Fragstore Privacy Policy

Last updated: May 15, 2023

 

1. General information

Thank you for visiting our website!

For the purposes of this Privacy Policy (hereinafter – the “Policy”), “Fragstore”, “we,” “us” and “our” refer to of the FS HOLDING LTD.

Fragstore is an online store for gamers, e-sportsmen, anime fans and geek culture lovers.

All the terms and provisions should be perceived together with the Terms and conditions, which are available at the link: https://fragstore.com/terms-an... (hereinafter – the “Terms”).

The Policy is addressed to individuals outside our company with whom we interact through the Website, including the Visitors and the Customers (hereinafter together, “you”, “your”).

This Policy contains detailed information about how and why we collect, use, disclose, and otherwise process Personal data, what information becomes available to us and third parties when you make purchases in Fragstore, such as when you:

- visit our website https://fragstore.com/ or any our web-sources, that links to the Policy;

- sign up to our newsletter;

- place orders for our products;

- take part in any sales, marketing, or other event;

- interact with us in any other way.

The Policy relates only to collection of the information described hereto and should be viewed as a supplement to any other notices or contractual terms provided to Customers.

 

2. Our contact details

If you have any questions about the Policy or our privacy practices, please contact us using the details below.

Company name: FS HOLDING LTD

Address: office 102, KIBC, Profiti Ilias 4, Limassol, Cyprus

E-mail: [email protected]


3. The definitions we use

Capitalized words, both singular and plural, have the following meanings in this Policy:

the Applicable legislation – means the legislation in the field of protection and processing of personal data, which applies to the activities of the Fragstore, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation – “GDPR”) and other laws, under the scope of regulation of which the activities and / or separate processing of data of the Fragstore may fall.

the Customer – a person who place orders and purchase products in Fragstore shop.

the Cookies – small pieces of data that are stored on your device (computer, smartphone, tablet, etc.) when you visit the Website.

the Data Subject – is a natural person whose Personal data is processed.

the Device – means any device that can access the Website, such as a computer, mobile phone, or tablet.

the IP address – internet protocol (IP) address that is a unique number, like your post address, associated with your Internet activity.

the Personal data – information about a natural person who is identified or can be specifically identified.

the Pixels – the pieces of software code that are integrated into the website code and allow tracking and analysis of User behaviour (which pages are visited, which links are followed, etc.).

the Technical data – information that is collected by the Website when you visit it (for example, the IP address (web protocol) of the device you use, data about the web browser you use, your operating system, etc.).

the Visitor – a person who visits the Website.

the Website – Fragstore website, available at the domain: https://fragstore.com/.

Any capitalized definitions not otherwise defined in the Policy shall have the definitions set forth in the Terms.


4. Where does Fragstore get Personal data from?

We receive data directly from you in the following cases:

- through the registration form on the Website when you create and use Customer’s account.

- when you place an order to buy products from Fragstore shop through the Website, by the phone or in our retail store(s).

- when you contact us by e-mail, telephone, or our post address.

- during conclusion and execution of the agreement (payments proceeding, delivery, guarantee support, etc.).

- during online and offline meetings, presentations, events, and exhibitions, etc.

Payment Data. We may collect data necessary to process your payment if you make purchases, such as your payment instrument number. All payment data is stored by our service providers, such as PayPal, Google Pay and Apple Pay.

Social Media Login Data. We have the option to register account in Fragstore shop, using your existing social media account details, like your Facebook, Google, or other account. Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile information we receive may vary depending on the social media provider concerned, but will often include your name, email address, profile picture, language settings, as well as other information you choose to make public on such a social media platform. We will use the information we receive only for the purposes that are described in this Policy. Please note that we do not control and are not responsible for those how your third-party social media provider processes your Personal data. We recommend that you review their privacy policy to understand how they process your Personal data, and how you can set your privacy preferences on their sites and apps.

Information automatically collected.

We process the Technical Data. Some of this data is collected automatically, for example through your web browser (such as Google Chrome, Safari, Mozilla Firefox, Opera, Microsoft Edge), when you use the Website.

This includes the following data:

IP address, browser data, including device and browser type, browser version, time zone setting, browser plug-in types and versions, operating system and platform, and other technology on the Devices you use to access this Website, data on the Visitor’s interaction with the Website (session ID).

The session ID includes: your interaction with the Website; if you went to the Website by a link from another website - the address of this website; the functions of the Website used by you; viewed pages; length of stay; way of visiting our Website; date and time of visit and other diagnostic data.

We may use GPS and other technologies to collect geolocation data that tells us your current location (based on your IP address). You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your location setting on your device.

Usually, the technical data does not give us a real possibility to identify specific natural person, directly or indirectly, and is therefore not considered Personal data. This type of data will only be used by us in an aggregated and anonymized manner. For example, we may use this data to calculate the percentage of the Visitors who access a particular feature of the Website, the number of the Visitors from different geographical regions, etc.

However, if we combine or link such data with other personal data so that it can directly or indirectly identify the Data Subject, we treat the combined data as Personal data that will be used in accordance with this Policy.

We may receive information about you from some of our service providers (as specified in Article 8 below) who assist us with marketing or promotional services, related to how you interact with the Website, promotions, advertisements, or communications.

We also use Cookies and similar technologies, such as Pixels. You can learn more about Cookies and how we use them in Article 10 hereto.

Automated processing of the personal data, including profiling is not performed.

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.


5. How do we process Personal Data?

When Fragstore process Personal data of our prospects or the Customers, the Visitors, we act like controller of such Personal data.

Upon receipt of Personal Data, as the controller we process it in accordance with the following:

The Purpose of the processing

The Legal basis

The Categories of personal data

The period of data storage

Account registration and authorization of the Visitors

Conclusion and execution of the agreement

First and last name, mobile phone number, username, e-mail, profile picture, password, Social Media Login Data

Between 6 – 10 years after the Customer's account becomes idle

To fulfill and manage Customer’s orders

Conclusion and execution of the agreement

First and last name, username, e-mail, mobile phone number, shipping address, billing address, purchase history, other information received from the Data Subject in course of performance of the sale agreement

During the fulfilment of sale agreement(s) and between 6 – 10 years after the Customer's account becomes idle.

Some data may be stored for a longer period determined by Applicable legislation, for accounting, tax and auditing purposes.

Receiving payments from Customers

Conclusion and execution of the agreement

First and last name, e-mail, mobile phone number, billing information, payment card data (partially) in case of online payment through payment providers, purchase history, other information received from the Data Subject in course of performance of the agreement

During the fulfilment of sale agreement(s) between 6 – 10 years after the Customer's account becomes idle. Some data may be stored for a longer period determined by Applicable legislation, in particular for accounting, tax and auditing purposes

Delivering personalized advertising

Consent

the Technical Data, the session ID data, Social Media Login Data

Between 6 - 10 years after the last visit of the Website

Sending newsletter and other marketing communications to the Visitors and / or prospects

Consent

Username, E-mail

Until withdrawal of consent or between 6 - 10 years after the last visit of the Website

Sending newsletter and other marketing communications to the Customers

Consent

Username, E-mail

Until withdrawal of consent or up to 10 years after the Customer's account becomes idle

To respond to inquiries and / or offer support

Legitimate interest to communicate with you and fulfilling your requests

Name and e-mail, other information received from the Data Subject

Until the purpose of the processing is achieved and between 6 – 10 years after the end of the communication

Notifying the Customers on major changes in Terms, send other administrative information

Conclusion and execution of the agreement

Username, e-mail

Between 6 – 10 years months after the Customer's account becomes idle

Administrating and protecting the Website

Legitimate interest to ensure stable operation of the Website, including fraud monitoring and protection against other threats

IP address, geolocation data, device and browser type, browser data, device data, session ID data, other technical data

Between 6 – 10 years from the day of the last visit to the Website

Collecting Website’s statistics

Legitimate interest to investigate the use of the Website

the session ID data and other technical data, data received from analytical tools, such as Google Analytics

Between 6 – 10 years from the day of the last visit to the Website

Exploring and analysis of our audience

Legitimate interest to develop and improve the Website and Customer’s experience

IP address, geolocation data, device data, browser data, other technical data, data received from analytical tools, such as Google Analytics

Up to 10 years from the day of collection

Protecting our legal rights, resolve disputes

Legitimate interest to protect our business

First and last name, e-mail, mobile phone number, purchase history, address, billing information, other data, required for protection of legal rights

During limitation period for filing claim or lawsuit under applicable law, and in the case of financial and tax information - within the period required by applicable law

 

Our Privacy Policy revolves around safeguarding your personal information. We understand the importance of maintaining the confidentiality and security of the data you entrust to us. Subject to any legal obligations, we will retain the information you provide for as long as it is necessary to deliver the requested services to you. This includes the duration of your Fragstore Account, if applicable. Alternatively, we will keep your data until you request its deletion, whichever occurs first. We are committed to respecting your privacy and ensuring that your information is handled responsibly and in accordance with applicable laws and regulations.

THE RIGHT TO OPT-OUT (WITHDRAW YOUR CONSENT) AND OBJECT

You may opt out of receiving any, or all, of communications from Fragstore, which we make under your consent, as specified in the table above.

For do this, please follow the instructions provided in e-mails we send (unsubscribe button in the footer of the e-mail) or by contacting us (see Section 2 of the Policy for our contact details).

You may also object to our use of your data based on a legitimate interest.

Protection of children

We do not knowingly collect personal information from persons under the age of 18 (hereinafter referred to as “Child”, “Children”). If you become aware that a Child has provided us with the Personal data, please contact us. If we become aware of the fact of collecting Children's Personal Data, we take measures to delete this information.


6. Where and how are Personal data stored?

Fragstore may accumulate the Personal data, inter alia by including this data in a personal database. The Personal data and databases are stored in our office: Limassol, Profiti Ilias 4, KIBC, office 102.

We also use the data centres of contractors who provide us with relevant services. You can get more detailed information in Section 8. Processors of the Personal Data hereto.

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, contractors who have a business need to know. They will only process your Personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.


7. Does Fragstore transfer Personal data to third parties?

We understand the value of Personal data and make efforts to keep it private and secure.

We do not transfer Personal Data to third parties, except when such transfer is:

- as required by legislation and only (if necessary) in the interests of national security, economic well-being and human rights;

- at the request of the Data Subject;

- to our Processors, as specified in Article 8 of this Policy.

For example, we may disclose the Personal data if we believe it is necessary or appropriate to protect the rights, property, or safety of Fragstore, our partners, or other persons. This includes sharing information with other individuals and organizations for the purpose of protecting or preventing crime.


8. Processors of the Personal data

We may engage third parties and/or individuals to facilitate the processing of the Personal data on our behalf, provide services such as data storage, assistance in analysing how our Website is used, improving the Website's usability, and other services necessary for the Website's operation and the achievement of the goals of our activities (hereinafter referred to as the “Processors”).

Our Processors are:

1) Payment service providers

Some payment data is stored by our service providers, such as Stripe, PayPal, Google Pay and Apple Pay.

You may find their privacy notice link(s) here:

https://www.paypal.com/us/lega...

https://payments.google.com/pa...

https://www.apple.com/legal/ap...

https://stripe.com/en-gb-cy/pr...

2) Partners whose data centres we use:

Amazon Web Services EMEA SARL (AWS). Address: 38 Avenue John F. Kennedy, L-1855, Luxembourg. We use the data centre of AWS located in Germany. More details about servers of AWS or its affiliates you may find at the link: https://aws.amazon.com/legal/m.... Privacy policy: https://aws.amazon.com/privacy...

3) Delivery and shipment companies such as DHL, UPS, DPD, FedEx, Packeta, Ceska Posta, CFS Česká Třebová s.r.o., and other courier or logistic companies which might be added;

4) Partners who help us analyse and collect data from the Website:

Google, Inc. Address: Google, Google Data Protection Office, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA - in terms of using Google Analytics, Google Analytics 4, Google Forms services. Google Analytics collects information anonymously. It reports website trends without identifying individual visitors. You can opt out of Google Analytics without affecting how you visit our site. For more information on opting out of being tracked by Google Analytics across all websites you use, visit the website at the link: https://tools.google.com/dlpag....

For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/pr...;

We also may use services of such partners as: HubSpot, Clicky Analytics, Meta (Facebook) Pixels and others.

5) Advertisement partners ­

We may partner with third party advertising networks to show advertising on other websites and online sources, such as:

Google, Inc, Address: Google, Google Data Protection Office, 1600 Amphitheater Parkway, Mountain View, California 94043, USA. Privacy policy: https://policies.google.com/pr...;

Meta Platforms, Inc., when using Meta (Facebook) Pixel. Address: 1601 Willow Road, Menlo Park, CA 94025. Privacy policy: https://www.facebook.com/priva...

We and our analytic providers and advertisement partners may use Cookies and other tracking technologies, such as Pixels, to collect information about your online activities over time and across different websites and other online services, in order to provide you with personalized advertising based on your browsing activities and interests. For more information about Cookies and other tracking technologies, please see our Cookie Policy at the linkhttps://fragstore.com/cookies-...

6) Partners who provide us with marketing and sales tools (mailing, CRM, etc.), such as SendPulse (you may find their privacy policy at the link: https://sendpulse.com/legal/pp).

7) Our employees and independent contractors, who support Fragstore shop work, including retail shop(s);

8) Other contractors, suppliers whose services we use to achieve the goal(s) of our activity.

The Processors have access to your Personal data only to perform tasks within the scope and purposes of the Personal data processing in accordance with the Policy and are contractually obligated not to disclose or use it for any other purposes.


9. Cross-border data transfer

Your data may be used, stored, and processed in other countries where our Processors are located. These locations may be outside of your country of residence or outside of your state/province and may have different data protection standards than your country/state/province.

The Processors from foreign countries are listed in Section 8 of the Policy above.

The transfer of Personal Data to foreign entities is carried out under the condition that the relevant state ensures adequate protection of Personal data.

If the level of data protection does not meet the European standard, data transfer takes place with appropriate safeguards and based on standard EU data protection provisions. If we transfer personal data from the EU / EEA to countries with insufficient data protection, we rely on Data Processing Agreements (DPAs) and Standard Contractual Clauses (SCCs) approved by the European Commission or other grounds as required or permitted by Articles 46 and 49 GDPR.

10. How do we use Cookies and similar technologies?

We use Cookies and other technologies, such as Pixels, to improve functionality of the Website and personalize your experience, to analyse information about your activities for better understanding how our Website is used and to customize our content, marketing strategy and online advertisements.

For example, the choice of your preferred language or the region that you are in is saved thanks to Cookies. Thus, you will not have to re-enter data or make settings when visiting the Website.

We also share information about your use of the Website with our trusted social media, advertising, and analytics partners (see details in Article 8 of the Policy).

You can allow or deny all Cookies, as well as personalize your settings. Cookies can be blocked by you at any time. With the help of a Cookie, we receive the Technical Data specified in the Policy.

You can see more details about how we use Cookies in our Cookie Policy at the link: https://fragstore.com/cookies-...  

 

11. Limitation of liability regarding third-party resources

The Website may contain links to third-party resources posted for informational purposes. If you link to other resources, this Policy will not apply to such resources.

We are not responsible for the policies and practices of other companies, and any information that you provide to such companies is subject to their privacy policy or other document that regulates the processing of personal data.

If you leave the Website via a third-party web link, we recommend that you review the privacy policy of each website or service before submitting any personal data, and carefully review their terms of use.

For example, our Website contains links to social networks Facebook, Instagram, YouTube, etc.

Fragstore cannot guarantee the security of your Personal data when using the services of third parties, nor can it be responsible for their work, as it is not the owner of these resources.

 

12. Your rights regarding the Personal data

In some regions (like the EU/EEA, UK, Canada, etc.), you have certain rights under applicable data protection laws.

Withdrawing your consent: If we are relying on your consent to process your Personal data, you have the right to withdraw your consent at any time by using the contact details provided in the Section 5 How do we process Personal Data? The exercise of these rights does not affect your use of the Website.

Please note that this will not affect the lawfulness of the processing of your Personal data conducted in reliance on lawful processing basis other than consent (see explaining table in Section 5 of the Policy).

Opting out of marketing communications: You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us using the details provided in the section 2. You will then be removed from the marketing lists. However, we may still communicate with you, for example, to send you service-related messages, to respond to your requests, or for other non-marketing purposes.

Based on the applicable laws of your country, you may have the right to request access to the Personal data we collect from you, change that information, or delete it.

To request to review, update, or delete your Personal data, please login into your account on the Website and visiting the settings page. It is also enough to send request to exercise rights regarding personal data by e-mail, with a note in the subject of the letter “Personal data”, to the e-mail address: [email protected]

Please note that we may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that Personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests at reasonable time and within 1 (one) month. Occasionally it could take us longer than a month if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.

If your request cannot be satisfied for legal reasons, you will receive a notification from us accordingly.

We will not charge you a fee for making a request unless your request(s) is excessive, repetitive, or manifestly unfounded. If we determine that your request warrants a fee, we will notify you of the fee and explain that decision before completing your request.

If you are in the European Union (EU) and/or European Economic Area (EEA) or UK, you have the following rights:

- the right to access, update or to delete the information we have on you;

- the right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete;

- the right to object. You have the right to object to our processing of your Personal data;

- the right of restriction. You have the right to request that we restrict the processing of your Personal data;

- the right to data portability. You have the right to be provided with a copy of your Personal data in a structured, machine-readable and commonly used format;

- the right to withdraw consent. You have the right to withdraw your consent at any time where we rely on your consent to process your Personal data.

If you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: https://ec.europa.eu/justice/d....

Your California Privacy Rights

If you are California resident, you have the right to request and obtain from us once a year, information about categories of customer personal information we shared, if any, to third parties for their own direct marketing use in the immediately preceding calendar year (e.g., request made in 2023 will receive information regarding 2022 sharing activities).

If you would like to make such request, please send e-mail to [email protected] or submit your request in writing to us using our contact:

Company: FS HOLDING LTD

Address: office 102, KIBC, Profiti Ilias 4, Limassol, Cyprus

Please specify the subject of the request: “California Shine the Light Request”.

Before making request, please check the following Sections of this Policy:

4. Where does Fragstore get data from?

5. How do we process Personal Data?

8. Processors of the Personal data.

We are not subject to CCPA (CPRA).


13. Policy update

Fragstore may update this Policy at its sole discretion from time to time. The updated version will be indicated by an “Update” date and the updated version will be effective as soon as it is accessible.

The publication of the new version of the Policy on the Website will be considered as the notification of the Customers and the Visitors about the change of the Policy. We encourage you to review this Policy frequently to be informed of how we are protecting your information.

If we make material changes to this Policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification (in pop-up windows on the Website, sending e-mails or by other available means).

When you interact with the Website, you confirm that you have read the current terms of the Policy.

In the event that any part of this Policy is invalid, the remaining parts will remain in effect.

If the Policy is published in different language versions, the English version will prevail.