Last Updated: May 23, 2018
This Policy applies to all of our Services, regardless of how you use them, and whether or not you register for an ARTA account. This Policy only applies to how we collect, store, share, and use information. This Policy does not apply to any entity that we do not own or control, or to any person that we do not employ or manage. If, at any time during the course of using our Services, you are directed to a third-party site, you understand and agree that the policies of the third-party site govern.
TYPES OF INFORMATION WE PROCESS
Information You Provide: We may collect the information that you provide or otherwise make available to us when you access or use our Services, including when you:
- fill in any forms on our Services, such as when you register for an ARTA account or update your account or User profile information, or submit a shipment request;
- access or use our Services, such as when you submit or view a shipping request, view or select a quote, make a payment for a shipment or otherwise perform transactions (this can include the information you provide on or through our Services, and information about how you access or use our Services, such as which features you use and when you use them);
- link your ARTA account to your account on another service (for example if you enable an inventory management integration), in which case we may obtain your username on that service and other information you make publicly available through that service, which may vary depending on your settings on that service; or
- communicate with us.
Information Collected Automatically: We may automatically collect certain information about how you access or use our Services, and by using our Services you consent to the collection of that information. Examples include but are not limited to Internet browser, operating system, device and application identifiers, IP address and geo-location information, access times and dates, referring and exit pages and URLs, clickstream data, search terms, pages viewed, time spent on pages, bounce rate and login frequency.
Information from Other Users: If another User uses our Services to arrange a service for you, or if you allow another user to perform a transaction on your behalf (for example specifying you as the payment party for a shipment), we may obtain information about you from other Users. Also, when Users share User Content through our Services, if it contains information about you, we will receive that information as well. More information about User Content is provided below.
Information from Other Sources: We may obtain information about you from third-party partners (such as other companies with which we may jointly offer services or conduct promotional events), third-party service providers, credit bureaus or other sources, including but not limited to demographic information, contact information, open data, publicly available data and credit check information. We may use this information for legitimate business purposes, including the performance of a contract, customer support, fraud prevention, and credit-related decisions in connection with our Services, along with other purposes described in this Policy.
Information from Mobile Use: When you access our Services on a mobile device, for example, when you visit our website from a mobile browser, we may obtain information about your location and mobile device, including a unique identifier for your device for legitimate business purposes. Along with the other purposes described in this Policy, we may use this information in order to customize our Services, Content and marketing for your location. Most mobile devices let you disable location services, and your choices for location services may vary depending on your mobile device.
Types of Information We Collect:
- Identity information, such as your first name, last name, username or similar identifier;
- Contact information, such as your postal address, email address and telephone number;
- Profile information, such as your username and password, preferences, feedback and survey responses;
- Feedback and correspondence, such as information you provide in your responses to surveys, when you participate in market research activities, report a problem with Service, receive customer support or otherwise correspond with us;
- Financial information, such as your credit card or other payment details;
- Transaction information, such details about purchases you make through the Service and billing details;
- Usage information, such as information about how you use the Service and interact with us;
- Marketing information, such your preferences for receiving marketing communications and details about how you engage with them;
SENSITIVE PERSONAL INFORMATION
Subject to the following paragraph, we ask that you not send or disclose to us any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or union membership) on or through the Service or otherwise.
CHANGES TO YOUR PERSONAL INFORMATION
It is important that the personal information we hold about you is accurate and current. Please let us know if your personal information changes during your relationship with us by updating your registration profile or emailing us at firstname.lastname@example.org.
HOW WE USE THE INFORMATION WE COLLECT AND WHY
The information we collect helps us to operate, improve, protect, and customize our Services, and to develop new Services. The information we collect also helps us to provide customer support and make our Services more efficient for you and other Users. For the sake of transparency, it is our responsibility to outline for you the legitimate business purposes for the collection of information, and the reasons why we do so, in order for you to make an informed decision regarding the use of our Services. In addition to the other uses of information described in this Policy, we may use all of the information that we obtain from or about you for the following purposes and reasons:
- to provide our Services to you, including new Services we develop later (reason: legitimate business purpose and performance of a contract);
- to provide you with customer support (reason: legitimate business purpose);
- to facilitate your communications or transactions with us or other Users (reason: to receive consent, and for legitimate business purpose);
- to operate, improve, and customize our Services, Content, and marketing, to develop new Services, and to understand how you use and interact with our Services and Content, and the products, services, and Content of others (reason: legitimate business purpose);
- to develop and display more customized Content to you on or off our Services (reason: to receive consent, and for legitimate business purpose);
- to promote and maintain a trusted, safer, and more reliable environment on our Services, for example, to help detect, prevent or otherwise address fraud, security or technical issues, conduct investigations or risk assessments, or verify actions taken by you or associated with your account (reason: to protect the public interest and for legitimate business purpose);
- to contact you (by email, postal mail, telephone, mobile devices, SMS text message, or as otherwise authorized by you) in order to address issues with your account or use of our Services, collect fees, send you updates about our Services or policies, or for other purposes permitted by law (reason: performance of a contract and for legitimate business purpose);
- to contact you (by email, postal mail, telephone, mobile devices, SMS text message, or as otherwise authorized by you) in order to send you marketing communications, promotional messages, and offers about our Services and Content, and the products, services, and Content of others (see below for information on how to opt out of receiving certain communications from us) (reason: to receive consent, and for legitimate business purpose);
- to facilitate your participation in contests, sweepstakes or other promotional events sponsored or conducted by us or by others in conjunction with us (reason: performance of a contract);
- to comply with our legal obligations, resolve disputes, or enforce our Terms and Conditions or any other ARTA policies or agreements with Users (reason: compliance with a legal obligation);
- to perform other functions as described when the information is collected or requested, or for other purposes with your prior consent (reason: legitimate business purpose).
Every email we send, both marketing and transactional, contain links that allow you to unsubscribe. If you do not want to receive marketing email from us, you can unsubscribe by following the unsubscribe link in the email you received, or emailing us. If you choose to opt out of transactional emails, the opt out will only be temporary, as those communications are critical to conducting business with us, such as email about your account, your relationship with us, or your transactions. For further information, please contact us at email@example.com. Please note that unsubscribing from receiving emails from us may result in a less robust experience of our Services.
ACCOUNTS AND USER PROFILES
Registration, Access and Records: To register for an ARTA account, you will need to provide your full name and a valid email address. If you have received our permission to use our Services as a business, you may need to complete an additional registration process and provide additional information. If you have an ARTA account, you may access, add, remove or update certain information about you in your profile and account settings, as indicated on our Services. It is your responsibility to update all such information as necessary to keep it accurate and current. When you update your account or profile information, we may keep a record of the unrevised information for purposes consistent with this Policy. If you wish to terminate your account and all data associated with it, you may do so by emailing firstname.lastname@example.org, subject to any other agreements between you and us. If you terminate your account, we may keep a record of any or all information associated with you or your account, as required or permitted by law, for purposes consistent with this Policy; specific account data that includes Personal Information including your name, e-mail, contact information, and certain other records such as shipments, quotes and vendor preferences will be removed at such termination. For further information, please contact us at email@example.com.
Data Retention: We will keep and use your data as described in this Policy for (i) as long as your account is in use, is open, or is active; (ii) as long as is necessary to comply with any tax, legal, and/or other regulatory requirements; and (iii) to protect and defend against potential legal claims. If you would like to request the deletion of your personally identifiable information or request that it be returned to you, please contact us at firstname.lastname@example.org. By deleting your data from our Site, you understand that you will no longer be able to use our Services. We will retain your anonymized, aggregated, depersonalized data after it has been deleted from our Site.
As described in our Terms and Conditions, some Services may enable you to provide User Content on or through our Services. When you post or share User Content on or via our Services, any information contained in the User Content (including information in images or videos) becomes accessible on our Services (and may also be indexed by and accessible through third-party search engines), and we and other Users may access and use the User Content as described in our Terms and Conditions. This applies even if you or someone else also provides such information to us by other means, and our use of such information might have been more limited under this Policy if such information was only provided to us by such other means. It is your responsibility to ensure that you have the right to share any information about others that you may share with us or with others through our Services. For further information, please contact us at email@example.com.
Connecting with Other Users: We aim to provide a platform and marketplace where Users can discover and engage with a wide range of shipping and other service vendors. To help make this happen, our Services may include features, such as messaging tools and email addresses hosted on our Services, that enable you to contact and communicate with other Users.
Sharing Information with Other Users: When you use our Services to contact another User or perform a transaction with another User, such as an auction house, gallery, vendor or institution, they may obtain your name, email address and (as applicable) other contact information from us to facilitate communications, services or transactions.
WITH WHOM DO WE SHARE PERSONAL INFORMATION?
Personal Information: Under this Policy, "Personal Information" means information that by itself can be used to identify or contact a specific person (for example, a person’s name, email address, postal address or phone number), and Personal Information does not include information that has been aggregated or made anonymous so that by itself it no longer identifies and can no longer reasonably be used to contact a specific person. We will only share your Personal Information with others in the ways described in this Policy, or otherwise with your prior consent. In addition to the other sharing of Personal Information described in this Policy, we may share your Personal Information with others in the following contexts.
Service Providers: We may contract with third-party service providers that help us provide some of our Services, or that perform some services for us related to our Services, and they may access your Personal Information as needed to perform their functions for us. Examples may include but are not limited to order fulfillment, package delivery, payment processing, bill collection, fraud investigation, email and postal mail administration, customer service assistance, web and mobile data analytics, and server and database hosting services.
We use third parties, including Stripe, TransferWise, Quickbooks and Bill.com, to gather your data from financial institutions. By using our Services, you grant our third-party providers the right, power, and authority to act on your behalf to access and transmit your personal and financial information from the relevant financial institution according to terms of such third-party providers' privacy policies and service terms.
Business Transfers If we are involved in a merger, acquisition, or sale of assets, your Personal Information may be one of the assets transferred. In this event, if you have registered for an ARTA account, we will notify you of the change of ownership by sending an email to the most recent email address you provided us under your ARTA account.
Legal Purposes: We may access, preserve, and disclose your Personal Information and/or other information if we believe that such access, preservation or disclosure is reasonably necessary to: (i) comply with any law, regulation, legal process or governmental request (such as search warrants, subpoenas or court orders), which may include responding to legal requests from jurisdictions outside the United States; (ii) enforce our Terms and Conditions or our other policies or agreements with Users, or investigate potential violations; (iii) detect, prevent or otherwise address fraud, security or technical issues; (iv) protect or enforce the rights or property of ARTA, you, or any other person or entity; or (v) prevent physical harm to any person, including situations involving possible violence or self-harm.
AGGREGATED AND NON-PERSONAL INFORMATION
We may aggregate or make anonymous any Personal Information that we have obtained in any way from or about you or others so that such information no longer contains any Personal Information. We may use and share any aggregated, anonymous or other non-personally identifying information for any legitimate business purposes, including research and development, marketing, and to inform others about how our Services or Content are engaged with or used.
OTHER WEBSITES AND SERVICES
ARTA is based in the United States. Our Users (including the galleries and other organizations that use our Services), service providers, and other third parties you may interact with in connection with our Services, may be located in the United States and other countries around the world, including countries that may not offer the same level of protection for Personal Information as that offered in the United States.
TRANSER OF DATA
Our Services are not directed to children under the age of 13, and we do not knowingly collect Personal Information from people in this age group. If you believe we may have collected Personal Information from anyone under the age of 13, please contact us at firstname.lastname@example.org.
Every ARTA account is protected by a password to help maintain privacy and security on our Services. If you register for an account, we urge you to use a strong password containing unique numbers, letters and special characters, and to protect the confidentiality of your password at all times. If you suspect or become aware of any unauthorized access to or use of your account or password, you agree to immediately notify us and change your password. Please note that while we seek to protect your information and maintain the security of our Services, due to the possibility of hardware or software failure, unauthorized entry or use and other factors, we cannot guarantee the security of any information, whether online or offline. Any transmission of information is at your own risk. Please also note that any information you provide to us via email is unencrypted.
Some jurisdictions have laws that give people the right to access or correct their Personal Information which a company has about them. We will honor any statutory right you may have to access or correct your Personal Information that we have in our records, and you can email such requests to email@example.com. Once we receive your request, we will let you know if an administrative fee will apply to fulfill your request, as permitted by applicable law. However, please note that even if you have a legal right to request access to information or to correct information, as permitted by applicable law, we may reject requests that are unreasonably repetitive, would require disproportionate technical effort (for example, developing a new system or materially changing an existing practice), would jeopardize the privacy of others, or would be extremely impractical to fulfill (for example, requests to access information located on backup systems).
As this Policy is part of our Terms and Conditions, any disputes involving you and us that relate to privacy or the use of your information, and that arise out of or are related to this Policy or our Services, will be subject to our Terms and Conditions, including any provisions regarding the limitation of damages and liability, choice of law, and dispute resolution.
If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us at firstname.lastname@example.org or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.
ARTA Shipping, Inc.
115 West 29th Street, 11th Floor
New York, New York 10001, U.S.A.
What these Technologies Are: “Cookies” are small data files placed on your computer or other device which record information. For example, a cookie could enable our Services to recognize your browser, while another cookie could store your account preferences and other information to help make our Services more customized. We may use two kinds of cookies, “session cookies” and “persistent cookies.” Session cookies normally expire when you close your browser, while persistent cookies remain on your device until they expire or are deleted. “Web beacons” (also known as “pixel tags” or “clear GIFS”) are pieces of code or pixels embedded in a web page or email to track engagement with and responses to emails, web pages, or to access or communicate with cookies. “Tracking URLs” are special URLs that can be used to track engagement with and responses to emails or web pages.
ARTA Shipping, Inc.
115 West 29th Street, 11th Floor
New York, New York 10001, U.S.A.
Attention: Data Protection Officer
Additional Information For European Union Users
CONTROLLER AND DATA PROTECTION OFFICER
ARTA Shipping, Inc. is the controller of your personal information for purposes of European data protection legislation. Our Data Protection Officer can be reached at email@example.com. See the Contact section above for additional contact details.
LEGAL BASES FOR PROCESSING
We only use your personal information as permitted by law. We are required to inform you of the legal bases of our processing of your personal information, which are described in the table below. If you have questions about the legal basis of how we process your personal information, contact us at firstname.lastname@example.org.
|Processing Purpose||Legal Basis|
|To provide the Service||Processing is necessary to perform the contract governing our provision of the Service or to take steps that you request prior to signing up for the Service|
|To communicate with you
To create anonymous data for analytics
For compliance, fraud prevention and safety
|These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).|
|To comply with law||Processing is necessary to comply with our legal obligations|
|With your consent||Processing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated in the Service or by contacting us at email@example.com.|
Use For New Purposes
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Information) for six years after they cease being customers for tax purposes.
In some circumstances we may anonymize your personal information (so that it can no longer be associated with you) in which case we may use this information indefinitely without further notice to you.
If you would like to request the deletion of your personally identifiable information or request that it be returned to you, please contact us at firstname.lastname@example.org. By deleting your data from our Site, you understand that you will no longer be able to use our Services. We will retain your anonymized, aggregated, depersonalized data after it has been deleted from our Site.
European data protection laws give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:
- Opt-out. Stop sending you direct marketing communications. You may continue to receive Service-related and other non-marketing emails.
- Access. Provide you with information about our processing of your personal information and give you access to your personal information.
- Correct. Update or correct inaccuracies in your personal information.
- Delete. Delete your personal information.
- Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
- Restrict. Restrict the processing of your personal information.
- Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
You can submit these requests by email to email@example.com or our postal address provided below. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions.
CROSS BORDER DATA TRANSFER
Whenever we transfer your personal information out of the EEA to countries not deemed by the European Commission to provide an adequate level of personal information protection, the transfer will be based on one of the following safeguards recognized by the European Commission as providing adequate protection for personal information, where required by EU data protection legislation:
- Contracts approved by the European Commission which impose data protection obligations on the parties to the transfer. For further details, see European Commission Model contracts for the transfer of personal information to third countries.
- For transfers to third parties in the United States, ensuring they participate in the E.U.-U.S. Privacy Shield Framework
Please Contact us if you want further information on the specific mechanism used by us when transferring your personal information out of the EEA.