Privacy policy

PRATICAL INFORMATION
实用信息

如果您是第一次办理全额退税,还有疑问尚未解答,我们推荐您先查看我们精心为您准备的实用信息。
办理退税过程中的各种注意事项,支付宝账号的使用小技巧,海关的细节要求等,均可在我们的实用信息中找到。这些信息将帮助您的退税过程更加轻松。

MORE QUESTIONS?
JUST CALL OUR
CUSTOMER HOTLINE
还有其他疑问?
欢迎拨打我们的客服热线
400 827 8866

星期一到星期五
中国时间9点到18点

“Tax Free Easy” Website Data Protection Notice

This “Tax-Free-Easy” Website Data Protection Notice describes how TRAVELEASY GmbH, Frankfurter Str. 71-75, 65760 Eschborn, Germany, Tel.: +49 (0)6196 / 77451-0, E-Mail: info@tax-free-easy.com (“TRAVELEASY” or “we” or “us” or “our”) as controller processes the personal data and other information of the users (“you” or “your”) in particular within the meaning of the General Data Protection Regulation (“GDPR”) when using the website www.tax-free-easy.com (“Website”) provided by TRAVELEASY.

1.Categories of personal data, processing purposes, legal basis and source

a.Personal Data actively provided by you:

If you use the contact form on our Website, you will be asked to provide the following personal data about you: First name, last name, email address, mobile phone number, user name, selected password. TRAVELEASY processes such personal data for the purpose of providing our services to you. Providing such personal data is voluntary. However, without providing such personal data, you will not be able to account contact us through the contact form. The legal basis for the processing of such personal data is the contract on the use of the Website concluded with you (Art. 6 (1) lit. b GDPR).

b. Other passively collected information:

In addition to the personal data that you actively provide, the Website may automatically collect, process and store certain information on a pseudonymous basis from you:

  • Device and usage information – that may include (i) information specific to the used device to access the Website (including, but not limited to, model, operating system, IP address, language, carrier and similar information) and (ii) information about the use of features, functions, or notifications on the device, to recognize you and to analyze trends;
  • Website analytics – such as date and time of the access to the Website, how often a user uses the Website, aggregated usage, performance data. We use Website analytics to allow us to better understand the functionality and use of our Website.

The legal basis for this purpose are our legitimate interests (Art. 6 (1) lit. f GDPR) which are the following: to monitor and maintain the performance of the Website and to analyze trends, usage and activities in connection with our Website. More information on the balancing test is available upon request.

2.Recipients

a. Transfer to service providers

TRAVELEASY may engage external service providers, who act as a data processor of TRAVELEASY, to provide certain services to TRAVELEASY such as Website and IT service providers, marketing service providers or administrative support service providers. When providing such services, the external service providers may have access to and/or may process your personal data.

Those external service providers will be subject to contractual obligations to implement appropriate technical and organizational security measures to safeguard the personal data and to process the personal data only as instructed.

b. Other recipients

Some of our colleagues administering the Website and providing IT services may be employees of our group companies. When administering the Website our colleagues may have access to
and/or may process your personal data. The respective transfer of your personal data is based on our legitimate interests. Our legitimate interests are the transmission of personal data within the group of companies for internal administrative and support purposes. The access is limited to colleagues with a need to know. More information on the balancing test is available upon request.

TRAVELEASY may also transfer your personal data to customs authorities, law enforcement agencies, governmental authorities, legal counsel and external consultants in compliance with applicable data protection law. The legal basis for such processing is Art. 6 (1) b) GDPR (compliance with a legal obligation to which TRAVELEASY is subject to), such as obligation to provide information to the authorities, or Art. 6 (1) f) GDPR (legitimate interests), such as exercise or defense of legal claims. More information on the balancing test is available upon request.

c. International transfers of Personal Data

The personal data that we collect or receive about you may be transferred to and processed by recipients which are located inside or outside the European Union (“EU”) and the European Economic Area (“EEA”) and which do not provide for an adequate level of data protection. The countries that are recognized to provide for an adequate level of data protection from an EU law perspective are Andorra, Argentina, Canada, Switzerland, Faeroe Islands, Guernsey, the State of Israel, Isle of Man, Jersey, New Zealand and the Eastern Republic of Uruguay. Recipients in the US may partially be certified under the EU-U.S. Privacy Shield and thereby deemed to provide for an adequate level of data protection from an EU law perspective. Some of the recipients of your personal data will be located or may have relevant operations outside of the EU, such as in the People’s Republic of China, where a Commission adequacy decision is absent. With regard to data transfers to such recipients outside of the EU we provide appropriate safeguards, in particular, by way of entering into data transfer agreements adopted by the European Commission (e.g. Standard Contractual Clauses (2010/87/EU and/or 2004/915/EC)) with the recipients or taking other measures to provide an adequate level of data protection. We will provide you with a copy of the respective measure we have taken upon request (for contact details see 5. below). The access is limited to recipients with a need to know.

3. What rights do you have and how can you assert your rights?

If you have declared your consent for any personal data processing activities, you can withdraw this consent at any time with future effect. Such a withdrawal will not affect the lawfulness of the processing prior to the consent withdrawal.

Pursuant to applicable data protection law you may have the right to: request access to your personal data, request rectification of your personal data; request erasure of your personal data, request restriction of processing of your personal data; request data portability, and object to the processing of your personal data. Please note that these aforementioned rights might be limited under the applicable national data protection law. For further information on these rights please refer to the Appendix Your Rights.

You also have the right to lodge a complaint with the competent data protection supervisory authority. To exercise your rights please contact us as stated in Section 5. (Contact us) below.

4. How long do we keep your Personal Data?

Your personal data will be retained as long as necessary to provide you with the services requested. When TRAVELEASY no longer needs to use your personal data to comply with contractual or statutory obligations, we will remove it from our systems and records and/or take steps to properly anonymize it so that you can no longer be identified from it, unless we need to keep your information, including personal data, to comply with legal or regulatory obligations to which TRAVELEASY is subject, e.g. statutory retention periods which can result from German Commercial Code (Handelsgesetzbuch, HGB) and/or German Fiscal Code (Abgabenordnung, AO) and usually contain retention periods from 6 to 10 years, or if we need it to preserve evidence within the statutes of limitation, which is usually three years but can be up to thirty years.

5. Contact us

If you have concerns or questions regarding this Website Data Processing Notice, please contact us as follows:

TRAVELEASY GmbH, Frankfurter Str. 71-75, 65760 Eschborn, Germany, Tel: +49 (0) 6196 / 774 51-0,
E-Mail: datasecurity@travel-easy.com.

The contact details of our data protection officer are as follows: Dr. Christian Szidzek, TÜV SÜD Sec-IT GmbH, Ridlerstr. 65, 80339 München, email: christian.szidzek@kanzlei-szidzek,de.

Appendix Your Rights

(a) Right of access: You may have the right to obtain from us confirmation as to whether or not personal data concerning you is processed, and, where that is the case, to request access to the personal data. The access information includes – inter alia – the purposes of the processing, the categories of personal data concerned, and the recipients or categories of recipients to whom the personal data have been or will be disclosed. However, this is not an absolute right and the interests of other individuals may restrict your right of access.

You may have the right to obtain a copy of the personal data undergoing processing. For further copies requested by you, we may charge a reasonable fee based on administrative costs.

(b) Right to rectification: You may have the right to obtain from us the rectification of inaccurate
personal data concerning you. Depending on the purposes of the processing, you may have the right
to have incomplete personal data completed, including by means of providing a supplementary statement.

(c) Right to erasure (“right to be forgotten”): Under certain circumstances, you may have the right to obtain from us the erasure of personal data concerning you and we may be obliged to erase such personal data.

(d) Right to restriction of processing: Under certain circumstances, you may have the right to obtain from us restriction of processing your personal data. In this case, the respective data will be marked and may only be processed by us for certain purposes.

(e) Right to data portability: Under certain circumstances, you may have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and you may have the right to transmit those data to another entity without hindrance from us.

(f) Right to object: Under certain circumstances, you may have the right to object, on grounds relating to your particular situation, or where personal data are processed for direct marketing purposes at any time to the processing of your personal data by us and we can be required to no longer process your personal data.

Moreover, if your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. In this case your personal data will no longer be processed for such purposes by us.