§ 1 Scope
Arvigor Trading & Co. GmbH
Glinkastr. 32, 10117 Berlin
Federal Republic of Germany
operate (hereinafter referred to as “we” or “operators”) the websites www.arvigortrading.com, eshop.arvigortrading.com (“shop“), blog.arvigortrading.com (“blog“) or hereinafter referred to as “website” or “websites” and the services offered thereon. Hence, we are responsible for the collection, processing, obtaining consent, consent of use and use of personal data within the legal framework of the Federal Data Protection Act (BDSG), the German Telemedia Act (TMG) and the General Data Protection Regulation (GDPR).
When collecting data, the principle of data minimization is of great importance to us. We collect and process personal data only if you have given us consent for, or if the law expressly permits or requires us or if you permit us to do so. In the following provisions, we will explain what data we collect and store, how we use it, and what rights you have in relation to the use of your data:
§ 2 Collection, Storage and Use of Personal Data
- Personal data: The concept of personal data is defined in the Federal Data Protection Act or according to Art. 4 No. 1 GDPR. Thereafter, these are individual details about personal or material circumstances of a specific or identifiable natural person. This includes, for example, your civil name, your address, your telephone number or your date of birth. In addition, this also includes company-related data.
- Collection: When visiting our websites, unless otherwise stated in the following provisions, no personal data will be collected, processed or used when using our websites. a) Contact: If you contact us by e-mail, contact form or product inquiry form, we will save your e-mail address and other details. This is done solely for the purpose of responding to you or, if necessary, contacting you again at a later date regarding the subject of the inquiry, in particular for technical or other support requests. The information may be stored in a help desk system or a customer relationship system (CRM System) for the purpose of processing inquiries or customer care. The personal data entered into the form and sent to us by e-mail via our e-mail provider for the purpose of communication or establishing contact with business subjects and subsequent business activities of our company will not be used for any other than these purposes. b) Customer account: By registering free of charge as a user in our shop (hereinafter referred to as registered user) you can create a customer account in order to receive pre-contractual and post-contractual services, especially our contractually associated services (e.g. ticket support, order overview, invoice download, returns management), for the purpose of dedicated customer care. Upon registration, you will receive an e-mail to confirm your registration (double opt-in procedure). As part of the registration process, we require your e-mail address. Created customer accounts are valid only within the subdomain eshop.arvigortrading.com. If you decide to delete your customer account, your data will be deleted irrevocably, taking into account the statutory retention obligations. c) Author account: You can create an author account if you have received a pre-approved invitation to register as author or editor on our blog. For the registration, we require your e-mail address. Created author accounts are valid only within the subdomain blog.arvigortrading.com. If you decide to delete your author account, your data will be deleted irrevocably, taking into account the statutory retention obligations.
- Storage: a) Security: We store and process your personal data on our server in Germany. In addition, we protect your data through technical and organizational security measures to minimize risks associated with loss, misuse, unauthorized access and unauthorized disclosure or modification of data. For this purpose, firewalls and data encryption, for example, as well as physical access restrictions and authorization controls for data access come into use. We take measures to ensure that the personal data we collect is accurate and up-to-date. b) Applications: Job applications are only accepted online via our application form under tab Career in About us. For this purpose, your personal data (including full name, e-mail, cover letter, attachments) with regard to the job description will be stored only for purposes of the application. The transmission of your personal data during the application process is encrypted. Only the human resources personnel and the respective departments have access to your application data. No transfer of your application data to third parties will take place, unless you have given us your express consent to do so or if we have been given official instructions by law enforcement authorities. The complete deletion of your personal application data takes place six months after completion of the application procedure in order to be able to comprehensibly answer questions regarding your application or to meet our obligations to provide evidence. This deletion does not apply if statutory provisions preclude the deletion or require storage beyond the period of six months for the purpose of providing evidence or if you have expressly agreed to a longer period of storage. In case your application is successful, the application data provided for internal business matters can be further processed within the framework of your employment with us. c) Comments and reviews: Blog users or shop customers may add comments or reviews to individual blog posts or shop products. Follow-up comments or notifications of new blog posts can be subscribed to by users based on the double opt-in procedure, and they can also be unsubscribed at any time. In addition to the comments, the time of a comment input as well as the selected user name (pseudonym) and browser type are saved, in particular to filter spam. The IP address of the commentator is logged. This logging of the IP address is done for security reasons in the event that a comment violates the rights of third parties or illegal content is published. d) Duration: Your personal data will only be stored for as long as we need that information in line with the stated purposes or as long as required by law.
§ 3 Cookies, Access Data and Shop
- Cookies: Interactions with our websites are tracked using cookies and the technologies stated below to customize them for your use. Cookies are small files that are stored on your hard drive. This allows for easier navigation and a high degree of user-friendliness of our websites. Of course, you can also view our websites without cookies, but a limitation of their functionality cannot be ruled out. Most browsers accept cookies automatically. You can prevent cookies from being stored on your hard drive by selecting not to accept cookies in the browser settings. A general possibility of objection to cookies for advertising purposes: http://www.youronlinechoices.com/.
- Access data: Our server in Germany collects data about every access, so-called access data, on the server, where these websites are located (in access log files). The access data include e.g. the name or URL of the accessed website, date and time of access, browser type and version as well as IP address. These access log data files are used without personal references to the user or other profiling according to the legal provisions, but only for statistical evaluations of the system, for the operational purposes, security and optimization of our websites. This protocol date is stored by the server for 6 months and then removed automatically. We do not object to the removal, but we nevertheless reserve the right to retrospectively check the log data if, on the basis of justified suspicion, there is any unlawful use or action.
§ 4 Disclosure of Data
- Credit check: In order to offer you the best possible options for the choice of a payment method, we must protect you and us against misuse. For this reason, a credit agency may on our behalf, if reasonably necessary, carry out a creditworthiness check for every customer based on mathematical and statistical methods, pursuant to § 28b No. 1 BDSG, a so-called credit scoring procedure. In this respect, we may transfer personal data including your address data to: i) SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden, ii) Bürgel Wirtschaftsinformationen GmbH & Co. KG, PO Box 5001 66, 22701 Hamburg, iii) arvato infoscore GmbH, Rheinstrasse 99, 76532 Baden-Baden, iv) Verband der Vereine Creditreform e.V., Hellersbergstrasse 12, 41460 Neuss. The calculation of the probability value also incorporates your address data. We use the information obtained about the statistical probability of a default (probability value) for a balanced decision on the payment options to be provided to you. You can informally object to the transfer of your data to the credit agency at any time. A text message (for example by e-mail or contact form) is sufficient. We would then re-examine the decision, taking into account your point of view. In this case, however, the payment options which are in principle available to you may be restricted. We would not be able to provide you with advanced payment methods, and we will have to terminate them if necessary. Should you have failed to provide a due payment despite the due date, and we have been compelled to warn you twice in written form within a period of four weeks after the due date, then we may be obliged to provide your personal data to a credit agency. You would be notified in written form in due time and in accordance with legal obligations.
§ 5 Google and other External Services
- Google AdWords and Google Tag Manager: Our websites use Google AdWords and Google Tag Manager by Google Inc. for personalized, interest-based and location-based online advertising on the Google advertising network. We use the following Google AdWords features: i) remarketing, ii) interest categories, iii) similar audiences, iv) other types of interest-based advertising, v) demographic and geographic targeting. These services enable us to address visitors of our websites with targeted advertising on the websites of our advertising partners as part of our marketing campaigns related to our products. This form of advertising is anonymous. Advertising on our partners’ websites is displayed using Google AdWords and the Google Tag Manager based on a cookie technology (DoubleClick cookie) and visits to our websites. The data is transmitted to Google, collected and stored by Google. Our advertising partners do not receive any information about the data stored in the cookie. In addition to the IP address of the computer used, an ID number is stored in the cookie, by which Google can determine how often you have visited which website. Apart from the IP address, no other personal data such as e-mail addresses, company names or telephone numbers are stored. The data stored in the cookie is not combined with other personal data to form user profiles. This means that user profile data is processed anonymously. Users can prevent Google’s DoubleClick Remarketing Pixel by downloading and installing the available browser plugin at the following link https://www.google.com/settings/ads/onweb/ or at https://support.google.com/ads/answer/7395996?hl=en. Alternatively, you can disable DoubleClick cookies on the Digital Advertising Alliance website at the following link: http://www.aboutads.info/choices/.
- CloudFlare: To improve security, such as preventing DDoS attacks on our server in Germany and optimizing loading times, we use CloudFlare Inc., 101 Townsend Street, San Francisco, CA 94107, USA (“CloudFlare”) under the conclusion of a data processing agreement as CDN (content delivery network) and proxy server, which stands between the server in Germany and the users of our websites. Cloudflare is certified under the EU-US Privacy Shield and hence ensures that the processing of data in the United States is conducted in compliance with EU data protection laws (https://www.privacyshield.gov/participant?id=a2zt0000000GnZKAA0&status=Active). In addition, we use our own SSL certificate in “strict SSL” mode in conjunction with CloudFlare: https://www.cloudflare.com/de/ssl/. In doing so, requests are filtered by the CloudFlare servers in the USA and data is anonymously aggregated in accumulated statistics. This access data (access logs) is collected via a Cloudflare cookie and usually remains with CloudFlare (https://blog.cloudflare.com/what-cloudflare-logs/) for up to 4 hours to optimize loading times and it will then be removed. Please find further information on data security at: https://www.cloudflare.com/privacypolicy/.
§ 6 Social Plugins and Social Logins
- LinkedIn: On our websites, features of the social network “LinkedIn” are integrated. These features are offered by LinkedIn Inc., 2029 Stierlin Ct., Mountain View, CA 94043, USA or LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. By using the “InShare” button, the websites you visit will be linked to your LinkedIn account and the shared content will be shared with other users. Data is also transferred to LinkedIn. Since LinkedIn is certified under the EU-US Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active), LinkedIn is committed to ensuring that data is processed in the United States in compliance with EU privacy laws. We would like to point out that, as the provider of the websites, we are not aware of the transmitted data content or its use by LinkedIn. For more information, see the LinkedIn privacy statement at https://www.linkedin.com/legal/privacy-policy. A cookie opt-out is available at https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
- YouTube: Our websites use plugins from YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA, operated by Google Inc. If you use our websites that have a YouTube plugin, such as a “YouTube” button, it will connect to YouTube’s servers, i.e. YouTube will be notified which website you have visited. By logging into your YouTube account, you enable YouTube to associate your user behavior with your personal profile. Additional information about YouTube’s data security can be found at: https://www.youtube.com/intl/en/yt/about/policies/#community-guidelines.
- SoundCloud: Our websites uses plugins from SoundCloud Limited, Third Floor 20 Old Bailey, London, EC4M 7AN, UK. If you use our websites that have a SoundCloud plugin, such as a “SoundCloud” button, this will establish a connection to the SoundCloud servers, i.e. SoundCloud will be notified which corresponding website you have visited with your IP address. By logging into your SoundCloud account while clicking the “Like” button, “Share” button or “Follow” button, you enable SoundCloud to associate your visit to our websites with your personal account. Additional information about SoundCloud’s data security can be found at: https://soundcloud.com/pages/privacy.
§ 7 Information, Correction, Deletion, Limitation and Transfer of Data
Pursuant to § 35 BDSG or Art. 15 et seq. GDPR, you are entitled to receive information regarding your stored personal data and you have the right t adjust incorrect data, to block and delete your personal data.
In particular, in accordance with Art. 18 GDPR, you have the right to restrict the processing of your personal data and, in accordance with Art. 20 GDPR, you have the right to receive your personal data and to transmit it to other persons responsible. In accordance with Art. 21 GDPR, you may object to the processing of your personal data and, in accordance with Art. 77 GDPR, you may also file a complaint with a competent supervisory authority.
For information about your personal data, to have incorrect data corrected, blocked or deleted, or for further questions about the use of your personal data, please contact us (imprint):
Arvigor Trading & Co. GmbH
Glinkastr. 32, 10117 Berlin, Germany
§ 8 Mobile Devices
Last update: 3 July 2019