Last Updated: 2025/11/15

Welcome to our website. At VCARSYSTEM, we fully understand the importance of personal data security and are committed to protecting your privacy. We process your data in accordance with the applicable legal provisions for the protection of personal data, in particular the EU General Data Protection Regulation (GDPR) and the country-specific implementation laws applicable to us. This Privacy Policy aims to clearly and transparently explain how we process your personal data when you visit our website and use our services, as well as how you may exercise your rights regarding such personal data.

Personal data is any information that makes it possible to identify a natural person. This includes, in particular, your name, date of birth, address, telephone number, email address, and your IP address. Anonymous data is data that cannot be linked to any individual user.

Please read this policy carefully before using our services. If you do not agree with the ways we handle personal information as described herein, please do not provide your information when requested and discontinue use of this website. By continuing to use our website and services, you acknowledge that you have read, understood, and agreed to our handling of your personal information in accordance with this policy.

1. Purposes and legal basis of the processing of personal data

Subject matter of our data processing are your contact details as well as, if applicable, other personal data required for the provision of our services or our communication with you. We will only collect and use your personal information for the purposes stated in this policy:

• Membership Registration & Login:
  When you register as a member, we may collect your name, email address, phone number, etc. This is necessary to create your account and provide member services. Without this information, registration may not be completed.
• Service Operation & Experience Improvement:
  When you browse the website, we may automatically collect information such as your IP address, device identifiers, browser type, operating system, access time/date, and the pages or links you visit (log information). This helps us analyze trends, manage the site, improve our products and services.
• Cookies & Similar Technologies:
  We may use cookies or similar technologies to provide a more personalized experience. You can manage or block cookies through your browser settings, though this may affect certain website features. For more  information about our Cookies policy, click here
• Contact & Communication:
  When you interact with us (via customer service, surveys, etc), we may record your name, contact details, and inquiry content to respond to your needs and improve our service quality.
• Third-Party Data Sources:
  Where permitted by law, we may also obtain data from public sources or commercial third parties, such as statistical data purchased from other companies to support our services.

We process data in the context of administrative tasks and the organization of our operations, financial accounting, and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process in the context of providing our contractual services.
Art. 6 para. 1 sentence 1 lit. a GDPR serves as the legal basis for processing operations in which we obtain consent for a specific processing purpose, for example when using cookies. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, with processing operations necessary for the delivery of goods or the provision of other services or consideration, the processing is based on Art. 6 para. 1 sentence 1 lit. b GDPR. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or services. If our company is subject to a legal obligation that requires the processing of personal data, such as for the fulfillment of tax obligations, the processing is based on Art. 6 para. 1 sentence 1 lit. c GDPR. Finally, processing operations could also be based on Art. 6 para. 1 sentence 1 lit. f GDPR. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights, and freedoms of the data subject do not prevail. This is, for example, the legal basis for the use of technical security functions. The purpose and our interest in processing lies in administration, financial accounting, office organization, and archiving of data, i.e., tasks that serve to maintain our business activities, perform our tasks, and provide our services.

2. How We Use Your Personal Information

We only collect the minimum necessary information as required by law, in order to:

3. Sharing, Transfer, and Disclosure of Personal Data

We will not transfer or sell your personal data to third parties, i.e. any company, organization, or individual for purposes other than those listed below. We may share your personal data only under the following circumstances:

• With your explicit consent in accordance with Art. 6 (1) (a) or Art. 49 (1) (a) GDPR.
• this is legally permissible and necessary for the performance of contractual relationships with you in accordance with Art. 6 (1) (b) GDPR.
• As required to comply with legal obligations or in response to judicial/administrative requests in accordance with Art. 6 para. 1 sentence 1 lit. c) GDPR, and this is legally permissible.
• the transfer is necessary for the assertion, exercise, or defense of legal claims and there is no reason to assume that you have an overriding interest in the non-transfer of your data.
• We do not transfer your data to third countries (outside the EU). Should this become necessary, we will inform you here in the relevant section or in separate data protection notices and ensure that all necessary measures are taken to maintain an adequate level of data protection.
• With authorized service providers (e.g., cloud or analytics providers) who process information on our behalf under strict confidentiality obligations, in the event that we commission another service provider/supplier to fulfill the contractual obligations we have agreed with you within the scope of our cooperation.
• Commissioning support services that require access to your personal data or where such access cannot be ruled out. This includes, for example, IT services, services related to invoicing, or the use of tax consulting services.
• In other reasonable situations such as contract performance, preventing harm, or investigating illegal activity.

4. Storage and Deletion of Personal Data

We apply appropriate physical, administrative, and technical measures to protect your information from unauthorized access, disclosure, alteration, or loss.

The data we process will be deleted or restricted in its processing in accordance with Articles 17 and 18 of the GDPR. Unless expressly stated in this privacy policy, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no legal obligations to retain it. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons

If you choose to cancel your account, we will stop providing services tied to that account and delete related data unless otherwise required by law.

5. Your Rights as a Data Subject

We would like to inform you about your rights as a data subject. These rights are standardized in Articles 15–22 of the EU GDPR. This includes:

• The right to information (Art. 15 EU GDPR),
• The right to erasure (Article 17 EU GDPR),
• The right to rectification (Article 16 of the EU GDPR),
• The right to data portability (Article 20 EU GDPR),
• The right to restriction of processing (Article 18 EU GDPR),
• The right to object to data processing (Art. 21 EU GDPR).

To exercise these rights, please contact us. The same applies if you have any questions about data processing in our company. You also have the right to lodge a complaint with a data protection supervisory authority.

For security, we may require you to provide a written request or verify your identity before processing. We typically respond within 15 business days.

Where applicable, you may also withdraw your consent at any time. Withdrawal will not affect the lawfulness of prior processing based on your consent.

6. Children’s Information

Our products, websites, and services are intended for adults. Children should not create accounts without parental/guardian consent. If we discover we have collected a child’s personal information without verifiable parental consent, we will promptly delete it.

7.International Data Transfers

We operate subsidiaries and offices in several countries. Your personal information may be processed or accessed in the country where you use our services or in other regions where we, our affiliates, or partners are located. We will take measures to ensure data protection in line with this policy and applicable laws.such as signing standard contractual clauses approved by the EU Commission, obtaining the consent to the cross-border transfer of a data subject in the EU, or implementing security measures like anonymizing personal data before cross-border data transfer. You can click here to obtain a copy of the EU’s standard contractual clauses.

8.Policy Updates

This Privacy Policy may be updated due to business, legal, or technological changes. Updates will be posted on this website and become effective upon publication. The latest update date will be indicated.

For major changes, we may notify you via website announcement, SMS, or other means. Please review this policy periodically for the latest information.

9.Contact Us

If you have questions, comments, or suggestions about this Privacy Policy, or wish to exercise your rights, please contact us:

• Phone: +86 400 811 8930

• Email: Marketing@vcarsystem.com

We will review and respond within 15 business days. If you are not satisfied with our reply, especially if you believe our data practices harm your legitimate rights, you may file a complaint with relevant regulatory authorities such as Cyberspace Administration, Telecom, Public Security, or Market Supervision departments.