In this privacy notice, we would like to inform you about the personal data we process when you are visiting our website.
Personal data is all information that can be directly or indirectly associated with your person, for example name, address, telephone number, e-mail address and user behavior.
The controller as defined in Art. 4 (7) of the EU General Data Protection Regulation (“GDPR”) is the Swedish company Fenix Outdoor AB, Box 209, 891 25 Örnsköldsvik, Sweden, hereinafter referred to as “Fenix Outdoor”, “we” or “us”. The easiest way to reach us is to send an e-mail to firstname.lastname@example.org
Our data protection officer can be contacted at email@example.com. You can contact the data protection officer if you have any questions about how we process your personal data or if you need help in exercising your rights against us. The data protection officer is bound to secrecy.
For security reasons and to protect the transmission of any confidential content in the contact form, our site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
In the following, you will find a description of how we process your data in different contexts.
If you use our website for information purposes only, meaning if you do not register or otherwise actively transmit information to us, we collect the data that your browser transmits to our server. This includes browser type und browser version, used operating system, accessed website, the previously visited website (sog. Referrer URL), host name of the accessing computer, date and time of server request, http status code and IP address. This data is not merged with other data sources.
Purpose of the processing: The data is technically necessary for us to display our website to you and to ensure stability and security.
Legal basis of the processing: The processing of your personal data when you access this website is based on our legitimate interest (Art. 6 (1) sentence 1 (f) GDPR). Without the processing of personal data, it is technically impossible to provide, operate and secure the website. Securing the website also serves your interests.
Transfer to third parties:
Microsoft Azure (Hosting)
Our website is hosted by Microsoft Azure. Microsoft Azure is a recipient of your personal data and acts as a data processor for us. This serves our legitimate interest in accordance with Art. 6 (1) sentence 1 (f) from GDPR not to have to maintain a server on our premises ourselves. The transmission and processing of your personal data is carried out exclusively on servers in the European Union.
Content Delivery Network
We also use the Content Delivery Network (“CDN”) of Cloudflare Germany GmbH, Rosental 7, c/o around the world that is capable of delivering optimized content to the website user. For this purpose, Cloudflare may process personal data in server log files. Cloudflare is the recipient of your personal data and acts as a data processor for us. The processing is carried out pursuant to Art. 6 (1) sentence 1 (f) GDPR on the basis of our legitimate interest in providing our website in a secure and efficient way, as well as improving the stability and functionality of our website. In addition, it is in our legitimate interest not to operate a content delivery network ourselves.
In order to improve our website’s performance and reduce the load on our servers, we choose CloudFlare as a CDN solution. It caches copies of frequently accessed content (such as images, videos, or webpages) in geographically distributed data centers that are located closer to end users than origin servers.
All detailed and technical information regarding data protection and compliance with the European regulation are shared in the following whitepaper.
According to the whitepaper, CloudFlare maintains GDPR-compliant data transfer mechanisms and provides security measurements and access protection.
Cloudflare has implemented compliance measures for international data transfers. These apply to all global activities where Cloudflare processes personal data of individuals in the EU. These measures are based on the EU Standard Contractual Clauses (“SCCs”).
Retention period: The retention period of data for Cloudfare is 90 days.
Obligation to provide your personal data: You are not obliged to disclose your personal data. Without your personal data, however, it is not possible for you to access our website.
Technologies we use
When visiting our website, cookies from third-party companies (third-party cookies) may also be stored. These enable us or you to use certain services of the respective third-party company.
Cookies have a number of different functions. Technically necessary cookies help us make our website usable by enabling basic functions such as page navigation and access to secure areas of the website. Our website cannot function and display properly without these cookies. Preference cookies collect and store information about your settings and preferences on our website, such as your preferred language or the region you are in. Statistics cookies collect information about how you interact with our website. This data helps us to better understand your user behavior and to optimize our website. Marketing cookies store information about websites you visit. The data collected in this way is used to display advertising tailored to you and your interests.
Our website and any HTML e-mails we send to you may also contain so-called web beacons (also called pixels). These are small, often transparent image files that record how you interact with the website or the e-mail. This data helps us especially in the statistical evaluation of our online marketing.
Purpose of the processing: When using necessary cookies, we process your personal data to provide you with certain functions of our website.
When using other cookies or technologies, we process your data in order to analyze your user behavior, to tailor the offerings on our website to you and to display advertising that is of interest to you – also on other websites/platforms.
You can find more information about cookie declaration here.
Legal basis of the processing: The processing of your personal data in connection with the use of necessary cookies on this website is based on our legitimate interest (Art. 6 (1) sentence 1 (f) GDPR). Without the processing of personal data, we cannot provide certain functions of our website without technical errors. In addition, you have the option to prevent the processing of your personal data in connection with cookies through your browser settings.
The processing of personal data in connection with the use of other cookies and technologies only takes place with your consent (Art. 6 (1) sentence 1 (a) GDPR). You can withdraw your consent at any time with effect for the future by accessing the cookie banner again or by resetting the cookie settings in general.
Retention period: Session cookies are automatically deleted at the end of your visit to our website. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser. You can find more information about the retention period of the cookies and similar technologies used by us in the cookie banner and cookie declaration.
Obligation to provide your personal data: You are not obliged to disclose your personal data. However, without your personal data, not all functions of our website may be available to you.
You can usually configure your browser to notify you when cookies are set and to allow cookies only in individual cases. In addition, you can refuse to accept cookies for certain cases or in general and activate the automatic deletion of cookies when you close your browser. Please note that the functionality of our website may be limited by the deactivation of cookies.
Most browsers also offer a do-not-track feature. When this feature is activated, the browser tells ad networks, websites, and applications that you do not want to be tracked for behavioral advertising and similar purposes.
CookieBot (Cookie Consent Tool)
To give you control over the technologies used on our website, we also use a tool for consent management (so-called Cookie Consent Tool). For this purpose, we use CookieBot, a service provided by Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark („CookieBot“).
To enable CookieBot to clearly assign website visits to individual users and to individually record, log and store your consent settings for a session duration, CookieBot collects certain information from you (including the IP address) when you visit our website, transmits this information to CookieBot’s servers in Denmark and stores it there.
Purpose of the processing: The processing of your personal data by CookieBot serves to comply with our legal obligation with regard to the consent management required for cookies.
Legal basis of the processing: The processing of your personal data is based on our legitimate interest (Art. 6 (1) sentence 1 (f) GDPR). Without the processing of your personal data, a legally compliant, user-specific, and user-friendly consent management for cookies is not possible. The use of the service also supports us in complying with our legal obligations (Art. 6 (1) sentence 1 (c) GDPR).
Retention period: Cookiebot retains a user’s state of consent for 12 months. Once 12 months has passed, the banner reappears upon your next visit to the website.
Obligation to provide your personal data: You are not obliged to disclose your personal data. Without your personal data, however, the use of our website is not possible for you.
You can contact us by using our contact form, calling us or sending us an email. We process the personal data you provide us with, such as your e-mail address, first and last name and, if applicable, other voluntary information.
Purpose of the processing: We process your personal data to respond to your request and to provide you with the best possible service.
Legal basis of the processing: The processing of your personal data to handle your request is based on our legitimate interest (Art. 6 (1) sentence 1 (f) GDPR). Without the processing of personal data, it is not possible to process your request. In addition, contacting us is voluntary.
Fenix Outdoor Group
We may share your personal data with a company belonging to our group of companies (see Art. 4 no. 19 GDPR) if this is necessary for the intended processing purpose. This serves our legitimate interest pursuant to Art. 6 (1) sentence 1 (f) GDPR to handle your request in the best possible way and also serves internal administrative purposes.
Retention period: We store your personal data for as long as it is necessary to handle your request. Your personal data will be deleted no later than three years after receipt unless we are required by law to retain it for a longer period.
Obligation to provide your personal data: You are not obliged to disclose your personal data. The fields marked with * in the contact form are mandatory fields. Without this personal data, your request cannot be handled. The remaining information is voluntary and can simplify the processing of your request.
If you are interested in working for us, you will also find a link to our career portal on our website. To protect your personal data, we ask you not to send us your application documents by e-mail. Instead, you can simply use our career portal to directly enter your data or upload your documents.
For more information on the processing of your personal data in connection with an application for a position with us, please click here.
Purpose of the processing: We process your personal data during the application process in order to carry it out correctly and effectively and to be able to contact you.
Legal basis of the processing: The processing of your personal data in the application process is based on your consent (Art. 6 (1) sentence 1 (a) GDPR).
You can withdraw your consent at any time with effect for the future by withdrawing your application and deleting your data. To do so, simply contact us or request your removal from the career portal here.
Transfer to third parties:
To provide our career portal, we use the service provider Teamtailor AB, Östgötagatan 16, 116 25 Stockholm, Sweden (“Teamtailor”). Teamtailor is a recipient of your personal data and acts as a data processor for us. The transfer of your personal data to Teamtailor is based on our legitimate interest (Art. 6 (1) sentence 1 (f) GDPR) to make our application process secure and efficient. The data you enter for the purpose of the application will be stored on Teamtailor‘s servers in the EU.
Retention period: We store your personal data for as long as it is necessary for the application. After completion of the application process, your data will be stored for 6 months and then deleted. If we would like to include you in our applicant pool, we will ask you for your consent beforehand.
Obligation to provide your personal data: You are not obligated to provide your personal data. However, if you do not wish to provide your personal data, you cannot apply for a job with us.
Many data processing activities are only possible with your explicit consent. You can withdraw your consent at any time. The legality of the data processing carried out until the withdrawal remains unaffected by the withdrawal.
In addition to the right to withdraw consent given to us, you also have the following rights with regard to your personal data. In order to exercise these rights, you can contact us at firstname.lastname@example.org.
You can request information about your personal data stored by us at any time.
You can request the correction of your personal data if it is incorrect. In addition, you can also request the completion of your personal data, if it is incomplete. If you have a customer account, you can change some data directly under “My account”.
You can request that we delete personal data processed by us at any time, insofar as the data is not still required by us, for example to fulfill the contract with you, or if we are obligated to retain it due to legal or contractual regulations.
You can request a restriction of the processing of your personal data in the following cases:
If you have notified us that the personal data, we have stored is incorrect, you may request limited processing for the period of time that we need to verify the accuracy of the data.
If the processing is unlawful, but you refuse to erase the data and instead request restriction of the use of the personal data.
If we no longer need the personal data for the purposes of processing, but you need it in order to assert, exercise or defend legal claims.
If you object to processing based on our legitimate interest, you may request limited processing for the duration needed to verify the legitimate interest.
You can object to the processing of your personal data on the basis of a legitimate interest of ours. We will no longer process the personal data unless we can demonstrate legitimate grounds for processing that outweigh your interests and rights, or for the defense of legal claims.
You may request that we transfer personal data we have stored about you in a structured, common and machine-readable format or that we transfer it to another party.
Right to lodge a complaint with a data protection regulatory body
If you believe that we have handled your personal data in a manner that conflicts with the data protection legislation, you may at any time complain to the Swedish Data Protection Authority (Integritetsskyddsmyndigheten – IMY, Box 8114, 104 20 Stockholm, Sweden, Tel +46 8 657 61 00, e-mail email@example.com) or any other competent supervisory authority in your country of residence.