Choose your language
English
Deutsch
Español
Français
Italiano
Português
Pусский
عربى
Türkçe
中文
ARCTIC
AUTHENTICITY
CHECK

Privacy Policy

Thank you for visiting our website. Compliance with data privacy regulations has special significance for us. The purpose of this Privacy Policy is to inform you, as the user of the website, of the nature, scope and purpose of the processing of personal data and the rights that exist for you, insofar as you are a data subject within the meaning of Article 4 No. 1 of the General Data Protection Regulation (GDPR).

1. Data Controller

This website, authenticity.arctic.de, and the services offered on this website are operated by:
ARCTIC (HK) Ltd.
Unit 1302-05, The Octagon
6 Sha Tsui Road
Tsuen Wan N.T.
Hongkong

2.Representative in the European Union

If you are a data subject residing within the European Union and have concerns regarding data privacy, you can also contact Arctic GmbH, which represents us there in such matters in accordance with Article 27 of the GDPR:
ARCTIC GmbH
Bevenroder Straße 149 
38108 Braunschweig
Germany

3. General Information

You can visit our website without letting us know who you are. For technical reasons, however, a log file is created during each visit, which also records your IP address, for example. We only collect additional personal data if you provide it to us. In doing so, we always ensure to process your personal data only in accordance with a legal basis or your consent. We comply with the provisions of the General Data Protection Regulation (GDPR) and the respective applicable national regulations.

4. Purpose and Legal Basis of the Processing of Personal Data

We process your personal data specifically for the purpose of technically implementing our website and to be able to provide our information to you on this website (e.g., IP address, cookies, browser information).

The following applies with regard to the legal basis for the processing of your personal data: Personal data that is required for the establishment, implementation or processing of our services (contract execution) on the legal basis of Art. 6 para. 1 (b) of the GDPR. Insofar as we obtain your consent for the processing of your personal data, the consent shall form the legal basis for data processing pursuant to Art. 6 para. 1 (a) of the GDPR. Data processing is also permissible if we process your data to safeguard our legitimate interests and your interests or fundamental rights and freedoms with regard to the processing of personal data do not prevail. Insofar as we use external service providers in the context of the commissioned data processing, the processing shall take place on the legal basis of Art. 28 of the GDPR.

5. Collection of personal data when visiting our website

If you merely visit our website without entering any further data, we only collect the personal data that your browser transmits to our server (so-called log files). The collection and temporary storage of log files is technically necessary for displaying our website to you and for ensuring its stability and security (the legal basis for this is Art. 6 (1) p. 1 lit. f GDPR):

  • IP address
  • date and time of request
  • time zone difference from Greenwich Mean Time (GMT)
  • content of the request (specific page)
  • access status/HTTP status code
  • amount of data transferred in each case
  • website making the request
  • browser
  • operating system and its interface
  • language and version of browser software.
  • In addition to the aforementioned data, cookies are stored on your computer when you use our website. Further information can be found under "Cookies" in this Privacy Policy.

    6.Performing Authenticity Checks

    On our website, you can check the authenticity of your purchased product (e.g., thermal paste) via the authenticity check feature. To do this, you must enter the verification code on the packaging of your product or scan it with a QR code scanner. It will then automatically check whether it is a genuine Arctic product or a counterfeit. If it is a counterfeit, you can provide us with more information about the product, as well as the name of the store from which you purchased the counterfeit product. If you wish, you can also provide us with your email address so that we can contact you for any questions.

    In summary, we collect and process the following data from you through our website when you submit the product verification code or scan the product QR code:

  • Automatically generated ID of the scan
  • Verification Code
  • Date and the time the scan was performed
  • IP-Address
  • Country in which you are located at the time of scanning (determined via the IP address)
  • Result of the scans (Fake or genuine)
  • This is a free authenticity check service provided by Arctic. If you wish to use this service, it is necessary for us to process the aforementioned data. The collection of the aforementioned data is therefore based on Art. 6 (1) lit. b GDPR. We forward the aforementioned data to our service provider NanoMatriX (NanoMatriX International Limited, 18/F., Unit 06&07, Workingfield Commercial Building, 408-412 Jaffe Road, Wanchai, Hong Kong). NanoMatrix creates pseudonymized evaluations for us, which we can use to track the worldwide distribution of counterfeit products. The transmission of data to NanoMatrix and the creation of pseudonymized evaluations is based on our legitimate interests (Art. 6 (1) lit. f GDPR).

    If the authenticity check reveals that your product is a counterfeit, you can voluntarily provide us with the following additional data:

  • Name of the shop where you purchased the counterfeit product
  • Your E-Mail- Address (for any queries)
  • The processing of the aforementioned optional information is based on a balancing of interests (Art. 6 (1) lit. f GDPR). We use this information to contact the store and, if necessary, to take action against the distribution of counterfeit products. We use your email address exclusively to be able to contact you for any questions. This may be the case, for example, if the information about the store is not sufficient for us to be able to clearly identify the store. You can object to being contacted via your email address at any time, in which case, you will not receive any further emails from us. Since we use your email address strictly for the purpose of combating product piracy and only process it if you have voluntarily provided us with your email address, the processing is carried out to protect our legitimate interests pursuant to Art. 6 (1) lit. f GDPR. We do not forward this data to third parties and store it only as long as we need it to contact you regarding the counterfeit product.

    7. Cookies

    On our website, information is collected and stored by using the so-called browser cookies. Cookies are small text files that are stored on your data carrier and that store certain settings and data for exchange with our system via your browser. A cookie usually contains the name of the domain, from which the cookie data was sent, as well as information about the age of the cookie and an alphanumeric identifier.

    You will find a list of the cookies we use in the table below:

    Cookie Name Description/Function
    PHPSESSID Unique ID that is used to serve the right language preference of the user

    If you do not wish to use browser cookies, you can set your browser so that the storage of cookies is not accepted. Please note that in this case you may only be able to use our website to a limited extent or may not be able to use it at all.

    The integration of cookies is based on the legal basis of Art. 6 para. 1 (f) of the GDPR, insofar as it concerns the so-called functional cookies that are mandatory for the operation of the website.

    8. Contacting Us

    You can contact us by email. When doing so, we store the personal data you provide in order to process your request and to contact you in order to respond to your request or concern.

    Depending on the nature of the request, the legal basis for such processing is Article 6 (1) (b) of the GDPR for requests that you submit yourself as part of a pre-contractual measure, or Article 6 (1) sentence 1 (f) of the GDPR if your request is of a different nature. The legitimate interest results from the purposes stated under Section 3 a). Should personal data be requested which we do not need for the fulfillment of a contract or for the protection of legitimate interests, the transmission of data to us is based on consent given by you pursuant to Article 6 (1) (a) of the GDPR.

    9. Social Media Buttons

    We display social media buttons (Facebook, Instagram, Twitter, LinkedIn, etc.) on our website in the form of a static link to our social media pages on the corresponding platforms. These do not represent a direct integration of the respective providers.

    10. Rights of the Data Subject

    You have the right:

  • to request information about your personal data processed by us pursuant to Art. 15 of the GDPR. In particular, you can request information about the purposes of data processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of the right to correction, deletion, restriction of processing, or objection, the existence of the right of appeal, the source of your data if not collected by us, as well as the existence of automated decision-making including profiling and any other meaningful detailed information about the data;
  • to request the rectification of incorrect or completion of personal data stored by us immediately pursuant to Art. 16 of the GDPR;
  • to request the erasure of your personal data stored by us unless the processing is required for exercising the right to freedom of expression and information, for fulfilling a legal obligation, for reasons of public interest, or for the assertion, exercise or defense of legal claims pursuant to Art. 17 of the GDPR;
  • to request the restriction of the processing of your personal data pursuant to Art. 18 of the GDPR if the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to have it erased and we no longer need the data, but you need it to assert, exercise or defend legal claims, or you have filed an objection to the processing in accordance with Art. 21 of the GDPR;
  • to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request its transmission to another controller pursuant to Art. 20 of the GDPR (data portability);
  • to revoke your consent provided to us at any time pursuant to Art. 7 para. 3 of the GDPR. As a result, we will no longer be able to continue the processing of data based on this consent with effect for the future; and
  • to appeal to a supervisory authority pursuant to Art. 77 of the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work, or our company headquarters.
  • Right to object
  • If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 (f) of the GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 of the GDPR provided that there are reasons for this arising from your particular situation or the objection is directed against direct mail advertising. In the latter case, you have a general right to object, which we will implement without specifying a particular situation
  • If you wish to exercise your right to revoke your consent or object, please send a letter.
  • 11. Transfer of Your Personal Data

    Your personal data is transferred as described below.

    We only transfer your personal data to third parties if this is necessary to carry out the Authenticity Check (e.g. to NanoMatrix, see above).

    In addition, data is also transferred if we are entitled or obliged to transfer data due to statutory provisions and/or official or judicial orders. In particular, this may include the provision of information for law enforcement and security purposes, or for the enforcement of intellectual property rights.

    Insofar as your data is transferred to service providers to the required extent, they will only have access to your personal data to the extent necessary to fulfill their obligations. These service providers are obliged to process your personal data in accordance with the applicable data protection laws, in particular the GDPR. As far as data processing on behalf of the controller is concerned, we have concluded data processing agreements with the data processor in accordance with Art. 28 of the GDPR.

    We will not transmit your data to third parties without your consent beyond the aforementioned circumstances. In particular, we do not transfer personally identifiable information to any place in a third country or an international organization.

    12. Data processing outside the European Union

    The website hosting and related data processing is done outside of the European Union on a server operated by us in Hong Kong. The associated data processing is required for the operation of the website, as well as for the establishment, implementation and execution of the existing usage contract.

    No data processing takes place in other countries outside the European Union.

    13. Data Security

    We use technical and organizational measures to secure our website against loss, destruction, access, modification, or dissemination of your data by unauthorized persons.

    In particular, your personal data is transmitted in encrypted form. In doing so, we use the SSL/TLS (Secure Sockets Layer/Transport Layer Security) coding system. Our security measures are continuously improved in line with the technological developments.

    14. Retention period for personal data

    With regard to the storage duration, we delete personal data as soon as its storage is no longer necessary for the fulfillment of the original purpose and there are no longer any statutory retention periods. The statutory retention periods ultimately form the criterion for the final duration of the storage of personal data. The corresponding data is routinely deleted after the period has expired. If there are any retention periods, the processing is restricted by blocking the data.

    15. No automated decision making (including profiling)

    We do not intend to use any personal data collected from you for any automated decision-making process (including profiling).

    16. Changes to the Privacy Policy

    We are constantly developing our website to provide you with an increasingly better service. We will always keep this Privacy Policy up to date and adapt it accordingly if and insofar as this should become necessary.

    You can always download the latest version of our Privacy Policy at https://authenticity.arctic.de/PRIVACY