Privacy Policy

www.szalvetatervezes.hu

The data controller (Service Provider)

Name of Service Provider: Flóra Higiénia Kereskedelmi és Szolgáltató Korlátolt Felelősségű Társaság

Registered office.

Registered office: 2890 Tata, Fatelep utca 13.

Postal address: 2890 Tata, Fatelep utca 13.

Court of registration: Tatabánya Company Court

Company registration number: 11-09-011372

Tax number: 13661368-2-11

E-mail address: info@szalvetatervezes.hu

Website: www.szalvetatervezes.hu

Telephone number: 06-34/383-904

Storage service provider name: ProfiTárhely Kft.

Address of storage facility provider: 6000 Kecskemét, Szolnoki út 23.

1. Principles of data management; data security

1.1.

The Data Controller shall process personal data exclusively for specific purposes, for the exercise of rights and for the performance of obligations.

The processing and recording of data shall comply with the requirements of fairness and lawfulness at all stages of processing.

The controller shall only process personal data which is necessary for the purpose of the processing and is adequate for the purpose. The controller shall process personal data only to the extent and for the duration necessary for the purposes for which they are processed.

At all stages of data processing, the Data Controller shall ensure that the data subject may at any time be informed of the data types processed by the Data Controller for which purposes and may at any time prohibit the processing, except for mandatory processing.

The purposes of the processing and the scope of the data processed are set out in point 2 of this Privacy Notice.

This Privacy Notice complies or is in compliance with the following legislation:

• Act CVIII of 2007 on certain aspects of electronic commerce services and information society services
• Act CXII of 2003 on the Right to Informational Self-Determination and Freedom of Information

1.2 The Controller shall design and implement the processing operations in such a way as to ensure the protection of the privacy of the data subjects.

The Data Controller shall ensure the security of the data, and shall take the technical and organisational measures and establish the procedural rules necessary to enforce Act CXII of 2011 and other data protection and confidentiality rules.

The Data Controller shall take appropriate measures to protect the data against unauthorised access, alteration, disclosure, disclosure, deletion or destruction, accidental destruction, damage and inaccessibility resulting from changes in the technology used.

2. Legal basis for processing; purpose; data processed

2.1 Personal data may be processed if the data subject consents or if it is ordered by law or, on the basis of a law, by a local government decree within the scope specified therein, for a purpose in the public interest.

2.2 The consent of the legal representative of a minor aged 16 or over is not required for the validity of the declaration of consent of the data subject.

2.3. In the case of registration on the website www.szalvetatervezes.hu and the sending of the newsletter, the processing is based on the data subject’s voluntary declaration of consent, duly informed.

The data subject gives his or her consent to the Data Controller prior to registration by placing an “X” in the small box next to the Privacy Notice during registration. The Data Controller may read and become familiar with this Privacy Notice in detail before giving consent. By giving the above consent, the data subject accepts the contents of this Privacy Notice.

This Privacy Notice is permanently available in the footer of the website www.szalvetatervezes.hu.

In case the User wishes to receive a newsletter, he/she can consent to this during the registration process and/or afterwards on the website by clicking on the small box next to “Subscribe to newsletter” and placing an “X”.

2.4 The controller processes the following data:

In the case of registration: name of the data subject (surname, first name); email address; county and city; indication that he/she is over 16 years of age.

In case of sending a newsletter: name of the data subject (surname, first name); email address; county and city

2.5 Purposes of the processing: registration on the website www.szalvetatervezes.hu (first purpose) and sending the newsletter (second purpose)

Legal basis for processing: voluntary consent of the data subject

Duration of processing:

In case of registration: until the deletion of the user account, initiated by the user

In case of sending a newsletter: until the day of unsubscribing from the newsletter

2.6. The data processed will only be known to the current manager and employees.

2.7 The Data Controller shall not transfer data relating to the use of the service to third parties. The Data Controller shall not transfer the processed data to a data controller or data processor in a third country.

2.8 The Data Controller reserves the right – and the obligation – to unilaterally amend this Privacy Notice in order to ensure that it always complies with the legal requirements in force.

3. Rights of the data subject

3.1. At the request of the data subject, the Controller shall provide information on the data processed or processed by it, the purposes, legal basis and duration of the processing, the name and address of the data processor and the activities related to the processing.

The controller shall provide the information requested in writing at the request of the data subject, within the shortest possible time from the date of the request, but not later than 25 days.

3.2 The data subject may request the controller to rectify his or her personal data.

If the personal data is not accurate and the accurate personal data is available to the Controller, the Controller shall correct the personal data.

3.3 The data subject may request the erasure or blocking of his or her personal data by the controller.

The personal data shall be deleted,

• deleted if its processing is unlawful;
• the data subject requests;
• it is incomplete or incorrect
• the purpose of the processing has ceased or the time limit for storing the data has expired;
• it has been ordered by a court or the Authority.

The data controller may refuse the data subject’s request to erase his or her data only in cases of mandatory data processing (e.g. the obligation to keep invoices under the Accounting Act).

Instead of erasure, the controller shall block the personal data if the data subject so requests or if, on the basis of the information available to him or her, it is likely that erasure would harm the data subject’s legitimate interests. Personal data blocked in this way may be processed only for as long as the processing purpose which precluded the deletion of the personal data persists. If the controller does not comply with the data subject’s request for rectification, blocking or erasure, it shall, within 25 days of receipt of the request, communicate in writing or, with the data subject’s consent, by electronic means, the factual and legal grounds for refusing the request for rectification, blocking or erasure. In the event of refusal of a request for rectification, erasure or blocking, the controller shall inform the data subject of the possibility of judicial remedy and of recourse to the Authority.

4. Legal redress; compensation; damages

4.1.

If the Data Controller causes damage to another person by unlawful processing of the data subject’s data or by breaching the requirements of data security, the Data Controller shall compensate the damage.

If the Data Controller violates the personal rights of the data subject by unlawful processing of the data subject’s data or by breaching data security requirements, the data subject may claim damages from the Data Controller.

4.2 Anyone may initiate an investigation by filing a complaint with the National Authority for Data Protection and Freedom of Information (NAIH) alleging that a violation of rights has occurred or is imminent in relation to the processing of personal data.

Contact details of the NAIH:

Postal address: 1530 Budapest, PO Box 5.

Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/c

Phone: +36 (1) 391-1400

Fax: +36 (1) 391-1410

E-mail: ugyfelszolgalat@naih.hu

URL: http://naih.hu

5.1 Definitions used in this Privacy Notice

Data Subject: any specified natural person who is identified or can be identified, directly or indirectly, on the basis of personal data

personal data: data that can be associated with a data subject, in particular the name, the identification mark and one or more factors specific to the physical, physiological, mental, economic, cultural or social identity of the data subject, and the inference that can be drawn from the data concerning the data subject;

consent: a freely given and freely given indication of the data subject’s wishes, based on adequate information, by which he or she signifies his or her unambiguous agreement to the processing of personal data relating to him or her, whether in full or in part, with regard to specific operations.

Data controller: the natural or legal person or unincorporated body which, alone or jointly with others, determines the purposes for which the data are to be processed, takes and implements decisions regarding the processing (including the means used) or has the data processed with a processor

‘processing’ means any operation or set of operations which is performed upon the data, whatever the procedure used, in particular any collection, recording, recording, organisation, storage, alteration, use, retrieval, disclosure, transmission, alignment or combination, blocking, erasure or destruction of data, prevention of further use, photographing, audio or video recording, or any other physical means of identification of a person (e.g. fingerprints, palm prints, DNA samples, iris scans);

transfer: making data available to a specified third party;

data erasure: rendering data unrecognisable in such a way that it is no longer possible to recover it;

data blocking: the assignment of an identification mark to data in order to limit their further processing either permanently or for a limited period of time;

data destruction: the total physical destruction of a data medium containing data

‘processing’ means the performance of technical tasks related to data processing operations, irrespective of the method and means used to perform the operations and the place of application, provided that the technical task is performed on the data

‘data processor’ means a natural or legal person or an unincorporated body which processes data on the basis of a contract, including a contract concluded pursuant to a legal provision

‘data file’ means the set of data processed in a register

third party: a natural or legal person or unincorporated body other than the data subject, the controller or the processor.

EEA State: a Member State of the European Union and another State party to the Agreement on the European Economic Area and a State whose nationals enjoy the same legal status as nationals of a State party to the Agreement on the European Economic Area under an international treaty between the European Union and its Member States and a State not party to the Agreement on the European Economic Area

third country: any State which is not an EEA State.

If you have any questions about our data processing, please contact us. Contact us:

Company name: Flóra Higiénia Kereskedelmi és Szolgáltató Korlátolt Felelősségű Társaság

Registered office: 2890 Tata, Fatelep utca 13.

Place of business: 2890 Tata, Fatelep utca 13.

Telephone number: 06-34/383-904

E-mail address: info@szalvetatervezes.hu

Gábor Ferencz

Managing Director