DentroChat logo
Prøv gratis

fenritec.eu privacy policy — score 68/100 (medium risk)

Sist analysert

Denne rapporten er mer enn 28 dager gammel. Den viser den sist lagrede analysen for denne erklæringen — oppdater for å hente den live siden og fornye poengsummen.

Rapportinnholdet (sammendrag, funn, sitater) er generert på engelsk og er ikke lokalisert.

Rapportdetaljer

medium risiko

Fenritec generally respects EU privacy rules but lacks clear limits on data use for AI, proactive sub‑processor disclosure and detailed data‑minimisation statements.

The privacy charter outlines EU‑hosted processing, strong security measures and a ban on transfers outside the EU, yet it relies on consent for advertising pixels, provides sub‑processor information only on request, and is silent on AI/model‑training uses, resulting in a mixed compliance profile.

Sist analysert
KildeURL
Lengde69,441 tegn

Vurdering per kategori

Oppdeling av erklæringen på viktige compliance-områder. God = sterk, rimelig = blandet, dårlig = bekymringsfull.

Data Minimizationfair

The charter says processing is limited to contract purposes but does not specify limits on the categories or amount of data collected.

Transparencyfair

Detailed clauses are provided, yet sub‑processor lists are only given on request and AI uses are not addressed.

Third‑party Sharingfair

Advertising pixels are used with consent, but the scope of data shared with those third parties is not fully disclosed.

International Transfersgood

Explicitly bans any transfer outside the EU without client‑authorised safeguards.

AI/Model Trainingpoor

No mention of whether personal data are used for training models or how data subjects can opt‑out.

User Rightsfair

Rights are acknowledged and response times are set, but procedural details and contact points are vague.

Viktige funn

Bemerkelsesverdige klausuler, problemer eller gode praksiser (kritiske først)

Kritisk

No clause on AI or model‑training use of personal data

The charter is silent on whether personal data may be used for training machine‑learning models or improving services, creating uncertainty about secondary processing.

Advarsel

Advertising pixels rely on consent but lack detailed data‑flow transparency

The charter permits third‑party advertising pixels (e.g., X Ads) activated only after consent, yet it does not specify which personal data are transmitted or retained by those third parties.

Advarsel

Sub‑processor information only provided on request

The policy states "It will provide the Client, upon first request, with the list of subprocessors or joint controllers involved in the Processing" rather than publishing a current list proactively.

Advarsel

Retention periods are only partially disclosed

Specific retention times are given for logs (3 months) and billing info (10 years), but the policy does not cover other data categories, leaving the overall data‑retention framework unclear.

Oppsummering for brukeren

You can expect your data to stay in the EU and be protected, but the company does not clearly tell you if it will reuse your data for AI or give you a full list of all third‑party processors up front.

Compliance-stilling

mixed

EU-overføringer

good

Oppdagede signaler

Spesifikke datapunkter og praksiser identifisert i teksten

Innsamlede data
Billing information (addresses, first and last name, etc.)Connection and user action logsUploaded files and documentsMetadata associated with stored files
Behandlingsformål
Performance of the contractual servicesSecurity and backup of stored dataAdvertising performance measurement (with consent)Generation of thumbnails for user‑experience improvement
Deling med tredjeparter
Advertising pixels (X Ads) may share browsing data with third‑party ad platformsDisclosures to authorities or authorized third parties following a justified official procedure
Internasjonale overføringer
All processing infrastructure is hosted by OVH S.A.S. and Scaleway S.A.S., both EU‑based providersExplicit prohibition of transfers outside the EU without client‑authorised safeguards

Bevisutdrag

Direkte sitater fra erklæringen som støtter disse funnene

Fenritec reserves the right to add other hosting providers to this list provided that the main parent company has its registered office in France or the European Union and is subject to the GDPR.

Unless and until you give your consent, no advertising pixel is installed or triggered.

Fenritec shall not carry out any transfer or Processing of Personal Data outside the European Union

It will provide the Client, upon first request, with the list of subprocessors or joint controllers involved in the Processing.

Mangler eller uklart

  • No explicit statement on whether personal data are used for AI or model training
  • No publicly available, up‑to‑date list of all subprocessors
  • Limited detail on the exact data categories shared with advertising pixels

Spørsmål å stille

  • Can you provide a publicly accessible, regularly updated list of all current subprocessors and their GDPR compliance certifications?
  • Do you use any personal data for training AI or machine‑learning models, and if so, what opt‑out mechanisms are offered to data subjects?
  • What specific personal data elements are transmitted to the X Ads pixel and other advertising trackers, and can you supply a data‑flow diagram for these third‑party services?
  • How do you determine the retention period for each category of personal data beyond the examples of logs and billing information?
  • Is the consent obtained for advertising pixels granular (e.g., separate consent for profiling) and can it be withdrawn at any time without affecting the core service?
Denne analysen er generert av AI og er ikke juridisk rådgivning. Rådfør deg alltid med en kvalifisert jurist for compliance-beslutninger.

Del denne analysen

Alle med denne lenken kan se resultatet ovenfor.

Bygget av DentroChat

100 % europeisk AI-chat for alle

Chat med AI, jobb med filer, generer bilder og søk på nettet. Data forblir i Europa.

Infrastruktur hostet i EUTekst, filer, bilder og nettsøkRask-, Tenk- og Kreativ-modusPersonvern først som standardIngen data forlater Europa
Prøv gratis →