Privacy Policy
Last updated: January 31, 2024
1. General information
Thank you for visiting our website!
For this Privacy Policy (hereinafter – the “Policy”), “FragON”, “we,” “us”, and “our” refer to FS HOLDING LTD and our subsidiaries and affiliates, as the context requires.
Fragstore is an online store for gamers, e-sportsmen, anime fans and geek culture lovers.
All the terms and provisions should be perceived together with the Terms and conditions, which are available at the link: https://fragon.eu/terms-and-co... (hereinafter – the “Terms”).
The Policy is addressed to individuals outside our company with whom we interact through the Website, including the Visitors and the Customers (hereinafter together, “you”, “your”," the client’’).
This Policy contains detailed information about how and why we collect, use, disclose, and otherwise process Personal data, what information becomes available to us and third parties when you make purchases in FragON, such as when you:
- visit our website https://fragon.eu or any of our web sources, including social media pages, that link to the Policy:
- sign up for our newsletter;
- place orders for our products;
- take part in any sales, marketing or other events:
- interact with us in any other way.
The Policy relates only to the collection of the information described hereto and should be viewed as a supplement to any other notices or contractual terms provided to Customers.
2. Our contact details
If you have any questions about the Policy or our privacy practices, please contact us using the details below.
Company name: FS HOLDING LTD
Address: Office 102, KIBC, Profiti Ilias 4, Limassol, Cyprus
E-mail: [email protected]
3. The definitions we use
Capitalized words, both singular and plural, have the following meanings in this Policy:
The Applicable legislation – means the legislation in the field of protection and processing of personal data, which applies to the activities of the Fragstore, in particular, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation – “GDPR”) and other laws, under the scope of regulation of which the activities and/or separate processing of data of the Fragstore may fall.
The Customer – a person who places orders or communicates through the website https://fragon.eu/.
The Cookies – small pieces of data stored on your device (computer, smartphone, tablet, etc.) when you visit the Website.
The Data Subject – is a natural person whose Personal data is processed.
The Device – means any device that can access the Services, including the Website, such as a computer, mobile phone or tablet.
The IP address – internet protocol (IP) address that is a unique number, similar to your post address, associated with your Internet activity.
Personal data – information about a natural person who is identified or can be specifically identified.
The Pixels – the pieces of software code that are integrated into the Website code and allow tracking and analysis of user behaviour (which pages are visited, which links are followed, etc.).
Technical data – information collected by the Website when you visit it (for example, the IP address (web protocol) of the device you use, data about the web browser you use, your operating system, etc.).
The Visitor – a person who visits the website.
The Website – FragON website is available at the domain: https://fragon.eu/
Any capitalized definitions not otherwise defined in the Policy shall have the definitions outlined in the Terms.
4. Where does FragON get Personal data from?
We receive data directly from you in the following cases:
- through the registration form on the Website, when you create and use Customer’s account;
- when you place an order to buy products or by sending the forms from FragON through the Website or by phone;
- when you contact us by e-mail, telephone or our post address;
- during the conclusion and execution of the agreement (payments proceeding, delivery, guarantee support, etc[UH1] [IM2] .)
Payment Data. We may collect data necessary to process your payment if you make purchases, such as your payment instrument number. All payment data is stored by our service providers, such as PayPal, Google Pay and Apple Pay.
Social Media Login Data. We have the option to register an account in the Fragstore shop using your existing social media account details, like your Facebook, Google or another account. Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile information we receive may vary depending on the social media provider concerned but will often include your name, email address, friends list, profile picture, and other information you choose to make public on such a social media platform. We will use the information we receive only for the purposes described in this Policy. Please note that we do not control and are not responsible for how your third-party social media provider processes your Personal data. We recommend that you review their privacy policy to understand how they process your Personal data and how you can set your privacy preferences on their sites and apps.
Information is automatically collected
We process the Technical Data. Some of this data is collected automatically, for example, through your web browser (such as Google Chrome, Safari, Mozilla Firefox, Opera, or Microsoft Edge) when you use the Website.
This includes the following data:
IP address, browser data, including device and browser type, browser version, time zone setting, browser plug-in types and versions, operating system and platform, and other technology on the Devices you use to access this Website, data on the Visitor’s interaction with the Website (session ID).
The session ID includes your interaction with the Website; if you went to the Website by a link from another website - the address of this website; the functions of the Website used by you; viewed pages; length of stay; way of visiting our Website; date and time of visit and other diagnostic data.
We may use GPS and other technologies to collect geolocation data that tells us your current location (based on your IP address). You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your location setting on your device.
Usually, the technical data does not give us a real possibility to identify a specific natural person, directly or indirectly, and is therefore not considered Personal data. This data type will only be used by us in an aggregated and anonymized manner. For example, we may use this data to calculate the percentage of Visitors who access a particular feature of the Website, the number of Visitors from different geographical regions, etc.
However, suppose we combine or link such data with other personal data so that it can directly or indirectly identify the Data Subject. In that case, we treat the combined data as Personal data that will be used following this Policy.
We may receive information about you from some of our service providers (as specified in Article 8 below) who assist us with marketing or promotional services related to how you interact with the Website, promotions, advertisements, or communications.
We also use Cookies and similar technologies, such as Pixels. You can learn more about Cookies and how we use them in Article 10.
Automated processing of the Personal data, including profiling, is not performed.
All personal information you provide must be true, complete, and accurate, and you must notify us of any changes to such personal information.
5. How do we process Personal Data?
When Fragstore processes the personal data of our prospects, customers, and visitors, we act as the controller of such personal data.
Upon receipt of Personal Data, as the controller, we process it by the following:
The Purpose of the processing | The Legal basis | The Categories of Personal Data | The period of data storage |
To fulfil and manage Customer’s orders | Conclusion and execution of the agreement | First and last name, username, e-mail, mobile phone number, shipping address, billing address, purchase history, other information received from the Data Subject in course of performance of the sale agreement | During the fulfilment of sale agreement(s) and 6 (six) months after the Customer's account becomes idle. Some data may be stored for a longer time determined by Applicable legislation, in particular for accounting, tax and auditing purposes. |
Customer’s account creation and management | Conclusion and execution of the agreement | First and last name, mobile phone number, username, e-mail, profile picture, password, Social Media Login Data | 6 (six) months after the Customer's account becomes idle |
Receiving payments for products from Customers | Conclusion and execution of the agreement | First and last name, e-mail, mobile phone number, billing information, payment card data (partially) in case of online payment through payment providers, purchase history, other information received from the Data Subject in course of performance of the agreement | During the fulfilment of sale agreement(s) and 6 (six) months after the Customer's account becomes idle. Some data may be stored for a longer period of time determined by Applicable legislation, in particular for accounting, tax and auditing purposes |
To deliver targeted advertising to you | Legitimate interest to promote and popularize the Fragstore shop | the Technical Data, the session ID data | Up to 6 (six) months after the last visit of the Website |
Sending newsletter and other marketing communications to the Visitors and / or prospects | Consent | Username, E-mail | Until withdrawal of consent or up to 6 (six) months after the last visit of the Website |
Sending newsletter and other marketing communications to the Customers | Consent | Username, E-mail | Until withdrawal of consent or 6 (six) months after the Customer's account becomes idle |
To respond to inquiries and / or offer support | Legitimate interest to communicate with you and fulfilling your requests | Name and e-mail, other information received from the Data Subject | Until the purpose of the processing is achieved and up to 6 (six) months after the end of the communication |
Notifying the Customers on major changes in Terms, send other administrative information | Conclusion and execution of the agreement | Username, e-mail | 6 (six) months after the Customer's account becomes idle |
Administrating and protecting the Website | Legitimate interest to ensure stable operation of the Website, including fraud monitoring and protection against other threats | IP address, geolocation data, device and browser type, browser data, device data, session ID data, other Technical data | Within 6 (six) months from the day of the last visit to the Website |
Collecting Website’s statistics | Legitimate interest to investigate the use of the Website | the session ID data and other Technical data, data received from analytical tools, such as Google Analytics | Within 6 (six) months from the day of the last visit to the Website |
Exploring and analysis of our audience | Legitimate interest to develop and improve the Website and Customer’s experience | IP address, geolocation data, device data, browser data, other Technical data, data received from analytical tools, such as Google Analytics | Up to 6 (six) months from the day of collection |
Protecting our legal rights, resolve disputes | Legitimate interest to protect our business | First and last name, e-mail, mobile phone number, purchase history, address, billing information, other data, required for protection of legal rights | During limitation period for filing claim or lawsuit under applicable law, and in the case of financial and tax information - within the period required by applicable law[NS3] |
The period of data storage
We retain the client's Personal Data for as long as necessary to fulfil the purposes set out in this Privacy Policy (unless a more extended retention period is required by applicable law). The client's data related to his/her account is retained as long as the client maintains the account on the Company's website. Regarding data related to product purchases, we have this data for an extended period to meet our legal obligations (such as tax and commercial law and for warranty purposes). At the end of this retention period, the data will be deleted entirely or anonymized, for example, by aggregating with other data to be used non-identifiable for statistical analysis and business planning.
Examples of customer data retention periods:
Orders
When the client places an order, we will keep the personal data given to us for five years to comply with our legal and contractual obligations.
Guarantees
If the order included a warranty, the relevant personal data will be retained until the end of the warranty period.
Newsletter ("Come to our Company")
Until withdrawal of consent or 6 (six) months after the Customer's account becomes idle.
Website statistics are stored for up to 6 (six) months from the day of collection.
After the data storage period expires, anonymized data may continue to be stored for archival and statistical purposes or following the requirements of the Applicable legislation.
The right to opt-out (withdraw your consent)
You may opt out of receiving any or all communications from FragON, which we make under your consent, as specified in the table above.
You may also object to our use of your data based on a legitimate interest.
To do this, please follow the instructions in emails we send or by contacting us (see Section 2 of the Policy for our contact details).
Protection of Children
We do not knowingly collect personal information from persons under the age of 18 (hereinafter referred to as “Child” or “Children”). If you become aware that a Child has provided us with Personal Data, please get in touch with us. If we become mindful of the fact of collecting children's data, we will take measures to delete this information.
6. Where and how are Personal data stored?
Fragstore may accumulate the Personal data, inter alia by including this data in a personal database. The Personal data and databases are stored in our office: Limassol, Profiti Ilias 4, KIBC, office 102.
We also use the data centres of contractors who provide us with relevant services. You can get more detailed information in Section 8. Processors of the Personal Data hereto.
We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used, or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your data to those employees and contractors who have a business need to know. They will only process your data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
7. Does FragON transfer Personal data to third parties?
We understand the value of Personal data and make efforts to keep it private and secure.
We do not transfer Personal Data to third parties, except when such transfer is:
- as required by legislation and only (if necessary) in the interests of national security, economic well-being and human rights;
- at the request of the Data Subject;
- to our Processors, as specified in Article 8 of this Policy.
For example, we may disclose Personal Data if we believe it is necessary or appropriate to protect the rights, property, or safety of FragON, our partners, or others. This includes sharing information with other individuals and organizations to preserve or prevent crime.
8. Processors of the Personal data
We may engage third parties and/or individuals to facilitate the processing of the Personal data on our behalf, provide services such as data storage, assist in analyzing how our Website is used, improve the Website's usability, and other services necessary for the Website's operation and the achievement of the goals of our activities (hereinafter referred to as the “Processors”).
In particular, our Processors are:
1) Payment service providers
Some payment data is stored by our service providers, such as PayPal, Google Pay and Apple Pay.
You may find their privacy notice link(s) here:
https://www.paypal.com/us/legalhub/privacy-full
https://www.apple.com/legal/applepayments/privacy-notice/
2) Partners whose data centres we use:
a) Amazon Web Services EMEA SARL (AWS). Address: 38 Avenue John F. Kennedy, L-1855, Luxembourg. We use the data centre of AWS located in Germany, Frankfurt am Main. For more details about potential offices and servers of AWS or its affiliates, you may find them at the link: https://aws.amazon.com/legal/marketingentities/.
3) Our employees and independent contractors, who support FragON work;
4) Partners who help us analyze and collect data from the Website:
Google, Inc. Address: Google, Google Data Protection Office, 1600 Amphitheater Parkway, Mountain View, California 94043, USA - using Google Analytics, Google Analytics 4, and Google Forms services.
Google Analytics collects information anonymously. It reports website trends without identifying individual visitors. You can opt out of Google Analytics without affecting how you visit our site. For more information on opting out of being tracked by Google Analytics across all websites you use, visit the website at the link: https://tools.google.com/dlpage/gaoptout?hl=en.
For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/privacy?hl=en;
We also may use services of such partners as HubSpot, Clicky Analytics, SendPulse, Pixels and others.
6) Other contractors and suppliers whose services we use to achieve our activity's goal(s).
The Processors have access to client Personal Data only to perform tasks within the scope and purposes of the Personal Data processing by the Policy. They are contractually obligated not to disclose or use it for other purposes.
9. Cross-border data transfer
Your data may be used, stored and processed in other countries where our Processors are located. These locations may be outside of your country of residence or outside of your state/province and may have different data protection standards than your country/state/province.
Section 8 of the Policy above lists the Processors from foreign countries.
The transfer of Personal Data to foreign entities is carried out under the condition that the relevant state ensures adequate Personal data protection.
If the level of data protection does not meet European standards, data transfer takes place with appropriate safeguards based on EU standard data protection provisions. In particular, if we transfer personal data from the EU / EEA to countries with insufficient data protection, we rely on Data Processing Agreements (DPAs) and Standard Contractual Clauses (SCCs) approved by the European Commission or other grounds as required or permitted by Articles 46 and 49 GDPR.
10. How do we use Cookies and similar technologies?
We use Cookies and other technologies, such as Pixels, to improve the functionality of the Website and personalize your experience, to analyze information about your activities for a better understanding of how our Website is used and to customise our content, marketing strategy and online advertisements.
For example, the choice of your preferred language or the region that you are in is saved thanks to Cookies. Thus, you will not have to re-enter data or make settings when visiting the Website.
We also share information about your use of the Website and Services with our trusted social media, advertising and analytics partners (see details in Article 8 of the Policy).
You can allow or deny all Cookies, as well as personalize your settings. Cookies can be blocked by you at any time. With the help of a Cookie, we receive the Technical Data specified in the Policy.
You can see more details about how we use Cookies in our Cookie Policy at the link: https://fragon.eu/cookies-policy/
11. Limitation of liability regarding third-party resources
The Website may contain links to third-party resources posted for informational purposes. If you link to other resources, this Policy will not apply to such resources.
We are not responsible for the policies and practices of other companies, and any information that you provide to such companies is subject to their privacy policy or other document that regulates the processing of personal data.
If you leave the Website via a third-party web link, we recommend that you review the privacy policy of each website or service before submitting any personal data, and carefully review their terms of use.
For example, our Website contains links to social networks Facebook, Instagram, YouTube, etc.
Fragstore cannot guarantee the security of your Personal data when using the services of third parties, nor can it be responsible for their work, as it is not the owner of these resources.
12. Your rights regarding Personal data
In some regions (like the EU/EEA, UK, Canada, etc.), you have certain rights under applicable data protection laws.
Withdrawing your consent: If we are relying on your consent to process your Personal data, you have the right to withdraw your consent at any time by using the contact details provided in Section 5 How do we process Personal Data? The exercise of these rights does not affect your use of the Website.
Please note that this will not affect the lawfulness of the processing of your Personal data conducted in reliance on a lawful processing basis other than consent (see explaining table in Section 5 of the Policy).
Opting out of marketing communications: You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us using the details provided in section 2. You will then be removed from the marketing lists. However, we may still communicate with you, for example, to send you service-related messages, to respond to your requests, or for other non-marketing purposes.
Based on the applicable laws of your country, you may have the right to request access to the Personal data we collect from you, change that information, or delete it.
To request to review, update, or delete your Personal Data, please log into your account on the Website and visit the settings page. It is also enough to send a request to exercise rights regarding personal data by e-mail, with a note in the subject of the letter “Personal data”, to the e-mail address: [email protected]
Please note that we may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that Personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information about your request to speed up our response.
We try to respond to all legitimate requests at a reasonable time and within 1 (one) month. Occasionally, it could take us longer than a month if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.
If your request cannot be satisfied for legal reasons, you will receive a notification from us accordingly.
We will not charge you a fee for requesting unless your request(s) is excessive, repetitive, or manifestly unfounded. If we determine that your request warrants a fee, we will notify you of the fee and explain that decision before completing your request.
If you are located in the European Union (EU) and/or European Economic Area (EEA) or the UK, you have the following rights:
- the right to access, update, or delete the information we have on you;
- the right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete;
- the right to object. You have the right to object to our processing of your Personal data;
- the right of restriction. You have the right to request that we restrict the processing of your Personal data;
- the right to data portability. You have the right to be provided with a copy of your Personal data in a structured, machine-readable and commonly used format;
- the right to withdraw consent. You have the right to withdraw your consent at any time when we rely on your consent to process your Personal data.
If you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
13. Policy update
FragON may update this Policy at its sole discretion from time to time. The updated version will be indicated by an “Update” date and the updated version will be effective as soon as it is accessible.
The publication of the new version of the Policy on the Website will be considered as the notification of the Customers and Visitors about the change of the Policy. We encourage you to review this Policy frequently to be informed of how we are protecting your information.
When you interact with the Website, you confirm that you have read the current terms of the Policy.
If any part of this Policy is invalid, the remaining parts will remain in effect.
If the Policy is published in different language versions, the English version will prevail.
[UH1]In the questionnaire you choose, there are several other sources to collect personal data:
- Received from third parties
- Independently obtained from external sources
- Analytical software
However, you do not specify from which one. This should be identified and described to data subjects.
[IM2]We usually collect from the events and exhibitions which may be different, from analytical software such as SendPuls, Google Analytics, CRM and HubSpot.
[NS3]Delete this column since we will explain the time we store data in an additional paragraph below.