We want you to feel comfortable when using www.fancify.com (our website) and fancify our software (that you use on your website) and not have to worry about the security of your data. That is why data privacy is an integral part of our philosophy.
In this Privacy Policy, you will find all the information about which Personal Data we collect and process and for what purpose. Equally, we will also inform you of your data protection rights and how you can assert them.
Hello. Here's how we protect your data and respect your privacy.
Personal Data is any information relating to an identified or identifiable natural person. This includes, for example, name or address data, telephone number, mobile number, or online identifiers such as your device id and your IP address.
"Processing" means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means. The term is broad and covers virtually any handling of data.
The responsible party for data processing is Fancify LLC, located at 8 The Green, #6380, Dover, DE 19901 (“Fancify”, “we”, “us”, or “our”).
If you have any questions or if you wish to exercise your rights, please contact us by email using hello [at] fancify.com.
Our use of your Personal Data is subject to the:
and of course we process your Personal Data accordingly.
In accordance with the above laws and good practice, we have to have at least one of the following to process your Personal Data:
We process and store your Personal Data only for the period of time required to achieve the respective processing purpose or for as long as a legal retention period exists. Once the purpose has been achieved or the retention period has expired, the corresponding data is routinely deleted.
When you access our website, some access data is recorded automatically and stored in a log file on our website's server. This means if you browse and simply have a look at our website, we process:
The legal basis for processing is our legitimate interest.
We use Firebase Hosting by Google for the purpose of hosting and displaying our website and SaaS. Google does so on our behalf, and that also means that all data collected on our website and SaaS is processed on Google's servers. The basis for processing is our legitimate interest, and the initiation and/or fulfillment of a contract.
We use so-called cookies on our website. Cookies are pieces of information that are transmitted from our web server or third-party web servers to your web browser and stored there for later retrieval. Cookies may be small files or other types of information storage.
There are different types of cookies:
Essential cookies
Essential cookies are cookies to provide a correct and user-friendly website;
Non Essential cookies
Non-essential Cookies are any cookies that do not fall within the definition of essential cookies, such as cookies used to analyze your behavior on a website (“analytical” cookies) or cookies used to display advertisements to you (“advertising” cookies).
Essential Cookies
Essential cookies are cookies to provide a correct and user-friendly website;
Non-Essential Cookies
Non-essential Cookies are any cookies that do not fall within the definition of essential cookies, such as cookies used to analyze your behavior on a website (“analytical” cookies) or cookies used to display advertisements to you (“advertising” cookies).
We think it is important that you should have full control over your privacy online, we refrained from placing Non-essential Cookies and as such we are not required to obtain any consents. Nonetheless, this may change, and we ask you to regularly check this policy for any updates.
You can contact us in various ways and data is always collected in the process. You provide us with most of the data that we process when you contact us such as your name, and email address. This data is collected and processed exclusively for the purpose of contacting you and processing your request and then deleted again, provided that there is no legal obligation to retain it.
We process the personal data that arises when you use our services in order to provide our contractual services. This may include support, correspondence with you, invoicing, fulfillment of our contractual, accounting and tax obligations and other business obligations. Accordingly, the data is processed on the basis of the fulfillment of our contractual obligations and our legal obligations.
For this purpose, you can choose a password together with your email address. The legal basis for processing is our legitimate interest, the provision or initiation of a contractual service and your consent.
Alternatively, you are able to sign up using the convenience feature from Google or Facebook. For convenience login and sign up, you will be asked to provide your basic information (i.e., name, email address, and display picture) which is linked to your Google or Facebook account. When registering via convenience functions, you consent to certain data from your respective profile of being transferred to us.
If you wish to use our SaaS and its features, we process the Personal Data you provide. Depending on how you use our SaaS, you may integrate your Social Media accounts. While the integration is done using the Application Programming Interface (“API”) of the relevant Social Media account you wish to integrate, or via the API’s of the relevant email marketing platforms, the content integrated (such as your Posts, Videos, and Images) or distributed ( such as your marketing emails) is solely controlled by you. In this sense you have full control over how you use our SaaS and the Personal Data that is processed by us (“Service Data”). The legal basis is the provision of a contractual service.
We recognize that you own your Service Data. We provide you complete control of your Service Data by providing you the ability to (i) access your Service Data, (ii) share your Service Data through our SaaS. Where we process Service Data as Data Processor or in other words on behalf of you, we will process the Service Data involved in your use of our SaaS in accordance with your instructions and shall use it only for the purposes agreed between you and us.
We ensure that access by our employees to your data is only available on a need-to-know basis, restricted to specific individuals, and is logged and audited. We communicate our privacy and security guidelines to our employees and enforce privacy and protection safeguards strictly.
Some jurisdictions may require you to disclose your use of our SaaS as your processor in your privacy policy and/or data processing agreement as applicable. For this purpose all Service Data processed by us will be processed using Google’s Firestore Database (for data management) and Google’s Firebase Storage (for file storage and management) and take appropriate legal precautions and corresponding technical and organizational measures to ensure the protection of Service Data and Personal Data.
Further and if you are providing us with Personal Data relating to a third party, you agree a) that you have in place all necessary appropriate consents and b) that such third party has read this Privacy Policy. You agree to indemnify us in relation to all and any liabilities, penalties, fines, awards, or costs arising from your non-compliance with these requirements.
If you create a support ticket, we will request Personal Data and, where applicable, non-Personal Data in accordance with your request, this may include your name, email address and other order related data you voluntarily provide. The data provided is not shared with third parties and cannot read your data when it is entered. If you submit a support ticket, we process the data for the purpose of processing and handling your ticket.
Our employees will also have access to data that you knowingly share with us for technical support or to import data into our services. We communicate our privacy and security guidelines to our employees and enforce privacy safeguards strictly. The legal basis of the data processing is our obligation to fulfill the contract and/or our legitimate interest in processing your support ticket.
If you make a payment, your payment data will be processed via our payment service provider Stripe. Payment data will solely be processed by Stripe and we have no access to any Payment Data you may submit. The legal basis for the provision of a payment system is the establishment and implementation of the user contract for the use of the service.
We do not sell your Personal Data or Service Data.
We do not sell anonymized Personal Data or Service Data.
We do not use Automated decision-making including profiling.
We do not request Personal Data from minors and children.
In certain cases, it is necessary to transmit the processed Personal Data in the course of data processing. In this respect, there are different recipient bodies and categories of recipients.
If necessary, we transfer your Personal Data within Fancify. Of course, we comply with the associated legal framework and ensure that your data is processed properly. Access to your Personal Data is only granted to authorized employees who need access to the data due to their job, e.g., to provide our services or to contact you in case of queries.
Personal Data is transferred to our service providers in the following instances:
We may transfer your Personal Data to other companies as necessary for the purposes described in this Privacy Policy. In order to provide adequate protection for your Personal Data when it is transferred, we have contractual arrangements regarding such transfers. We take all reasonable technical and organizational measures to protect the Personal Data we transfer.
In order to protect the data stored with us in the best possible way against accidental or intentional manipulation, loss, destruction or access by unauthorized persons, we use appropriate technical and organizational security measures. The security levels are continuously reviewed in cooperation with security experts and adapted to new security standards.
Nevertheless, internet-based data transmissions can always have security gaps, so that absolute protection cannot be guaranteed. And databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised as expeditiously as possible after which the breach was discovered.
And please remember:
Insofar as you have given us your separate consent to process your data for marketing and advertising purposes, we are entitled to contact you for these purposes via the communication channels you have given your consent to.
You may give us your consent in a number of ways including by selecting a box on a form where we seek your permission, or sometimes your consent is implied from your interactions or contractual relationship. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving marketing communication based on your interactions or contractual relationship with us.
Under the DPDPA, DPA and GDPR, you have the following rights:
Under the PIPA, you have the following rights:
Under the CCPA and the CPRA you have the following rights:
Further, California’s “Shine the Light” law (Civil Code Section 1798.83) requires us to respond to requests from California asking about the business’s practices related to disclosing Personal Information to third parties for the third parties’ direct marketing purposes. You may make a request about our collection and disclosure of your Personal Information using the contact details provided.
If you believe that the information we hold about you is inaccurate or request its rectification, deletion, or object to its processing, please do so in your account or by contacting us.
You can withdraw consents you have given at any time by contacting us.
In the event you want to make a Data Subject Access Request, please contact us. We will respond to requests regarding access and correction as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days, we will tell you why and when we will be able to respond to your request. If we are unable to provide you with any Personal Data or to make a correction requested by you, we will tell you why.
In conformity with the Children’s Online Privacy Protection Act (COPPA), we do not specifically market to children under the age of 13 years old.
To be in accordance with CAN SPAM, we agree to unsubscribe you promptly from ALL our marketing correspondence upon receiving your request.
If we send you SMS marketing communications, you may manage your receipt of marketing and non-transactional communications from us by replying or texting ‘STOP’.
As there is no uniform technology standard for recognizing and implementing Do-Not-Track ('DNT') signals has been finalized, our website does not currently respond to DNT signals. If a standard is adopted we will inform you about that practice in a revised version of this section.
This Privacy Policy was last updated on Monday, September 2nd, 2024, and is the current and valid version. However, from time to time changes or a revision to this policy may be necessary. If you feel that the above is not sufficient or if you have any queries as regards the collection, processing or use of your Personal Data, we are looking forward to hearing from you. We will make every effort to reply as soon as possible and take into consideration any suggestions from your end.