With this information sheet, the PhiAcademy GmbH (hereinafter “PhiAcademy“ or “we“) informs you about the processing of your personal data (“Data“) as well as your Data protection claims and rights:
We process the Data that we receive from you as part of your visit or purchase on our website www.phishop.com (hereinafter “Website“). We do not collect and process any special categories of personal Data.
Personal Data include:
- Your personal details: e.g. name, address, e-mail address, telephone number and gender
- Data about your PhiShop purchases: e.g. customer number, UID number, previous purchases, invoice number, purchase date and time, product, quantity and price
- Data about your payment method: e.g. bank details, used credit card company,...
We process your Data in accordance to applicable data protection law and for specific purposes and for a specific period. The most important purposes and duration of the processing are listed below. If we collect Data from you for other purposes, we will inform you separately before collecting that Data.
We process the Data you provide when purchasing goods for the purpose of fulfilling our contractual obligations to you. This includes, for example, the delivery of goods ordered by you. We process this data until the fulfillment of our obligations; beyond that, only as long as there is a legal obligation to do so or we need Data for the exercise or defence of legal claims.
We process the Data provided by you when creating your PhiShop customer account for the provision of PhiShop service offers. With your PhiShop customer account you can process purchases faster, save more than one address, track your orders and much more. If you purchase goods online via your customer account, we also process your Data to perform and fulfill your purchase.
We will process the Data you provided for the PhiShop customer account until you delete your customer account; beyond that, only as long as there is a legal obligation to do so or we need Data for the exercise or defence of legal claims.
We process the Data you provided when you signed up for the PhiShop Newsletter for the purposes of direct marketing. We will send you personalized newsletters via e-mail and inform you about offers, services and events of PhiAcademy GmbH and our partner companies if, based on your Data, we assume that this information is particularly relevant and interesting for you. An up-to-date list of our partner companies can be found here.
We process the Data you provided by signing up for the PhiShop Newsletter as long as you wish to receive the newsletter and furthermore only as long as we need Data for the exercise or defence of legal claims.
When contacting our Customer Service („contact us“) for requests or issues we process your Data to respond to your requests or to fulfill your issues.
We process the Data you provide only for the duration of the response or fulfillment of your requests and issues. Beyond that, we will process the Data only as long as there is a legal obligation to do so or we need Data for the exercise or defence of legal claims.
When you contact our PhiAcademy Chat for requests or issues, and therefore provide us with your Data (name, e-mail address and message), these Data will be processes only to respond to your requests or fulfill your issues.
The Data that you provide for the PhiAcademy-Chat will be deleted after the end of our chat. Beyond that we store your Data only if this is necessary due to our justified interest in the in the asserting and defense of legal claims and for internal administrative purposes.
If you have given us your consent to the processing of your Data - for example to receive the PhiAcademy Newsletter - this processing will only be carried out in accordance with the purposes specified in the respective declaration of consent and to the extent agreed therein.
You can withdraw your given consent at any time with effect for the future in writing by e-mail or letter to our contact address as stated in point 9. The withdrawal of consent does not affect the lawfulness of the processing of your Data based on your consent before its withdrawal.
We process your Data in order to fulfill our contractual obligations to you. For example, we need your name and address to send you ordered goods and issue an invoice for your order. If there are any delivery problems or if you have concerns or requests, we need, for example, your e-mail address or phone number in order to contact you.
The processing of your Data may be required to fulfill our legal obligations (in particular for the storage of business papers and contractual documents). Such obligations may arise from the Austrian Commercial Code (UGB), Austrian Federal Fiscal Code (BAO) or Austrian Civil Code (ABGB).
If it is necessary for the purposes of our legitimate interests or the legitimate interests of third parties, we process your Data:
- Our legitimate interest in the processing your Data includes own and third-party marketing purposes, customer loyalty or direct marketing.
- In addition, we have a legitimate interest in the processing your Data for administrative purposes within PhiAcademy and its affilliates (Craftmaster GmbH und PhiAcademy d.o.o.) and in for the exercise or defence of legal claims.
Your Data can therefore be processed on the basis of these legitimate interests even for example if you withdraw your consent.
Within PhiAcademy and our parent company, PhiAcademy d.o.o., those employees will receive your personal information, who need them for the purposes outlined above. If we are legally obliged to do so, we will also transfer your Data to public bodies and authorities. In addition, companies commissioned by us (in particular IT or payment services and back office providers) will receive your Data if they need them to fulfill their respective tasks. These providers are obliged to treat your Data confidentially, to process them only to the extent necessary for their service provision and they provide their processing activities within the European Economic Area. If these companies provide their processing activities outside the European Economic Area, they have a Privacy Shield Certificate or have undertaken to ensure an adequate level of data protection.
We will transfer your Data to the following recipients:
|Company name||Located in|
|DHL Paket (Austria) GmbH||Austria|
|Wirecard Central Eastern Europe GmbH||Austria|
|ETRON Softwareentwicklungs- und Vertriebs GmbH||Austria|
|PayPal (Europe) S.à.r.l. & Cie||Luxembourg|
|American Express Payment Services Limited||Germany|
The following cookies are used:
|Cookie Name||Purpose||Storage period|
|section_data_ids||Facilitates the caching of content in the browser, so pages load faster.||Until the end of the page visit|
|PHPSESSID||Your session ID on the server.||1 hour|
|product_data_storage||Saves the configuration for product data related to recently displayed / compared products.||Until the end of the page visit|
|recently_compared_product||Stores product IDs of recently compared products.||Until the end of the page visit|
|recently_viewed_product_previous||Stores product IDs of previously viewed products for easy navigation.||Until the end of the page visit|
|mage-translation-file-version||Facilitates the translation of content into other languages.||Until the end of the page visit|
|recently_viewed_product||Stores product IDs of recently viewed products for easy navigation.||Until the end of the page visit|
|form_key||Stores randomly generated keys to prevent the use of forged information.||1 hour|
|Pnctest||Tests whether cookies are supported by your browser.||1 hour|
|recently_compared_product_previous||Stores product IDs of previously compared products for easy navigation.||Until the end of the page visit|
|mage-cache-storage-section-invalidation||Facilitates the caching of content in the browser, so pages load faster.||Until the end of the page visit|
|mage-cache-storage||Facilitates the caching of content in the browser, so pages load faster.||Until the end of the page visit|
|mage-messages||Contains information on whether new messages are available in the shop for the visitor / customer.||Until the end of the page visit|
|mage-translation-storage||Facilitates the translation of content into other languages.||Until the end of the page visit|
All these cookies are technically necessary for the presentation of the Website. You can deactivate the setting of cookies in the settings of your browser. Please note that a general deactivation of cookies may possibly lead to functional limitations of our Website.
|Google Analytics Cookie||Purpose||Storage period|
|_gat||Determined by Google Analytics to identify unique sessions||30 minutes|
|_gid||Determined by Google Analytics to identify unique sessions||30 minutes|
|_ga||Determined by Google Analytics to identify unique sessions||30 minutes|
We also use the Facebook Audience Pixel analysis tool from Facebook Ireland Limited or Facebook Inc. to measure the effectiveness of our advertising. The pixel collects information about website usage, such as when the website is used and whether goods are placed in the shopping basket, and transmits that information to Facebook's servers in Ireland and the United States. This information may also be cross-checked with other Facebook information or our information that we have about you. All data collected by this pixel is encrypted by Facebook using "hashes". Facebook Ireland Limited is located in the European Union; Facebook Inc. is located in the United States and has a Privacy Shield Certificate which ensures the protection of your data.
The collection of data by Facebook Pixel only takes place with your consent. This consent can be withdrawn by you at any time. The comparison of the data with the data stored by us is based on our legitimate interest in marketing and customer loyalty.
To receive a service – a purchase, customer account or newsletter – it is necessary that you provide the Data we need to fulfill our contractual obligations to you and to perform our voluntary performances and services. Those Data are marked with (*) as mandatory. Unless you provide those mandatory Data, we will generally be unable to provide our services.
You have the right
- to request information about which of your personal Data we process (Article 15 GDPR);
- to rectify or erase your Data (Article 16 GDPR);
- to restrict the processing of your Data (Article 18 GDPR);
- to withdraw your consent (Article 7 GDPR);
- to object to the processing of your Data (Article 21 GDPR);
- to Data portability (Article 20 GDPR).
If you believe that we violate your rights under the GDPR or national data protection law when processing your Data, please contact us. This is the only way we can treat your concerns as quickly as possible. You also have the right to lodge a complaint with a supervisory authority (in Austria: www.dsb.gv.at).
We do not use automated decision-making or profiling according to Article 22 GDPR.
If you have any requests or concerns, you can contact us directly by e-mail, by phone or by post to the following address:
Gartengasse 8/8, 1050 Vienna