Privacy Policy
Fairyfly GmbH - Transparent handling of your data
1. Person responsible for data processing
Fairyfly GmbH
Serhat Kenar (Managing Director)
Mühlenstr. 8A
14167 Berlin
Germany
Email: kontakt@fairyfly.de
2. General information on data processing
Scope of processing of personal data
We generally only process our users' personal data to the extent necessary to provide a functional website and our content and services. The processing of our users' personal data generally only occurs with the user's consent. An exception applies in cases where prior consent cannot be obtained for practical reasons and the processing of the data is permitted by law.
Legal basis for the processing of personal data
If we obtain the consent of the data subject for processing personal data, Article 6 (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
For the processing of personal data necessary to fulfill a contract to which the data subject is a party, Article 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations necessary to implement pre-contractual measures.
To the extent that processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 (1) (c) GDPR serves as the legal basis.
If processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 (1) (f) GDPR serves as the legal basis for processing.
3. Provision of the website and creation of log files
Description and scope of data processing
Each time you access our website, our system automatically collects data and information from the computer system of the accessing computer.
The following data is collected:
- Information about the browser type and version used
- The user's operating system
- The user's Internet service provider
- The user's IP address
- Date and time of access
- Websites from which the user's system accesses our website
- Websites accessed by the user's system via our website
The data is also stored in our system's log files. This data is not stored together with other personal user data.
Legal basis and purpose of data processing
The legal basis for the temporary storage of data and log files is Art. 6 (1) (f) GDPR. Our legitimate interest lies in ensuring the functionality of the website, improving our offering, and ensuring the security of our information technology systems.
4. Use of cookies
Description and scope of data processing
Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user visits a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is visited again.
| Cookie type | Purpose | Storage period |
|---|---|---|
| Technically necessary cookies | Shopping cart, session management | Session end |
| Shopify cookies | E-commerce features | Up to 2 years |
| Preference cookies | User settings | Up to 1 year |
Legal basis and purpose of data processing
The purpose of using technically necessary cookies is to simplify website use for users. Some features of our website cannot be offered without the use of cookies. These require that the browser be recognized even after changing pages.
5. E-commerce via Shopify
Our online store is operated via the Shopify platform. Shopify Inc. (151 O'Connor Street, Ground Floor, Ottawa, ON K2P 2L8, Canada) is a certified data processor pursuant to Art. 28 GDPR.
Data processing for orders
When you place an order in our shop, we collect the following data:
- Name and address
- E-mail address
- Telephone number (optional)
- Payment information
- Order details
This data is processed for contract execution and to fulfill statutory retention obligations. The legal basis is Art. 6 (1) (b) and (c) GDPR.
6. Payment service providers
Data transfer to payment providers
Depending on the payment method chosen, we pass on the data required for payment processing to the following service providers:
| Payment method | service provider | Transmitted data |
|---|---|---|
| credit card | Shopify Payments | Name, address, credit card details |
| PayPal | PayPal (Europe) S.à rl et Cie, SCA | Name, address, amount |
| Klarna | Klarna Bank AB | Name, address, credit information |
| Instant bank transfer | Sofort GmbH | Name, address, bank details |
The data transfer is based on Art. 6 (1) (b) GDPR for the purpose of contract fulfilment and complies with the respective data protection regulations of the payment service providers.
7. Shipping service provider
To deliver the goods, we will pass on your name and delivery address to the following shipping companies:
- Deutsche Post AG
- DHL Parcel GmbH
The transmission is carried out for the purpose of fulfilling the contract in accordance with Art. 6 (1) (b) GDPR.
8. Email contact
Description and scope of data processing
If you contact us by email, the user's personal data transmitted with the email will be stored. This data will not be shared with third parties. The data will be used exclusively for processing the conversation.
Legal basis and purpose of data processing
The legal basis for processing the data, provided the user has given their consent, is Art. 6 (1) (a) GDPR. The legal basis for processing data transmitted when sending an email is Art. 6 (1) (f) GDPR. If the email contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR.
9. Data storage period
Personal data will be deleted as soon as the purpose for which it was stored no longer applies. Storage may also occur if this has been provided for by European or national legislators in EU regulations, laws, or other provisions.
| Data type | Storage period | Legal basis |
|---|---|---|
| Order data | 10 years | § 147 AO, § 257 HGB |
| Contact requests | 3 years | Legitimate interest |
| Log files | 7 days | Technical safety |
| Cookies | See cookie table | Functionality |
10. Your rights as a data subject
Right to information (Art. 15 GDPR)
You have the right to request confirmation from us as to whether personal data concerning you is being processed.
Right to rectification (Article 16 GDPR)
You have the right to request the immediate rectification of inaccurate personal data concerning you.
Right to erasure (Article 17 GDPR)
You have the right to request that we delete personal data concerning you immediately.
Right to restriction of processing (Art. 18 GDPR)
You have the right to request that we restrict processing.
Right to data portability (Article 20 GDPR)
You have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format.
Right of objection (Art. 21 GDPR)
You have the right to object at any time to the processing of personal data concerning you for reasons related to your particular situation.
Revocation of consent
You have the right to revoke your consent at any time.
11. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data concerning you infringes the GDPR.
Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstrasse 219
10969 Berlin
Phone: 030 13889-0
Email: mailbox@datenschutz-berlin.de
12. Contact for data protection questions
If you have any questions about data protection or the exercise of your rights, please contact:
Attn: Serhat Kenar
Mühlenstr. 8A
14167 Berlin
Email: kontakt@fairyfly.de
Subject: "Data Protection - [Your Concern]"
Fairyfly GmbH - GDPR-compliant data processing
