Arbsbuy LLC β€” GDPR Compliance Statement

Effective Date: 22nd November, 2025

This GDPR Compliance Statement explains how Arbsbuy LLC processes, stores, and protects personal data for customers located in the European Union (EU), European Economic Area (EEA), and the United Kingdom (UK), in accordance with the General Data Protection Regulation (GDPR) and UK GDPR.

We are committed to transparency, data protection, and ensuring your rights as an EU/UK data subject when you visit or make purchases on https://arbsbuy.com.

1. Data Controller

The data controller responsible for your personal information is:

  • Arbsbuy LLC
  • 7901 4th St N STE 300, St. Petersburg, FL 33702, United States
  • Email: support@arbsbuy.com
  • Phone: +1 (904) 668-5277

If you are located in the EU/UK, you may contact us for data protection questions or rights requests.

2. What Personal Data We Collect

We collect only the data necessary to provide our services, including:

Personal Identification Data:

  • Name
  • Email address
  • Phone number
  • Billing & shipping address

Order & Transaction Data:

  • Order history
  • Payment confirmation (not card numbers)
  • Account details

Technical & Usage Data:

  • IP address
  • Browser type
  • Device type
  • Cookies and analytics data

Communication Data:

  • Emails
  • Support chats
  • Form submissions

Vendor Data (Future Marketplace):

  • Business details
  • Payment information for payouts
  • Store performance analytics

3. Legal Basis for Processing

We process personal data under these GDPR legal bases:

  • Contract Performance β€” to process orders, payments, delivery, returns
  • Legitimate Interests β€” fraud prevention, improving services
  • Consent β€” marketing emails, non-essential cookies
  • Legal Obligation β€” tax reporting, accounting, compliance

We never sell your personal data.

4. How We Use Your Data

  • To process and deliver orders
  • To handle returns, refunds, and customer support
  • To detect and prevent fraud or unauthorized activity
  • To improve website performance and user experience
  • To send marketing communications (only if you consent)
  • To comply with legal or regulatory obligations

5. How Long We Keep Your Data

We retain data only as long as necessary for:

  • Order processing
  • Tax and legal compliance
  • Fraud prevention
  • Customer account history

If you request account deletion, we will remove your data unless retention is required by law.

6. Your GDPR Rights

EU/UK users have the following rights:

  • Right to Access β€” request a copy of your data
  • Right to Rectification β€” correct inaccurate information
  • Right to Erasure β€” request deletion (β€œright to be forgotten”)
  • Right to Restrict Processing
  • Right to Data Portability
  • Right to Object β€” stop certain forms of processing
  • Right to Withdraw Consent β€” unsubscribe from marketing

To exercise rights, email us: support@arbsbuy.com We may request verification to protect your account.

7. Cookies & Tracking Technologies

We use cookies and analytics tools to improve website performance. EU/UK visitors will see a cookie consent banner allowing acceptance or rejection of non-essential cookies.

For full details, please see our Cookie Policy.

8. Sharing Your Data

We do not sell or rent your data. We only share data with:

  • Payment processors (Stripe, PayPal)
  • Shipping carriers and logistics partners
  • Dropshipping suppliers (limited information)
  • Gemstone shipping/export handlers (Pakistan)
  • Email and support service providers
  • Analytics tools (Google Analytics)

All third parties follow data protection agreements and security protocols.

9. International Data Transfers

Arbsbuy LLC is based in the United States. Your data may be processed in the U.S., Pakistan, or the supplier’s region.

We ensure GDPR-level protection using:

  • Standard Contractual Clauses (SCCs)
  • Encrypted data transfers
  • Secure processing agreements

10. Marketplace Vendor Data (Future Feature)

When the marketplace launches, vendor data will be protected under GDPR, including:

  • Secure payout withdrawal information
  • Encrypted business documents
  • Seller identity verification
  • Limited sharing with buyers and carriers

Vendors must comply with GDPR when handling EU/UK customers.

11. Data Security Measures

We use strict security protocols, including:

  • SSL encryption
  • Two-factor authentication for admin access
  • Regular security audits
  • Firewall & malware scanning
  • Secure hosted payment gateways

No online system is 100% secure, but we take significant measures to protect your data.

12. Updates to This Statement

We may update this GDPR Compliance Statement to reflect:

  • Law changes
  • New data protection standards
  • Marketplace expansion
  • Operational updates

Changes take effect immediately upon posting.

13. Contact Information

Data Protection Contact β€” Arbsbuy LLC

Website: https://arbsbuy.com

Email: support@arbsbuy.com

Phone: +1 (904) 668-5277

Business Address: 7901 4th St N STE 300, St. Petersburg, FL 33702, United States

EU/UK customers may contact us for any GDPR-related requests or concerns.