§ 1 Introduction
Website operator: Arvigor Trading & Co. GmbH
Street and house no.: Glinkastr. 32
Postal code and city: 10117 Berlin, Germany
operate (hereinafter referred to as “we” or “operators”) the websites www.arvigortrading.com, madetrade.arvigortrading.com, caretrade.arvigortrading.com (hereinafter referred to as “website” or “websites”), thus are responsible for the collection, processing, consent of use and use of personal data within the legal framework of the Federal Data Protection Act (BDSG) and the German Telemedia Act (TMG).
The principle of data parsimony is of great importance for data collection. We collect and process personal data only insofar as you have given us your consent, or the legislator expressly permits or prescribes it to us or you allow us to do so. In the following, we will explain what data we collect, how it is used by us, and what rights you have in relation to the use of your data:
By agreeing to the following data protection agreement, you agree to the collection, processing and use of your personal data in compliance with the data protection laws and the following provisions.
§ 2 Collection and Storage of Personal Data
- Personal data: The term “personal data” is defined in the Federal Data Protection Act. According to this, data is comprised of individual details of personal or factual circumstances of a particular or determinable natural person. This includes, for example, your name, your address, your telephone number or your date of birth. In addition, company-related data are also recorded.
- Storage: a) We store and process your personal data on our servers in Germany. We protect your data through technical and organizational security measures to minimize risks associated with loss, misuse, unauthorized access, unauthorized disclosure and modification of data. For this purpose, firewalls and data encryption are used, as well as physical access restrictions and authorization checks for data access. We take measures to ensure that the personal data collected by us is correct and up-to-date. b) To improve data security, such as minimizing risks of DDoS attacks on our servers in Germany, and to optimize loading times, we use CloudFlare, Inc., 665 Third Street, Suite 200, San Francisco, CA 94107, United States of America as CDN (“Content Delivery Network”) and proxy server, which stands between our servers in Germany and the users of our websites. In addition, we use our own SSL certificate in “Strict SSL” mode in connection with CloudFlare: https://support.cloudflare.com/hc/en-us/articles/200170416-What-do-the-SSL-options-mean-. CloudFlare has also been used by the German Bundestag. Thus, queries are filtered by the CloudFlare servers in the United States and data is anonymously aggregated in accumulated statistics. These data packages (“Access logs”) remain for up to 4 hours with CloudFlare (https://blog.cloudflare.com/what-cloudflare-logs/) to optimize loading times, and are then deleted. For more information on data security, please see: https://www.cloudflare.com/security-policy/. c) Job applications are only accepted online via our application platform under Career in About us. For this purpose, your personal data (including full name, email, cover letter, attachments) will only be stored for purposes of the application. The transmission of your personal data as part of your application is encrypted. Only the relevant human resources personnel and the respective departments have access to your application data. No transfer of your application data to third parties will take place unless you have given us your explicit consent to do so, or if we have been given official instructions by law enforcement authorities. The complete deletion of your personal application data will take place three months after completion of the application procedure in order to answer questions regarding your application. This deletion does not apply if statutory provisions prevent the deletion or require storage for a period longer than three months or if you have explicitly agreed to a longer period of storage. If your application is successful, we will store your application data for internal business processing purposes within the time frame of your employment contract.
§ 3 Use of Personal Data
The collection and processing of your personal data takes place for the execution of the contract, in particular for the purpose: to have knowledge of who our contractual partner is; to verify the data entered with regards to the plausibility and business operability of the users; to establish, modify and, if necessary, amend the terms of the contract through the use of the websites and the services offered thereon; to be able to contact you in case of questions; to ensure effective customer service and technical support; to inform you about future offers if you have given your consent.
In addition to processing your data for the execution of your purchase, we also use your customer data to communicate with you about your orders, specific products, or our own marketing activities, and to recommend you our products or services that may interest you, regardless of whether you have a newsletter subscription. This takes place in a thoughtful manner, whereby your personal data is not shared with third parties for advertising purposes.
In order to permanently improve your shopping experience, we provide registered users with advertising tailored to their interests. For this purpose, we use existing information (“pseudonymized usage data”) such as: receiving and reading confirmations of e-mails, subscribed newsletter, your order and/or service history, the date and time of the visit of our homepage.
Prior to the evaluation of the aforementioned data, these are anonymized. Thus, we can evaluate the user behavior without concrete personal relations in order to constantly improve our websites and services. You may object to the use of your personal data for advertising purposes at all times or for individual measures. An informal message in text form to the mentioned contact (e.g. e-mail, fax, letter) is sufficient for this matter.
§ 4 Disclosure of Data
- Transmission of personal data to third parties: Your personal data will only be passed on to third parties or otherwise transmitted if this is necessary for the purpose of contract processing or settlement or if you have previously given your consent. Within the framework of order processing, for example via the service providers used by us (such as freight forwarders, logistics companies, banks or payment processing services) receive the necessary data for order and order processing. The data thus provided may only be used by our service providers to fulfill their task. Any other use of the information is not permitted and is not carried out by any of our service providers. Without your agreement, we will not sell or otherwise disclose your data to third parties. The only exclusion from these rules would occur to the extent that it becomes subject to a legal obligation (e.g. information for certain authorities within the scope of their statutory tasks) or to the extent that this is necessary to enforce our rights, in particular to enforce claims arising from the contractual relationship with you. By arrangement of the competent authorities, we may be required to provide information on personal data as far as it is necessary for the purposes of law enforcement, security or other legal tasks.
- Integration of third-party services and content: Third-party content, such as YouTube videos, Google Maps, Google Fonts, RSS feeds or graphics from other websites, may be included on our website. This always assumes that the providers of these contents (“third-party providers”) obtain the IP address of the users. Without the IP address, they could not send the content to the browser of the respective user. The IP address is therefore required for the display of these contents. We strive to use only those contents, whose respective providers use the IP address only for the delivery of the content. However, if the third-party providers store the IP address, for example, for statistical purposes, we would have no influence on it. As far as we have knowledge about it, we will inform the users.
- Creditworthiness check: In order to offer you good options for the choice of a payment method, we must protect you, especially as a customer and vendor, against misuse. For this reason, we may, if necessary, carry out a creditworthiness check for each customer based on mathematical and statistical methods, pursuant to § 28b No. 1 BDSG, i.e. a so-called credit scoring procedure. For this purpose, we reserve the right to submit the personal data required for a creditworthiness check, including your address data via: i) SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden, ii) Bürgel Wirtschaftsinformationen GmbH & Co. KG, PO Box 5001 66, 22701 Hamburg, iii) arvato infoscore GmbH, Rheinstraße 99, 76532 Baden-Baden, iv) Verband der Vereine Creditreform e.V., Hellersbergstrasse 12, 41460 Neuss, which carries out an appropriate evaluation on the basis of mathematical and statistical procedures. The calculation of the probability value also incorporates your address data. We use the information obtained about the statistical probability of a default (“probability value”) for a balanced decision on the payment options to be provided to you. You can at any time formally disagree with the transmission of your data to the credit agency. A message in text form (e.g. e-mail, fax, letter) is sufficient for this matter. We would then re-examine the decision, taking into account your position. In this case, however, the payment options which are in principle available to you may be restricted. We will not be able to provide you with advanced payment methods and we will have to terminate them if necessary. Should you have failed to provide a due payment despite the due date, and we have been compelled to warn you twice in written form within a period of four weeks after the due date, then we may be obliged to provide your personal data to a credit agency. You would be notified in written form in due time and in accordance with the legal obligations.
§ 5 Cookies, Access Data and Web Analytics Services
- Interactions with our websites are tracked by means of cookies and the technologies mentioned below, in order to adapt them for your use. Cookies are small files that are stored on your hard drive. This facilitates navigation and a high degree of user friendliness for our websites. Of course, you can also view our websites without cookies, but a limitation of their functionality cannot be ruled out. Most browsers accept cookies automatically. You can prevent cookies from being stored on your hard disk by selecting “Do not accept cookies” in the browser settings.
- Our server collects data about each access, so-called access data, to the server where these websites are located (in “Access log” files). The access data include e.g. name of the retrieved webpages, date and time of the retrieval, browser type, browser version and IP address. These access log data files are used only for statistical evaluations of the system, for the purpose of the website operation, the security and the optimization of our web pages without any identification of the user nor any other individual profile creation. These access data are stored for 6 months by the server and then automatically deleted. We do not object to the deletion, but we reserve the right to check the log data if there is a reasonable suspicion of unlawful use or action.
§ 6 Social Plug-Ins, Social Sign-ins, Chat and Embedded Contents by Third Parties
- We use social plug-ins of the facebook.com network, namely the “Like” button and the “Share” button. These plug-ins are offered by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, and they submit data to Facebook. They are marked with the Facebook “f”. By activating these plug-ins, your browser connects to the Facebook servers. The content of the plug-in is delivered directly to your browser. The plug-in is part of Facebook and only displayed on our websites. Any interaction via the plug-in is an interaction on “facebook.com” and not on our website. We have no influence on the contents of the plug-in. At the same time, Facebook employs one or more cookies in your browser. Through the active plug-in and the cookie or cookies, Facebook receives data, even if you have not clicked on the plug-in itself, and also if you do not have a Facebook account. According to Facebook, this data includes the website visited, the date, the time, browser type and version, operating system and version, according to our knowledge also the IP address and the browser cookies already stored in the browser. Facebook can comprehend then, on which other Facebook sites (including these plug-ins) you were on. Facebook uses this data to find errors in its own system, to improve its own products and to adapt to the user behavior, to control, to place and individualize advertising, to localize, to record the way of using websites with Facebook content and for the purpose of market research. If you are logged on to Facebook when you enable the plug-ins, Facebook will also transfer your Facebook login code to Facebook. This allows your visit to our websites to be linked directly to your Facebook account. You will then be identified by Facebook with your Facebook name and your private data from the Facebook account. In the case of interaction with the Facebook plug-in, this information is not only transferred to the Facebook server, but also published on Facebook and displayed to your friends depending on the settings of your Facebook account. If you want to avoid this, you must first log out of your Facebook account before you enable the Facebook plug-ins, and then delete all Facebook cookies after visiting web pages with Facebook plug-ins. According to Facebook, they will store all of this data for up to 90 days. After that, Facebook will anonymize this data and use it only in an anonymous and summarized form, for example, to improve advertising. The plug-ins of Facebook are set so that we can not get any information that is transmitted via the plug-in or the Facebook cookies. We can only determine that you have clicked on the plug-in and shared our content with others. For more details on how Facebook deals with your data, see the Facebook privacy statement at http://www.facebook.com/about/privacy/.
- We use social plug-ins for the short news service Twitter, namely the “Share” button. This plug-in is offered by Twitter, Inc., 1355 Market St., Suite 900, San Francisco, CA 94103, USA, and delivers data to Twitter. The plug-in is marked with the Twitter logo. By activating this plug-in, your browser connects to the Twitter servers. The content of the plug-in is delivered directly to your browser. We have no influence on the content of the plug-in. At the same time, Twitter uses one or more cookies in your browser. Through the active plug-in and the cookie (or cookies), Twitter receives data, even if you have not already clicked on the plug-in, and also if you do not have a Twitter account. According to information by Twitter, this data includes the visited website, the visited page, the date, the time, the browser type, the operating system, your IP address, search terms, your location, your mobile provider, your mobile device, ID and Twitter cookies already stored in the browser (so-called Twitter widget data). Twitter can understand which other websites with Twitter content (including these plug-ins) you were on. Twitter uses this data especially for its “Tailored Suggestions” service, which is used to recommend certain “tweets”, to improve the system and product, to adapt to user behavior, to localize, to record the way in which websites are used with Twitter content and for the purpose of market research. If you are logged in to Twitter when you enable the plug-ins, Twitter can connect to your Twitter account. If you want to avoid this, you must first log out of your Twitter account before activating the Twitter plug-ins and delete all Twitter cookies after visiting websites with Twitter plug-ins. According to Twitter, they start after 10 days to delete the widget data, which can take up to 7 days. After that Twitter uses only aggregated, anonymous data about how often a page with Twitter content was called. The plug-ins of Twitter are set so that we can not get any of the information that comes with the plug-in or the Twitter cookies. We can only conclude that you have clicked on the plug-in and shared our content with others. For more details on how Twitter deals with your data, see the privacy statement of Twitter at https://twitter.com/privacy.
- We use the Google+ plug-in (“+1” on a white background) of Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States. When you visit a page that contains such a plug-in, your browser connects directly to Google’s servers. This will redirect information about your visit to Google. We have no influence on the contents of the plug-in. If you are logged into a Google+ or your Google user account during the visit, Google may assign the website visit to this account. By interacting with plug-ins, this information is transmitted directly to Google and stored there. If you want to prevent such a data transmission, you must log out before you visit our website under your Google Plus or Google Account. We have no influence on the scope and content of the data that Google collects with the button. You may inform yourself about the purpose of the data collection at Google. If you do not want Google to collect information about you when you visit our website and link it to your member data stored on Google, you must log out of Google before visiting our website.
- We use the “Pin it” button of the social network Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA. If you click the “Pin it” button while you are logged into your Pinterest account, you can link the content of our pages to your Pinterest profile. Thus, Pinterest can assign the visit of our websites to your user account. We do not have any knowledge of the content regarding the transmitted data as well as its use by Pinterest. For more information, visit Pinterest’s privacy statement at http://about.pinterest.com/privacy/.
- On our websites, functions of the social network “LinkedIn” are integrated. These functions are provided by LinkedIn Ireland Limited, 77 Sir John Rogerson’s Quay, Dublin 2, Ireland. By using the “InShare” button, the websites you visit are linked to your LinkedIn account and shared with other users. Data is also transferred to LinkedIn. We would like to point out that we, as a provider of the websites, do not have any knowledge regarding the content of the transmitted data as well as its use by LinkedIn. For more information, see LinkedIn’s privacy statement at http://www.linkedin.com/static?key=privacy_policy.
- On our websites, functions of the social network “XING” are integrated. These functions are offered by XING AG, Dammtorstraße 30 in 20354 Hamburg. By using the “XING Share” button, the webpages you visit will be linked to your XING account and shared with other users. Data is also transferred to XING, in particular for the calculation and display of the counting value. We would like to point out that as a provider of the websites, we are not aware of the content regarding the transmitted data as well as its use by XING. For more information, see the XING privacy statement at https://www.xing.com/app/share?op=data_protection.
- On our websites, we also use plug-ins from Tumblr, Inc. located in 35 East 21st St, 10th Floor, New York, NY 10010, United States of America. The Tumblr plug-in can be identified by the “Tumblr button” on our webpage. If you click the Tumblr button while you are logged in to your Tumblr account, you can link or share the contents of our websites on your Tumblr profile. This allows Tumblr to map the visit of our websites to your user account. We would like to point out that as a provider of the websites, we are not aware of the content regarding the transmitted data as well as its use by Tumblr. For more information, see the Tumblr privacy statement: http://www.tumblr.com/policy/en/privacy.
- We use plug-ins from YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, powered by Google Inc.. If you are using a YouTube plug-in on our websites, which is marked with a YouTube button, for example, this will connect you to YouTube’s servers, i.e. YouTube will be notified of the website you visited. By signing in to your YouTube account, you allow YouTube to map your Internet user behavior to your personal profile. Additional information on YouTube’s data privacy is available at: https://www.youtube.com/yt/policyandsafety/policy.html.
- Our live chat application allows the communication between visitors of our websites. Since you have to log in via a social sign-in, you will be prompted to confirm the access to various types of data of your public social profile by the chat application. This is to prevent misuse of our communication platform to spread illegal content. Therefore, logs (time, users, IP, content) are created for the public chat room and archived for 90 days on our server, after which these logs will be completely deleted. At no time is any user data nor the public chat history of its users passed to any third parties. For the private chat rooms, no logs of the contents are created. All contents of the chat, whether private or public, are used exclusively for the communication between visitors of our websites.
§ 7 Information, Correction and Deletion of Data
Pursuant to § 35 BDSG, you are entitled to the right of information regarding your stored personal data and the right to adjust incorrect data, to block and delete it.
For information about your personal data, for the purpose of adjusting incorrect data, for blocking or deleting it, as well as for further questions about the use of your personal data, please contact us:
Name: Arvigor Trading & Co. GmbH
Address: Glinkastr. 32, 10117 Berlin, Germany
E-mail address: [email protected]
§ 8 Mobile Devices
§ 9 Contact Form
The personal data which is entered into the contact form for the purposes of communication or contact with our customers, clients and other subjects of the business transaction as well as the resulting business activities of our company are sent to us via our e-mail provider as an e-mail for these purposes only.
Last update: 10 September 2017