your blockchain address and other information necessary to complete the transaction. Subsequently, the purchased 3D Collectibles will be displayed in your account. The legal basis is Art. 6 (1) b) GDPR.
1.3. PURCHASING OF 3D PRINTS
When you buy 3D Prints, for the delivery of the physical 3D Print you need to provide us your name, address, zip code, city and country. The legal basis is Art. 6 (1) b) GDPR.
1.4. LOG DATA
When using the website, certain personal data, including data sent by the browser (e.g., IP address, type of cookies, previous website, time and date, content displayed) are temporarily stored. We use this log data to enable you to use our website and, if necessary, to check and enforce our rights and the rights of third parties in the event of damage or infringement of legal regulations, our terms of use and the rights of third parties. The legal basis is Art. 6 (1) f) GDPR. The log files are stored for as long as is necessary for the respective purpose, generally no longer than 14 days.
1.5. GOOGLE ANALYTICS
We use Google Analytics with your consent (Art. 6 (1) a GDPR) to better understand our visitors and their interests and to continuously improve our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google“). Google Analytics allows us to analyze traffic and usage patterns of individual users (without further identifying them) or groups (which offers are used how often, how often users return, how long they stay, from which websites users come, from which regions, etc.). Google acts as our processor. The cookies used for this purpose expire after 14 months. To avoid Google Analytics, we suggest an opt-out plugin to download here.
1.6. GOOGLE WEB FONTS
Our pages use so-called Google Fonts, i.e. fonts from the third-party provider Google. These web fonts can either be retrieved locally from our server or from the server of the respective third-party provider. In this case, personal data may be transferred to Google, in which case Google’s Privacy Policy applies. The legal basis for this processing is Art. 6 (1) b GDPR.
1.7. GOOGLE TAG MANAGER
Google Tag Manager is a tag management system provided by Google that we use on our websites. Google Tag Manager allows us to add code snippets, pixels or similar, to our web pages. Google will only process your IP address as a processor and in accordance with the EU standard contractual clauses. Google will not combine your IP address with personal information from other sources. The legal basis is Art. 6 (1) f) GDPR.
1.8. GOOGLE ADS
With your consent (Art. 6 (1) a GDPR), we use various Google services for marketing measures.
We use Google Ads to display ads in the Google search engine or on third-party websites. Google Ads can be used to display targeted ads based on the user data available at Google (so-called “target group targeting”). As a website operator, we can evaluate this data by analyzing, for example, which search terms led to the display of our ads. This allows us to optimize our offer and our advertisements.
DoubleClick is used to show you interest-based advertising across the Google advertising network. For example, our advertising may be displayed in Google search results or in advertising banners associated with DoubleClick. For this, DoubleClick must be able to recognize the respective viewer and assign to him, among other things, the web pages visited. For this purpose, DoubleClick uses cookies or other recognition technologies.
1.9. CLOUDFLARE
We use the Content Delivery Network (CDN) provided by Cloudflare Germany GmbH, Rosental 7, c/o Mindspace, 80331 Munich, Germany (Cloudflare) to enhance the security and delivery speed of our website. This is in line with our legitimate interest (Art. 6(1)(f) GDPR). A CDN is a network of servers distributed worldwide capable of efficiently delivering content to website users. For this purpose, personal data may be processed in Cloudflare’s server log files. Cloudflare is the recipient of your personal data and acts as a data processor on our behalf. This corresponds to our legitimate interest under Art. 6(1)(f) GDPR, as we do not operate our own Content Delivery Network.
You have the right to object to the processing. Whether the objection is successful will be determined through a balancing of interests.
The functionality of the website cannot be guaranteed without this processing.
Cloudflare retains your personal data for as long as necessary for the described purposes.
For more information on how to object to or remove your data from Cloudflare, please visit: Cloudflare Data Processing Addendum (DPA)
Cloudflare has implemented compliance measures for international data transfers. These measures apply to all global activities where Cloudflare processes personal data of individuals in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). For further information, please visit: https://www.cloudflare.com/cloudflare_customer_SCCs-German.pdf
1.10. PAYMENT SERVICE PROVIDERS
We use PayPal and Stripe as payment service providers. In addition to your IP address and browser data, they have access to your payment data (esp. credit card number). Paypal is an offer of PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg. The provider of Stripe is Stripe Payments Europe Limited, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland. The legal basis is Art. 6 (1) b) GDPR. We do not collect or process your personal data when you make a purchase via an App Store in our App. This data, in particular data for electronic payment processing, is only collected and processed directly by the app store concerned. When using the app stores, please note their data protection declarations (Apple App Store: www.apple.com/de/privacy/; Google Play Store: policies.google.com/privacy).
1.11. OTHER PURPOSES FOR WHICH WE PROCESS YOUR PERSONAL DATA
We process your personal data for:
fulfill existing and implement new business relationships. We will retain these for the duration of our business relationship. During our business relationship, we may collect contact information, professional qualification data (publications, etc.). Some data is obtained from public sources and websites. Legal basis: Art. 6 (1) b) and f) GDPR.
- To meet our legitimate interests (Art. 6 (1) f) GDPR), including the following:
- Enter into corporate transactions (e.g., restructuring, sale or assignment of assets, merger); and
- Protect our rights or property, enforce our terms of use and legal notices, and provide for the establishment, exercise and defense of legal claims.
- to fulfill our legal obligations, court orders or other binding decisions. The legal basis is Art. 6 (1) c) GDPR.
- with your consent (Art. 6 (1) a GDPR) for other purposes, such as subscription to a newsletter; in this case, you have the option to revoke your consent at any time.
1.12. NEWSLETTER
With your consent (Art. 6 (1) a GDPR), we use Brevo as our Newsletter provider.
When registering for the newsletter, personal information such as name, email address and IP address is stored and administered. The newsletter is sent using the email delivery service Sendinblue GmbH, a German company based at Köpenicker Str. 126, 10179 Berlin.
This allows us to analyse user behaviour when opening and clicking on the newsletter in order to improve our services. This consent can be revoked at any time by using the unsubscribe link in the newsletter. The data will be deleted once you have unsubscribed.
Further information on data processing can be found on the Brevo websites at www.brevo.com/de/legal/privacypolicy/ and www.brevo.com/de/informationen-newsletter-empfaenger.
1.13. SNAPCHAT
We use the Snap Inc. camera to offer you the usage of your 3D Collectibles as Augmented Reality wearables. In case of the usage of the lenses you accept to Snap Inc.’s Privacy Policy and Terms of Service.
Furthermore, some lenses process information about your face, hands and voice to work. Learn more here.
2. RECIPIENTS OF PERSONAL DATA
In addition to the recipients of personal mentioned above, we also use other companies to process personal data on our behalf, for example for hosting, technical support of our website, sending newsletters or for analysis and advertising purposes. Such service providers only process the data on our behalf as so-called processors (Art. 28 GDPR).
Furthermore, we will share your name and email address as necessary with our Creators, for example AC Milan, Sporthilfe or Frankfurt Galaxy, in the event of a previous purchase or free mint of a Collectible from the respective Creator. This only serves for the implementation of the cooperation or performance of a contract (e.g. for the allocation of rewards or utilities).
Furthermore, we transmit personal data to third parties if this is required by law, if this is necessary for the exercise and defense of legal claims or if third parties provide certain services for us (e.g., lawyers, tax consultants).
Insofar as we transfer personal data to third countries outside the EU, we ensure an appropriate level of data protection through contractual measures. You have the right to receive copies of these contracts.
3. COOKIES USE
In addition to the processing purposes mentioned above, we also use cookies when technically necessary to provide our website or certain content or when we are obliged to do so. For example, we set a cookie to store which cookies you have agreed to or which you have refused. This cookie expires after six months. The legal basis for the use of necessary cookies is Art. 6 (1) b) GDPR or Art. 6 (1) c) GDPR for legally obligatory processing of personal data.
Furthermore, we also use cookies to provide certain functionalities that are not technically necessary but make the use of our website more user-friendly. For example, cookies can be used to save certain preferences of the user, e.g. the display language, and to load them automatically the next time our website is called up. The legal basis for the use of functional cookies is Art. 6 (1) f) GDPR.
Non-required and non-functional cookies (e.g. for marketing purposes), on the other hand, are only processed with your consent. The legal basis for this is Art. 6 (1) a) GDPR.
Unless otherwise stated in this Privacy Policy, cookies remain stored for as long as necessary to fulfill the respective processing purposes. You can prevent the storage of cookies by browser preferences and delete them manually in your browser settings. Please note, however, that some cookies may be mandatory for the use of our website or individual functions.
You can find more information about the cookies set on this website and the possibility to revoke or give your consent here.
4. RETENTION PERIODS
Unless a specific duration of data storage is specified in this Privacy Policy, we will only process your data as long as this is necessary for the respective purposes or as long as there are legal retention obligations. After the respective processing purpose ceases to apply and retention obligations end, your data will be routinely deleted.
5. YOUR RIGHTS
You can request information about your stored data. If you have provided personal data on the basis of a contract or consent, you have the right to receive this data in a standard and machine-readable format.
In addition, in justified cases, you can also request the deletion, correction or restriction of the processing of your data.
You can revoke your consent at any time with effect for the future.
You can object to the processing of data processed on the basis of our legitimate interests at any time under the conditions of the GDPR.
6. CONTACT; COMPLAINT TO SUPERVISORY AUTHORITY
Please address your questions or concerns regarding the processing of your personal data to:
Fansea GmbH, Bethmannstr. 7-9, 60311 Frankfurt/Main, Germany
In case of questions and in case of possible concerns about the data processing, you can also contact a supervisory authority. The responsible supervisory authority for Fansea is:
The Hessian Commissioner for Data Protection and Freedom of Information, Gustav-Stresemann-Ring, 65189 Wiesbaden
