DentroChat logo
Kostenlos testen

fenritec.eu privacy policy — score 68/100 (medium risk)

Zuletzt analysiert

Dieser Bericht ist älter als 28 Tage. Er zeigt die zuletzt gespeicherte Analyse für diese Richtlinie — aktualisiere, um die Live-Seite neu abzurufen und den Score zu aktualisieren.

Der Berichtsinhalt (Zusammenfassung, Befunde, Zitate) wurde auf Englisch erstellt und ist nicht lokalisiert.

Berichtsdetails

medium Risiko

Fenritec generally respects EU privacy rules but lacks clear limits on data use for AI, proactive sub‑processor disclosure and detailed data‑minimisation statements.

The privacy charter outlines EU‑hosted processing, strong security measures and a ban on transfers outside the EU, yet it relies on consent for advertising pixels, provides sub‑processor information only on request, and is silent on AI/model‑training uses, resulting in a mixed compliance profile.

Zuletzt analysiert
QuelleURL
Länge69,441 Zeichen

Kategoriebewertung

Aufschlüsselung der Richtlinie nach zentralen Compliance-Bereichen. Gut = stark, mittel = gemischt, schlecht = bedenklich.

Data Minimizationfair

The charter says processing is limited to contract purposes but does not specify limits on the categories or amount of data collected.

Transparencyfair

Detailed clauses are provided, yet sub‑processor lists are only given on request and AI uses are not addressed.

Third‑party Sharingfair

Advertising pixels are used with consent, but the scope of data shared with those third parties is not fully disclosed.

International Transfersgood

Explicitly bans any transfer outside the EU without client‑authorised safeguards.

AI/Model Trainingpoor

No mention of whether personal data are used for training models or how data subjects can opt‑out.

User Rightsfair

Rights are acknowledged and response times are set, but procedural details and contact points are vague.

Wichtigste Befunde

Bemerkenswerte Klauseln, Probleme oder positive Praktiken (kritische zuerst)

Kritisch

No clause on AI or model‑training use of personal data

The charter is silent on whether personal data may be used for training machine‑learning models or improving services, creating uncertainty about secondary processing.

Warnung

Advertising pixels rely on consent but lack detailed data‑flow transparency

The charter permits third‑party advertising pixels (e.g., X Ads) activated only after consent, yet it does not specify which personal data are transmitted or retained by those third parties.

Warnung

Sub‑processor information only provided on request

The policy states "It will provide the Client, upon first request, with the list of subprocessors or joint controllers involved in the Processing" rather than publishing a current list proactively.

Warnung

Retention periods are only partially disclosed

Specific retention times are given for logs (3 months) and billing info (10 years), but the policy does not cover other data categories, leaving the overall data‑retention framework unclear.

Fazit für Nutzer

You can expect your data to stay in the EU and be protected, but the company does not clearly tell you if it will reuse your data for AI or give you a full list of all third‑party processors up front.

Compliance-Posture

mixed

EU-Übermittlungen

good

Erkannte Signale

Konkrete Datenpunkte und Praktiken im Text identifiziert

Erhobene Daten
Billing information (addresses, first and last name, etc.)Connection and user action logsUploaded files and documentsMetadata associated with stored files
Verarbeitungszwecke
Performance of the contractual servicesSecurity and backup of stored dataAdvertising performance measurement (with consent)Generation of thumbnails for user‑experience improvement
Weitergabe an Dritte
Advertising pixels (X Ads) may share browsing data with third‑party ad platformsDisclosures to authorities or authorized third parties following a justified official procedure
Internationale Übermittlungen
All processing infrastructure is hosted by OVH S.A.S. and Scaleway S.A.S., both EU‑based providersExplicit prohibition of transfers outside the EU without client‑authorised safeguards

Textbelege

Direkte Zitate aus der Richtlinie, die diese Befunde stützen

Fenritec reserves the right to add other hosting providers to this list provided that the main parent company has its registered office in France or the European Union and is subject to the GDPR.

Unless and until you give your consent, no advertising pixel is installed or triggered.

Fenritec shall not carry out any transfer or Processing of Personal Data outside the European Union

It will provide the Client, upon first request, with the list of subprocessors or joint controllers involved in the Processing.

Fehlend oder unklar

  • No explicit statement on whether personal data are used for AI or model training
  • No publicly available, up‑to‑date list of all subprocessors
  • Limited detail on the exact data categories shared with advertising pixels

Fragen zum Nachfragen

  • Can you provide a publicly accessible, regularly updated list of all current subprocessors and their GDPR compliance certifications?
  • Do you use any personal data for training AI or machine‑learning models, and if so, what opt‑out mechanisms are offered to data subjects?
  • What specific personal data elements are transmitted to the X Ads pixel and other advertising trackers, and can you supply a data‑flow diagram for these third‑party services?
  • How do you determine the retention period for each category of personal data beyond the examples of logs and billing information?
  • Is the consent obtained for advertising pixels granular (e.g., separate consent for profiling) and can it be withdrawn at any time without affecting the core service?
Diese Analyse wird von KI erstellt und ist keine Rechtsberatung. Konsultiere für Compliance-Entscheidungen immer eine qualifizierte Rechtsfachkraft.

Diese Analyse teilen

Jeder mit diesem Link kann das Ergebnis oben einsehen.

Entwickelt von DentroChat

100 % europäischer KI-Chat für alle

Chatte mit KI, arbeite mit Dateien, generiere Bilder und suche im Web. Daten bleiben in Europa.

In der EU gehostete InfrastrukturText, Dateien, Bilder & WebsucheSchnell-, Denk- und Kreativ-ModusDatenschutz zuerstKeine Daten verlassen Europa
Kostenlos testen →