Privacy Policy
Privacy policies
Bud Amazonia Kft. Registered at the following address (1021 Budapest Boloni Gyorgy Utca 18 1 Hungary, tax identification number 26667704-2-41, company registration number: Cg.01-09-338186 (will be supplier, details then).
REGULATION (EU) No 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL dated April 2016 on the protection of natural persons in relation to the processing of personal data and the free flow of such data and repealing the Regulation ( EC) No 95/46 (General data protection regulation) 27.), in which the following information is provided.
This Privacy Policy regulates the privacy practices of the following pages: www.es.budamazonia.com
The privacy notice is available at: https://www.es.budamazonia.com
The amendments to the brochure will become effective as of its publication at the previous address.
Controller and contact information:
Name: Bud Amazonia Kft.
Headquarters: Solymár 2083, Orgona Utca 7 Hungary
Email: info@budamazonia.com
Telephone: +36 70 5076348 / +34 610 040 179
Definitions
1. “Personal data” means any information related to an identified or identifiable natural person (“data subject”); identifiable by a natural person who, directly or indirectly, in particular by virtue of one or more factors such as name, number, positioning data, online identification or physical, physiological, genetic, intellectual, economic, cultural or social identity of the person physically identified .;
2. “Data management” means any operation or combination of operations, whether automatic or not, carried out on personal data or data files, such as collection, registration, archiving, classification, storage, transformation or alteration, recovery, access, use, communication, distribution or other make available, reconcile or link, limit, delete or destroy.
3. “Controller” means the natural or legal person, public authority, agency or any other body that, alone or together with others, determines the purposes and means of processing personal data; when the legislation of the Union or of the Member State determines the purposes and means of data processing, the legislation of the Union or of the Member State may define the controller or the specific criteria for designating the controller;
4. Processor “means a natural or legal person, public authority, agency or any other body that processes personal data on behalf of the controller;
5. “Recipient” means any natural or legal person, public authority, agency or any other body to whom or to whom personal data is disclosed, whether a third party or not. Public authorities that have access to personal data in the framework of an individual investigation in accordance with the legislation of the Union or of the Member States shall not be considered beneficiaries; The processing of said data by said public authorities must comply with the applicable data protection rules in accordance with the purposes of the processing.
6. “Consent of the interested party” means the voluntary, explicit and unambiguous expression of the will of the interested party, whereby the interested party, by means of an unequivocal declaration or act of confirmation, indicates his or her consent to the processing of personal data that concern him;
7. “Data incident” means a security breach that results in accidental or illegal destruction, loss, alteration, unauthorized disclosure or unauthorized access of personal data transmitted, stored or otherwise processed.
Principles governing the processing of personal data.
Your personal information:
to. Its administration must be carried out in a legal and fair manner and in a transparent manner for the interested party (“legality, due process and transparency”);
yes. (c) collected for specific, explicit and legitimate purposes and not managed in a manner incompatible with those purposes; the subsequent processing of data for archival purposes in the public interest, for scientific and historical research purposes or for statistical purposes (“limitation of purpose”) is not considered incompatible with the original purpose;
C. They must be relevant for the purposes for which the data is processed and must be limited to what is necessary (‘data storage’);
re. They must be precise and, when necessary, kept up to date; all reasonable measures must be taken to ensure that personal data that is inaccurate for the purposes for which the data is processed is deleted or rectified without delay (‘accuracy’);me. It must be maintained in a way that allows the identification of interested parties for a time that is not necessary for the purposes for which personal data is processed; Personal data may be stored for a longer period only if they are processed for archiving in the public interest, for scientific and historical research purposes or for statistical purposes in accordance with article 89 (1). subject to the implementation of appropriate technical and organizational measures to protect their freedoms (“limited storage”); It will be handled in such a way that adequate security of personal data is guaranteed through appropriate technical or organizational measures, including protection against unauthorized or illegal processing, accidental loss, destruction or damage of data (“integrity and confidentiality”) .
F. The controller is responsible for compliance with the foregoing and must be able to justify said compliance (“liability”).
Processing of data
Data management related to the operation of a web store.
1. Fact of data collection, scope of processed data and purpose of data management:
personal information Purpose of data management.
Username identification, registration authorization.
password Provides secure access to the user account.
Last name and first name Contact, purchase and issue a valid invoice is required.
Contact email address.
Link telephone number, more efficient coordination of billing or shipping problems.
Name and billing address Issuance of an appropriate invoice, as well as the establishment of the contract, the definition, modification, monitoring of its fulfillment, the invoicing of the fees derived from it and the execution of the claims related thereto.
Name and shipping address Enable home delivery.
Date of purchase / registration Perform a technical operation.
The IP address at the time of purchase / registration Perform a technical operation.
Neither your username nor your email address requires personal information.
2. Interested parties: all interested parties registered / buying in the web store.
3. Duration of data processing, deadline for data deletion: immediately after deletion of the record. Except in the case of accounting documents, since § 169 (2) of Act C of 2000 on Accounting requires that these data be maintained for 8 years.
The accounting document (including accounting accounts, analytical and accounting records) that supports the accounts directly and indirectly must be kept legible for at least 8 years, recoverable by reference to the accounting records.
4. Identity of the possible data controllers with the right to access the data, recipients of the personal data: the personal data can be managed by the sales and marketing staff of the data controller, subject to the above principles.
5. The description of the rights of interested parties related to data management:
• The interested party may request the controller access, rectification, deletion or restriction of the processing of personal data concerning him, and
• Oppose the processing of such personal data; Y
• The interested party will have the right to data portability and withdrawal of consent at any time.
6. You can initiate access, deletion, modification or restriction of personal data, data portability or objection to data processing in the following ways:
• By postal mail to the address: 2083 Solymár, Ogona Utca 7, Hungary
• By email to info@es.budamazonia.com
• By phone: +36 70 5076348 / +34 610 040 179
7. Legal basis for data processing:
Consent of the interested party, Article 6 (1) (a), Infotv. Section 5, paragraph (1) of the
CVIII 13 / A. § (3):
The service provider can manage the personal data that are technically necessary for the provision of the service in order to provide the service. The Service Provider, in case the other conditions are identical, will select and, in any case, use the tools used in the provision of the information society service in such a way that the personal data is process only if strictly necessary for the service. . however, in this case only to the extent and for the necessary time.
In the case of an invoice issued in accordance with accounting standards, article 6 (1) (c).
8. Note that:
• Data management is based on your consent.
• You must provide personal information that allows us to comply with your request.
• Not sending this information with the implications implies that we cannot process your order.
The data processors used:
Transport.
1. Data processing activities: delivery of goods, transportation
2. Name of the data processor and contact information:
General Logistics Sistems s.a
Headquarters: Av. Fuentemar 18, 28823, Coslada, Madrid, España.
Phone Number +34 902113300
Email info: gls-spain.es
Fáma First Kft.
Headquarters: 1194 Budapest, Viola u. 38. Hungary.
Postal address: 1183 Budapest, Akadály utca 15. Hungary
Email: info@famafutar.hu
Phone number: +36 20/3473107
24H Parcel Kft.
Headquarters: 1106 Budapest, Fehér u. 10. Hungary.
Postal address: 1106 Budapest, Fehér u. 10.
Email address: 24hfutar@24hfutar.hu
Phone Number: +36209892424
Magyar Posta Private Limited Company
Headquarters address: 1138 Budapest, Dunavirág utca 2-6. Hungary.
Postal address: Budapest 1540
Phone: 06-40-46-46-46
GTC: http://www.posta.hu/ugyfelszolgalat/aszf
3. Data management data, scope of processed data: shipping name, shipping address, telephone number, email address.
4. Interested parties: all interested parties requesting home delivery.
5. Purpose of data management: Delivery of the requested product at home.
6. Duration of data processing, deadline for data deletion: it takes until the delivery is completed.
7. Legal basis for data processing: user consent, article 6 (1) (a), Infotv. Section 5 para.
Pay online
1. Data processing activity: online payment
2. Name of the data processor and contact information:
Headquarters Notice
privacy introduction
The Bud Amazonia Kft. It is launched under the following brochure (1021 Budapest Boloni Gyorgy Utca 18 1 Hungary, tax identification number 26667704-2-41, company registration number: Cg.01-09-338186 (supplier, details below) ).
REGULATION (EU) No 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 2016 on the protection of natural persons in relation to the processing of personal data and the free flow of such data and repealing Regulation (EC) ) No 95/46 (General data protection regulation) 27.), the following information is provided.
This Privacy Policy regulates the privacy practices of the following pages: https://es.budamazonia.com
The privacy notice is available at: https://www.es.budamazonia.com
The amendments to the brochure will become effective as of its publication at the previous address.
Controller and contact information:
Name: Bud Amazonia Kft.
Headquarters: 2083 Solymár, Orgona Utca 7, Hungary
Email: info@budamazonia.com
Telephone: +36 70 5076348 / +34 610 040 179
Definitions
1. “Personal data” means any information related to an identified or identifiable natural person (“data subject”); identifiable by a natural person who, directly or indirectly, in particular by virtue of one or more factors such as name, number, positioning data, online identification or physical, physiological identity,genetic, intellectual, economic, cultural or social of the identified physical person;
2. “Data management” means any operation or combination of operations, whether automatic or not, carried out on personal data or data files, such as collection, registration, archiving, classification, storage, transformation or alteration, recovery, access, use, communication, distribution or other make available, reconcile or link, limit, delete or destroy;
3. “Controller” means the natural or legal person, public authority, agency or any other body that, alone or together with others, determines the purposes and means of processing personal data; when the legislation of the Union or of the Member State determines the purposes and means of data processing, the legislation of the Union or of the Member State may define the controller or the specific criteria for designating the controller;
4. Processor “means a natural or legal person, public authority, agency or any other body that processes personal data on behalf of the controller;
5. “Recipient” shall mean any natural or legal person, public authority, agency or any other body to whom or to whom personal data is disclosed, whether a third party or not. Public authorities that have access to personal data in the framework of an individual investigation in accordance with the legislation of the Union or of the Member States shall not be considered beneficiaries; the processing of said data by said public authorities must comply with the applicable data protection rules in accordance with the purposes of the processing;
6. “Consent of the interested party” means the voluntary, explicit and unambiguous expression of the will of the interested party, whereby the interested party, by means of an unequivocal declaration or act of confirmation, indicates his or her consent to the processing of personal data that concern him;
7. “Data incident” means a security breach that results in accidental or illegal destruction, loss, alteration, unauthorized disclosure or unauthorized access of personal data transmitted, stored or otherwise processed.
Principles governing the processing of personal data.
Your personal information:
to. Its administration must be carried out in a legal and fair manner and in a transparent manner for the interested party (“legality, due process and transparency”);
yes. (c) collected for specific, explicit and legitimate purposes and not managed in a manner incompatible with those purposes; the subsequent processing of data for archival purposes in the public interest, for scientific and historical research purposes or for statistical purposes (“limitation of purpose”) is not considered incompatible with the original purpose;
C. They must be relevant for the purposes for which the data is processed and must be limited to what is necessary (‘data storage’);
re. They must be precise and, when necessary, kept up to date; all reasonable measures must be taken to ensure that personal data that is inaccurate for the purposes for which the data is processed is deleted or rectified without delay (‘accuracy’);
me. It must be maintained in a way that allows the identification of interested parties for a time that is not necessary for the purposes for which personal data is processed; Personal data may be stored for a longer period only if they are processed for archiving in the public interest, for scientific and historical research purposes or for statistical purposes in accordance with article 89 (1). subject to the implementation of appropriate technical and organizational measures to protect their freedoms (“limited storage”); It will be handled in such a way that adequate security of personal data is guaranteed through appropriate technical or organizational measures, including protection against unauthorized or illegal processing, accidental loss, destruction or damage of data (“integrity and confidentiality”) .
F. The controller is responsible for compliance with the foregoing and must be able to justify said compliance (“liability”).
Processing of data Data management related to the operation of a web store.
1. Fact of data collection, scope of processed data and purpose of data management:
personal information Purpose of data management.
Username identification, registration authorization.
password Provides secure access to the user account.
Last name and first name Contact, purchase and issue a valid invoice is required.
Contact email address.
Link telephone number, more efficient coordination of problems Billing or shipping.
Name and billing address Issuance of an appropriate invoice, as well as the establishment of the contract, the definition, modification, monitoring of its fulfillment, the invoicing of the fees derived from it and the execution of the claims related thereto.
Name and shipping address Enable home delivery.
Date of purchase / registration Perform a technical operation.
The IP address at the time of purchase / registration Perform a technical operation.
Neither your username nor your email address requires personal information.
2. Interested parties: all interested parties registered / buying in the web store.
3. Duration of data processing, deadline for data deletion: immediately after deletion of the record. Except in the case of accounting documents, since § 169 (2) of Act C of 2000 on Accounting requires that these data be maintained for 8 years.
The accounting document (including accounting accounts, analytical and accounting records) that supports the accounts directly and indirectly must be kept legible for at least 8 years, recoverable by reference to the accounting records.
4. Identity of the possible data controllers with the right to access the data, recipients of the personal data: the personal data can be managed by the sales and marketing staff of the data controller, subject to the above principles.
5. The description of the rights of interested parties related to data management:
• The interested party may request the controller access, rectification, deletion or restriction of the processing of personal data concerning him, and
• Oppose the processing of such personal data; Y
• The interested party will have the right to data portability and withdrawal of consent at any time.
6. You can initiate access, deletion, modification or restriction of personal data, data portability or objection to data processing in the following ways:
• By postal mail to the address: 2083 Solymár, Orgona Utca 7, Hungary
• By email to information @ es.budamazonia.com
• By phone: +36 70 5076348 / +34 610 040 179
7. Legal basis for data processing:
Consent of the interested party, Article 6 (1) (a), Infotv. Section 5, paragraph (1) of the
CVIII 13 / A. § (3):
The service provider can manage the personal data that are technically necessary for the provision of the service in order to provide the service. The Service Provider, in case the other conditions are identical, will select and, in any case, use the tools used in the provision of the information society service in such a way that personal data is processed only if it is strictly necessary for the service. . however, in this case only to the extent and for the necessary time.
In the case of an invoice issued in accordance with accounting standards, article 6 (1) (c).
8. Note that:
• Data management is based on your consent.
• You must provide personal information that allows us to comply with your request.
• Not sending this information with the implications implies that we cannot process your order.
The data processors used:
Transport.
1. Data processing activities: delivery of goods, transportation
2. Name of the data processor and contact information:
General Logistics Sistems s.a
Headquarters: Av. Fuentemar 18, 28823, Coslada, Madrid, España.
Phone Number +34 902113300
Email info: gls-spain.es
Fáma First Kft.
Headquarters: 1194 Budapest, Viola u. 38. Hungary.
Postal address: 1183 Budapest, Akadály utca 15. Hungary
Email: info@famafutar.hu
Phone number: +36 20/3473107
24H Parcel Kft.
Headquarters: 1106 Budapest, Fehér u. 10. Hungary.
Postal address: 1106 Budapest, Fehér u. 10.
Email address: 24hfutar@24hfutar.hu
Phone Number: +36209892424
Magyar Posta Private Limited Company
Headquarters address of: 1138 Budapest, Dunavirág utca 2-6. Hungary.
Postal address: Budapest 1540
Phone: 06-40-46-46-46
GTC: http://www.posta.hu/ugyfelszolgalat/aszf
Home delivery team
Headquarter address: 1116 Budapest Hunyadi János út 162.
Hungary phone number: (20) 557-4499
Email: info@homedt.hu
3. Data management data, scope of processed data: shipping name, shipping address, telephone number, email address.
4. Interested parties: all interested parties requesting home delivery.
5. Purpose of data management: Delivery of the requested product at home.
6. Duration of data processing, deadline for data deletion: it takes until the delivery is completed.
7. Legal basis for data processing: user consent, article 6 (1) (a), Infotv. Section
Pay online
1. Data processing activity: online payment
2. Name of the data processor and contact information:
Headquarters of the Novopayment Kft. H-1034 Budapest, Tímár utca 20. 4.em
Website: http://www.novopayment.hu/
Telebank: +36 14900234
3. Fact of data management, scope of the managed data: billing name, billing address, email address.
4. Interested parties: all interested parties requesting online purchases.
5. Purpose of data management: fraud monitoring for online payments, confirmation of transactions and user protection.
6. Duration of data processing, deadline for data deletion: until online payment is made.
7. Legal basis for data processing: user consent, Infotv. Sections 5 (1), 6 (1) (a) and CVIII of 2001 on certain aspects of electronic commerce services and information society services. 13 / A. (3)
Hosting provider
1.-Data processing activities: hosting services
2.-Name of the data processor and contact information:
GoDaddy Operating Company, LLC
Corporate Headquarters 14455 N. Hayden Rd., Ste. 226
Scottsdale, AZ 85260 EE. UU.
Número de teléfono: 91 198 05 24
Número de fax: (480) 624-2546
Dirección de email: HQ@godaddy.com
3.-Fact of data management, scope of processed data: all personal data provided by the interested party.
4.- Interested parties: all interested parties that use the site.
5.-Purpose of data management: Make the website accessible and operate it properly.
6.-Duration of data processing, time limit for data deletion: data management will continue until the end of the agreement between the data controller and the hosting provider or the request of the interested party to delete the data from the hosting of the data provider.
7.-Legal basis for data processing: user consent, Infotv. Sections 5 (1), 6 (1) (a) and CVIII of 2001 on certain aspects of electronic commerce services and information society services. 13 / A. (3)
Cookie handling
1. The specific cookies of the web store are the so-called “session cookies protected by password”, “shopping cart cookies” and “security cookies”, which do not require the prior consent of the interested parties.
2. The fact of data management, the range of processed data: unique identification number, dates, hours
3. Interested parties: all interested parties visiting the site.
4. Purpose of data management: Identify users, register a “shopping cart” and track visitors.
5. Duration of data management, deadline for data deletion:
Type of cookie Legal basis for data management.
Duration of data management. Managed data set
Session Cookies
The CVIII of 2001. On certain issues in electronic commerce services and information society services. 13 / A. (3) The
relevant period of time until a session ofvisitor
connect.sid
6. Identity of the possible data controllers authorized to access the data: when you use cookies, the data controller does not manage personal data.
7. Disclosure of data management rights of interested parties: interested parties have the option to delete cookies in the Tools / Preferences menu of browsers, usually in Privacy.
8. Legal basis for data processing: the consent of the interested party is not required if the sole purpose of the use of cookies is to transmit communications through an electronic communications network or to provide the information society service explicitly requested by the Subscriber or user.
Use of Google Adwords conversion tracking
1. The controller uses the “Google AdWords” online advertising program and the Google conversion tracking service. Google Conversion Tracking is a service provided by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; “Google”).
2. When a user accesses a web page through a Google ad, a conversion tracking cookie is placed on their computer. These cookies have limited validity and do not contain personal information and the user cannot identify them.
3. When the user browses certain pages of the website and the cookie has not expired, Google and the data controller can also see that the user has clicked on the ad.
4. Each Google AdWords customer receives a different cookie, so it cannot be tracked through the AdWords customer websites.
5. The information obtained through conversion tracking cookies is used to generate conversion statistics for AdWords conversion tracking customers. This is how customers are informed about the number of users who click on your ad and are sent to a page with a conversion tracking tag. However, they do not have access to information that can identify any user.
6. If you do not want to participate in conversion tracking, you can choose to disable cookies in your browser. After that, it will not be included in your conversion tracking statistics.
7. You can find more information and the Google Privacy Statement at www.google.de/policies/privacy/
Google Analytics application
1. This website uses Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses the so-called “cookies”, text files that are saved on your computer, to help you analyze the use of a web page that a User visits.
2. The information generated by the cookies associated with the use of the Site by the User, is usually stored and stored on a Google server in the USA. UU. UU. By activating the IP anonymity website, Google will shorten the user’s IP address within the Member States of the European Union or other States parties to the Agreement on the European Economic Area.
3. The full IP address will only be sent to the Google server in the US. UU. UU. And it will be shortened there only in exceptional cases. Google will use this information on behalf of the operator of this website to evaluate how the user has used the website, report website activity to the website operator and provide additional services related to the use of the website and the Internet.
4. In Google Analytics, the IP address transmitted by the user’s browser is not reconciled with other Google data. The user can avoid the storage of cookies by correctly configuring his browser, however, keep in mind that, in this case, not all the functions of this website can be used completely. You can also prevent Google from collecting and processing your information related to cookies about your use of the website (including your IP address) by downloading and installing the browser plug-in available at the following link. https://tools.google.com/dlpage/gaoptout?hl=hu
Bulletin, DM activity
1. Law XLVIII of 2008 on the basic terms and certain limits of economic advertising activities In accordance with Article 6 of the Law, the User can anticipate and give his express consent to contact the Service Provider with his advertising offers and others emails to the contact details provided in the registry.
2. In addition, the Client may, subject to the provisions of this Prospectus, give his consent for the Service Provider to handle the personal information necessary to send promotional offers.
3. The Service Provider will not send unsolicited advertising messages and the User may, without limitation and without justification, unsubscribe from sending offers. In this case, the Service Provider will delete all the personal data necessary to send advertising messages from its registration and will not contact the User with any other advertising offer. The user can unsubscribe from the ads by clicking on the link in the message.
4. Reality of data collection, scope of processed data and purpose of data management:
Personal information Purpose of data management.
Name, email address. Identify, enable subscription to the newsletter.
Subscription date Perform a technical operation.
The IP address of the subscription. Perform a technical operation.
5. Stakeholders: all interested parties who subscribe to the newsletter.
6. Objective of data management: send electronic messages containing advertising (email, SMS, push messages) to the interested party, providing information on current information, products, promotions, new functions, etc.
7. Duration of data processing, deadline for data deletion: data processing will take place until the declaration of consent is withdrawn, that is, voluntary exclusion.
8. Data management record number: in progress …
9. Identity of the possible data controllers with the right to access the data, recipients of the personal data: the personal data can be managed by the sales and marketing staff of the data controller, subject to the above principles.
10. The description of the rights of interested parties related to data management:
• The interested party may request the controller access, rectification, deletion or restriction of the processing of personal data concerning him, and
• oppose the processing of such personal data; Y
• The interested party will have the right to data portability and withdrawal of consent at any time.
11. You can initiate access, deletion, modification or restriction of personal data, data portability or objection to data processing in the following ways:
• by mail to: 2083 Solymár, Orgona Utca 7, Hungary.
• by email to info@budamazonia.com
• by phone at: +36 70 507 6348 / +34 610 040 179
12. The subscriber can unsubscribe at any time, free of charge.
13. Legal basis for data processing: consent of the interested party, Article 6 (1) (a), Infotv. Section 5, paragraph (1) of the Law, and Act XLVIII of 2008 on the basic conditions and certain restrictions of economic advertising activities. § 6 (5) of the Law:
The advertiser, the advertising service provider or the advertiser of the advertisement will keep records of the personal data of the people who make a statement with their consent within the scope defined in the consent. The data in this record related to the ad recipient may be processed only as indicated in the declaration of consent until it is revoked, and may be disclosed to a third party only with the prior consent of the person concerned.
14. Note that
• Data management is based on your consent.
• You must provide your personal information to receive our newsletter.
• Failure to send this information with the implications implies that we cannot send a newsletter.
claims processing
1. Reality of data collection, scope of processed data and purpose of data management:
Personal information Purpose of data management.
Surname and first name Identification, contact.
Contact email address.
Contact phone number.
Name and billing address Identification, addressing quality objections, problems and problems with the products you request.
2. Stakeholders: all interested parties who buy and complain about the quality in the web store.
3. Duration of data processing, time limit for data deletion: copies of the objection record, transcripts and responses to the objection raised in the CLV Consumer Protection Act of 1997. 17 / A. (7) will be retained for 5 years.
4. Identity of the possible data controllers with the right to access the data, recipients of the personal data: the personal data can be managed by the sales and marketing staff of the data controller, subject to the above principles.
5. The description of the rights of interested parties related to data management
• The interested party may request the controller access, rectification, deletion or restriction of the processing of personal data concerning him, and
• oppose the processing of such personal data; Y
• The interested party will have the right to data portability and withdrawal of consent at any time.
6. You can initiate access, deletion, modification or restriction of personal data, data portability or objection to data processing in the following ways:
• by mail: 2083 Solymar, Orgona Utca 7 Hungary.
• by email to info@budamazonia.com,
• by phone at: +36 70 5076348 / +34 610 040 179
7. Legal basis for data processing: consent of the interested party, Article 6 (1) (c), Infotv. Section 5 (1) of the Consumer Protection Act and CLV 1997 on Consumer Protection. 17 / A. (7)
8. Note that:
• The provision of personal data is based on a contractual obligation.
• The processing of personal data is a prerequisite for the conclusion of the contract.
• You must provide personal information to process your complaint.
• Failure to send this information with the consequences cannot handle a complaint we receive.
Social sites
1. The fact of collecting the data, the scope of the managed data: Facebook / Google + / Twitter / Pinterest / Youtube / Instagram, etc. The name of your community and your public profile picture.
2. Interested parties: anyone who has registered on Facebook / Google + / Twitter / Pinterest / Youtube / Instagram, etc., social networking sites and click “like” on the site.
3. Purpose of data collection: share or “like” or promote certain content, products, promotions or the website on social networks.
4. Duration of data processing, time limit for data deletion, identity of possible data controllers that may have access to the data and description of the data processing rights of interested parties Data management is carried out conducted on social networking sites, so the duration, the mode of data management and the options for deleting and modifying data are governed by the specific social networking site.
5. Legal basis for data processing: the voluntary consent of the data subject to the processing of your personal data on social networking sites.
Customer relations and other data management.
1. If you have any questions or problems when using our data management services, you can contact the data controller in the manner specified on the website (telephone, email, social networking sites, etc.).
2. Data manager for incoming emails, messages, phone, Facebook, etc. It will remove any information you provide, along with your contact name and email address, as well as any other personally identifiable information you provide, no later than 2 years after the date of disclosure.
3. The handling of data not included in this brochure will be reported at the time of data collection.
4. The Service Provider is obliged to provide information, provide information, provide data and documents at the exceptional request of the authorities at the request of other authorities on the basis of the legal authority.
5. In these cases, the Service Provider will provide the requesting party with personal data only to the extent and to the extent necessary to achieve the purpose of the request, provided that it has specified the exact purpose and scope of the data.
Rights of interested parties
1. Right of access
You have the right to receive comments from the controller about whether your personal data is being processed and, if so, to have access to personal data and the information listed in the Regulation.
2. Right of rectification
You have the right, upon request, to rectify any inaccurate personal information related to him / her without undue delay. Given the purpose of your data processing, you have the right to request that any personal information that is incomplete be completed, including through a supplementary statement.
3. Right to eliminate
You have the right, upon request, to delete personal data related to it without undue delay, and the controller is obliged to delete personal data related to you without undue delay, under certain conditions.
4. The right to forget
If the controller discloses personal data and must delete it, it will take reasonable measures, including technical measures, to inform the controllers that it has requested the personal data in question, taking into account the available technology and the cost of implementation. links, or a copy or duplicate of this personal information.
5. Right to restrict data management.
You have the right, at your request, to limit data management if any of the following conditions are met:
• Questions the accuracy of your personal data, in which case the limitation applies to the period of time that allows the controller to verify the accuracy of your personal data;
• data processing is illegal and you are against the deletion of the data and, instead, request restrictions on its use;
• the controller no longer needs personal data for data processing, but you request it to file, affirm or protect legal claims;
• Has opposed data management; In this case, the restriction is applied for a period until it is determined whether the legitimate reasons of the data controller take precedence over its legitimate reasons.
6. The right to data portability.
You have the right to receive personal data related to them that you have made available to a data controller in a structured, widely used and machine-readable format, and to transmit such data to another data controller without being hindered by the data controller whose information staff provided (…)
7. Right to protest
You have the right to object at any time to the processing of your personal data, including the development of profiles based on these provisions, for any reason related to your situation.
8. Protest against direct selling
If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for this purpose, including the creation of profiles, if it is related to direct marketing. If you oppose the processing of personal data for direct marketing purposes, personal data can no longer be processed for this purpose.
9. Automated decision making on individual issues, including profiling.
You have the right not to be subject to any decision based solely on automated data management, including the creation of profiles, that would have a legal effect or be significantly affected by it.
The preceding paragraph will not apply if the decision:
• It is necessary for the conclusion or execution of a contract between you and the controller;
• It is available in accordance with the Union or national legislation applicable to the controller, which also establishes appropriate measures to protect their legitimate rights and freedoms and interests; or
• It is based on your explicit consent.
Deadline for action
The controller will inform you without undue delay, but in any case within 1 month of receiving the request, the action taken on these requests.
It can be extended for 2 months if necessary. The controller will inform you of the extension within the month following receipt of the request, indicating the reasons for the delay.
If the controller does not act on your request, they will inform you without delay and, no later than one month after receiving the request, the reasons for the non-action and your ability to file a complaint with a supervisory authority.
Data security
The controller and processor must take appropriate technical and organizational measures, taking into account the state of the art and technology and the costs of its implementation, as well as the nature, scope, circumstances and purposes of the processing and the probability and variable severity of the rights and freedoms of natural persons. to ensure a level of data security appropriate to the degree of risk, including, where appropriate, by:
to. pseudonymisation and encryption of personal data;
yes. ensure the continued confidentiality, integrity, availability and resistance of the systems and services used to process personal data;
C. in the event of a physical or technical incident, the ability to restore access and the availability of personal data in a timely manner;
re. A procedure to test, evaluate and periodically evaluate the effectiveness of the technical and organizational measures taken to ensure the security of data processing.
Inform the interested party about the privacy incident
If the data protection incident is likely to present a high risk to the rights and freedoms of natural persons, the controller shall inform the interested party without undue delay of the data protection incident.
The information provided to the interested party must clearly and unequivocally indicate the nature of the data protection incident and the name and contact details of the data protection officer or other contact person that provides more information; a description of the possible consequences of a privacy incident; a description of the measures taken or planned by the controller to remedy the privacy incident, including, where appropriate, measures to mitigate any adverse consequences that may result from the privacy incident.
It is not necessary to inform the interested party if any of the following conditions are met:
• the controller has implemented appropriate technical and organizational security measures and has been applied to the data affected by the data protection incident, in particular measures such as the use of encryption, which makes unauthorized persons unauthorized. information;
• the controller has taken more measures after the data protection incident to ensure that the high risk to the rights and freedoms of the interested party no longer materializes;
• The information would require a disproportionate effort. In such cases, interested parties should be informed through publicly available information or similar measures will be taken to ensure that interested parties are equally informed.
If the data controller has not yet informed the interested party of the data protection incident, the supervisory authority, after considering whether the data protection incident may present a high risk, may order the interested party to be informed.
Report a privacy incident to the authority
The data controller shall notify the data protection incident to the competent supervisory authority in accordance with Article 55 without undue delay and, if possible, no later than 72 hours after noticing, unless the Data Protection incident Data jeopardize the rights of natural persons. and your freedoms If the notification is not made within 72 hours, the reasons for the delay will be included.
Complaints available
Complaints about possible violations of the data controller may be submitted to the National Data Protection and Freedom of Information Authority: Authority
National Data Protection and Freedom of Information
1125 Budapest, Szilágyi Erzsébet fasor 22 / C. Hungary
Postal address: 1530 Budapest, post office box: 5. Hungary.
Telephone: +36 -1-391-1400
Fax: + 36-1-391-1410
Email: ugyfelszolgalat@naih.hu
Closing words
During the preparation of this brochure we have observed the following legal acts:
• REGULATION (EU) No 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 2016 on the protection of natural persons in relation to the processing of personal data and the free flow of such data and by which the Regulation is repealed ( EC) No. 95/46 (General data protection regulation) 27.)
• CXII of 2011 Law on self-determination of information and freedom of information (hereinafter: Infotv.)
• CVIII of 2001 Law I.13: on certain aspects of electronic commerce services and the information society (in particular, Article 13 / A)
• XLVII of the 2008 law: prohibit unfair commercial practices against consumers;
• XLVIII 2008 Act I – General conditions and certain restrictions on economic advertising activities (in particular, Article 6)
• Law of Freedom of Electronic Information XC 2005
• Law C of 2003 on electronic communications (specifically §155)
• 16/2011. C. Opinion on the EASA / IAB Recommendation on good practices for online behavioral advertising
• Recommendation of the National Data Protection and Freedom of Information Authority on the Prior Information Information Requirements
• Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, concerning the protection of natural persons with respect to the processing of personal data and the free movement of such data, and by Regulation 95 / 46 / EC is repealed