PRIVACY POLICY

Privacy Policy

 

Date of adoption: 2019-01-01

contents

Privacy Policy

Data Manager Data

Legislative background, legal basis, purpose, scope of personal data processed, and duration of data management on the website

Data processing

Rights of the concerned

 

Data Manager

Name: INVESPA Kft.

Headquarters: 1054 Budapest Aulich Street 5.

Mailing address, complaint handling: 1054 Budapest Aulich utca 5.

E-mail: inokimhungary@gmail.com

Phone number: +36 70 622 8510

Website: www.inokim.hu

hosting Provider

Name: EZIT Kft

Mailing address: 1132 Budapest, Victor Hugo u. 18-22. V. em 5021.

E-mail address: info@ezit.hu

Telephone number: +36 1 700 40 30

Description of the data processing performed during the operation of the webshop

Information about using cookies

What is a cookie?

The Data Controller uses so-called cookies to visit the website. The cookie letter and number information package that our website sends to your browser to save certain settings, make it easier for us to use our website, and contribute to gathering some relevant, statistical information about our visitors.

Some of the cookies do not contain personal information and are not suitable for identifying the individual user, but some of them contain a unique identifier – a secret, randomly generated sequence of numbers stored on your device – to ensure your identity. The duration of each cookie (s) is set out in the respective cookie (s) description.

Legal background and legal basis for cookies:

The legal basis for data processing is your consent under Article 6 (1) (a) of the Regulation.

The main features of the cookies used by the website are:

Google Adwords cookie When someone visits our site, the visitor’s cookie ID is added to the remarketing list. Google uses cookies, such as NID and SID cookies, to customize ads that appear on Google products, such as Google Search. For example, such cookies are used to note your recent searches, past interactions with advertisers ‘ads or search results, and visits to advertisers’ sites. AdWords Conversion Tracking uses cookies. In order to track sales and other conversions resulting from an ad, cookies were saved on the user’s computer when that person clicks on an ad. Some common uses of cookies are: selecting ads based on what is relevant to a particular user, improving campaign performance reports, and avoiding displaying ads already viewed by the user.

Google Analytics Cookie: Google Analytics is a Google Analytics tool that helps website and application owners get a more accurate view of their visitors’ activities. The service can use cookies to collect information and report on the use of statistical information about the use of the website without individually identifying visitors to Google. The main cookie used by Google Analytics is the “__ga” cookie. In addition to reports based on site usage statistics, Google Analytics, along with some of the advertising cookies described above, can also be used to display more relevant ads on Google products (such as Google Search) and across the web.

Remarketing Cookies: Visitors to previous visitors or users may visit other sites on the Google Display Network or search for terms related to their products or services

Cookies strictly necessary for the operation: These cookies are essential for the use of the website and allow the use of the essential functions of the website. In the absence of these, many features of the page will not be available to you. The lifetime of these types of cookies is limited to the duration of the session.

Cookies to improve the user experience: These cookies collect information about the user’s website usage, such as which pages they visit most often, or the error message they receive from the website. These cookies do not collect information that identifies the visitor, that is, they work with general, anonymous information. The data obtained from them is used to improve the performance of the website. The lifetime of these types of cookies is limited to the duration of the session.

Session cookie: These cookies store the visitor’s location, browser language, payment currency, lifetime of browser closure, or up to 2 hours.

If you do not accept the use of cookies, certain features will not be available to you. For more information about deleting cookies, please visit the following links:

Internet Explorer: http://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie=ie-11

Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer

Mozilla: https://support.mozilla.org/en/kb/web sites——–)

Safari: https://support.apple.com/kb/ph21411?locale=en_US

Chrome: https://support.google.com/chrome/answer/95647

Data processed for contracting and performance

Several data management cases can be implemented for the purpose of contracting and fulfilling the contract. Please be advised that data handling related to complaint handling and warranty administration will only take place if you have one of those rights.

If you do not buy through the webshop, you are only a visitor to the webshop, then you can write about marketing data management if you give us a marketing contribution.

For more details on data processing for contracting and completion:

Contact

For example, if you have any questions about a product by email, contact form, or phone.

Pre-contact is optional, and you can opt out of this at any time from the webshop.

Managed Data

The data you provided during the contact.

Duration of data management

Data will only be processed until the contact is closed.

The legal basis for data management

Your voluntary contribution you give to the Data Controller through contact. [Data management under Article 6 (1) (a) of the Regulation]

Registration on the website

By storing the data provided during the registration, the Data Manager can provide a more convenient service (eg the data of the data subject does not have to be re-entered when purchasing again). Registration is a condition for signing a contract

Managed Data

In data management, the Data Manager manages your email address.

Duration of data management

Until your consent is withdrawn.

The legal basis for data management

Your voluntary contribution to the Data Controller through registration [Data Management under Article 6 (1) (a) of Regulation]

Processing your order

Data processing activities are required to complete the contract when processing orders

Managed Data

During data management, the Data Manager manages your name, address, telephone number, e-mail address, the characteristics of the purchased product, the order number and the date of purchase.

If you have placed an order in the webshop, data management and data entry are essential to fulfill the contract.

Duration of data management

Data are processed for a period of 5 years under the civil law limitation period.

The legal basis for data management

Contract performance. [Data processing under Article 6 (1) (b) of the Regulation]

Issue of the invoice

The data management process takes place in order to issue an invoice that complies with the law and to fulfill the obligation to keep accounting records. The St. Pursuant to Section 169 (1) – (2) of the Financial Regulation, companies must maintain accounting records which directly and indirectly support accounting accounting.

Managed Data

Name, address, email address, phone number.

Duration of data management

The invoices issued by Pursuant to Section 169 para. (2) of the Act, it shall be retained for 8 years from the date of issue of the invoice.

 

The legal basis for data management

CXXVII of 2007 on VAT. Pursuant to Section 159 para. (1) of the Act, the issue of an invoice is mandatory and must be retained for 8 years under Section 169 (2) of Act C of 2000 on Accounting [Data management under Article 6 (1) (c) of Regulation].

Data management related to freight transport

The data management process takes place to deliver the ordered product.

Managed Data

Name, address, email address, phone number.

Duration of data management

The Data Controller handles the data for the period of delivery of the ordered goods.

The legal basis for data management

Performance of the contract [Article 6 (1) (b) of the Regulation].

Guarantee service

The data management process takes place to handle warranty complaints. If you have requested a warranty service, then data management and data entry are essential.

Managed Data

Customer’s name, phone number, email address, content of the complaint.

Duration of data management

Warranty claims are retained for 5 years under the Consumer Protection Act.

The legal basis for data management

Whether or not your voluntary decision is addressed to us in the case of warranty administration, but if you turn to us, CLV 1997 on Consumer Protection applies. Act 17 / A. Section 7 (7) of the Decree requires us to keep the complaint for 5 years [Article 6 (1) (c) of the Regulation]

Handling other consumer protection complaints

The data management process takes place to handle consumer complaints. If you have a complaint with us, data management and data entry are essential.

Managed Data

Customer name, phone number, email address, complaint content.

Duration of data management

Warranty claims are retained for 5 years under the Consumer Protection Act.

The legal basis for data management

Whether your voluntary decision is appealing to us, but if you turn to us, CLV 1997 on Consumer Protection Act 17 / A. Pursuant to Section 7 (7) of the Decree, we are obliged to keep the complaint for 5 years [Article 6 (1) (c) of the Regulation].

Data processed for verifying the consent

When registering, subscribing, subscribing to a newsletter, the IT system stores the IT data related to the contribution for future proof.

Managed Data

Date of consent and IP address of the concerned.

Duration of data management

Due to legal requirements, the consent must be verified later, so the duration of the data storage will be stored for the limitation period after the data management ceases.

The legal basis for data management

Article 7 (1) of the Regulation imposes this obligation. [Data processing under Article 6 (1) (c) of the Regulation]

Marketing for data processing

Data management for newsletter sending

Managed Data

Name, email address.

Duration of data management

Until the withdrawal of the consent of the data subject.

The legal basis for data management

Your voluntary contribution to the Data Controller by subscribing to the Newsletter [Data Management under Article 6 (1) (a) of Regulation]

Data management for sending and displaying personalized ads

Managed Data

Name, address, email address, phone number.

Duration of data management

Until your consent is withdrawn.

The legal basis for data management

Your voluntary, separate contribution provided to the Data Controller during the recording process [Data management under Article 6 (1) (a) of Regulation]

remarketing

Data management as a remarketing activity is done through cookies.

Managed Data

Data processed by cookies specified in the cookie bulletin.

Duration of data management

The duration of the cookie storage period, more information is available at:

Google general cookie information: https://www.google.com/policies/technologies/types/

Google Analitycs: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=en

Facebook prospectus: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

The legal basis for data management

Your voluntary contribution that you provide to the Data Controller through the use of the Website [Data Management under Article 6 (1) (a) of Regulation].

Raffle

The data management process takes place to manage the prize game.

Managed Data

Name, email address, phone number.

Duration of data management

The data will be deleted after the winning of the prize, except for the data of the winner, which the Data Controller is required to keep for 8 years under the Accounting Act.

The legal basis for data management

Your voluntary contribution you give to the Data Controller using the website. [Data management under Article 6 (1) (a) of the Regulation]

More data handling

If the Data Controller wishes to carry out further data management, it provides prior information on the essential circumstances of the data management (the legal background and legal basis of data management, the purpose of data management, the scope of the data processed, the duration of the data management).

We will inform you that the Data Controller will have to fulfill the Authority’s written requests for written data. Data Controller for Data Transfers in Info In accordance with Article 15 (2) – (3), it keeps records (to which authority, what personal data, on what legal basis, when the Data Controller has been forwarded), of which the Data Controller provides information on request, unless the information is excluded by law.

About using a data processor and their activities related to data management

Data processing for the storage of personal data

Name of data processor: EZIT Kft

Contact details of the processor:

Telephone number: +36 1 700 40 30

E-mail address: info@ezit.hu

Headquarters: 1132 Budapest, Victor Hugo u. 18-22.

The Data Processor shall store personal data on the basis of a contract with the Data Controller. You are not entitled to receive personal information.

Data processing activities relating to the transport of goods

Name of the data processor: DPD

The headquarters of the data processor: 1158 Budapest, Késmárk utca 14. B. ép.

The telephone number of the processor is +36 1 501 6200

E-mail address of the data processor: dpd@dpd.hu

The Data Processor participates in the delivery of the ordered goods on the basis of a contract with the Data Controller. In doing so, the Data Processor may manage the name, address and telephone number of the buyer until the end of the calendar year following the dispatch of the postal item, and shall immediately delete it.

Data processing related to newsletter transmission

The name of the company operating the newsletter system: Invespa Kft

The headquarters of the company operating the newsletter system is 1054 Aulich Street 5.

Telephone number of the company operating the newsletter system: +36 70 622 8510

E-mail address of the company operating the newsletter system: inokimhungary@gmail.com

The Data Processor contributes to the sending of newsletters on the basis of a contract with the Data Controller. In doing so, the Data Processor handles the name and e-mail address of the data subject to the extent necessary to receive the newsletter, and deletes it at the request of the data subject.

Accounting data management

Name of data processor: Arvad Kft.

The data processor is based at 1039 Budapest, Pozsonyi utca 1. 2. em.

Telephone number of the processor: +36 1 243 2662

E-mail address of the data processor: szamad@szamad.hu

The Data Processor contributes to the accounting of the accounting documents based on a written agreement with the Data Controller. In doing so, the Data Processor shall enter the name and address of the data subject to the extent necessary for the accounting records, by St. Article 169 (2).

Data processing for online payment

Name of the data processor: Barion Payment Zrt. Under the supervision of the National Bank of Hungary, license number: H-EN-I-1064/2013.

Your rights during data management

During the data management period, you are entitled to the following rights under the Regulation:

the right to withdraw consent

access to information on personal data and data management

right to rectification

limitation of data management

right to delete

right to protest

the right to portability.

If you wish to exercise your rights, it entails your identification and the Data Controller must communicate with you as necessary.

 

Therefore, you will need to provide personal information for identification purposes (but identification can only be based on data that the Data Controller otherwise manages about you), and your data management complaint will be available in your data management account within the period specified in this bulletin for complaints. If you were a customer and would like to identify yourself for complaint handling or warranty administration, please provide your order ID for identification. Using this, we can identify you as a customer.

Complaints about data management will be answered by Data Controller within 30 days at the latest.

Right to withdraw consent

You may at any time revoke the consent for data management, in which case the data provided will be deleted from our systems. Please note, however, that in the case of an unsubscribed order, the cancellation may result in failure to deliver to you. In addition, if the purchase is already completed, billing information may not be deleted from our systems based on accounting standards, and if you owe it to us, we may manage your data based on the legitimate interest in recovering the claim even if the consent is withdrawn.

Access to personal data

You are entitled to receive feedback from the Data Controller about whether your personal data is being processed and, if data management is in progress, entitled to:

have access to, and access to, managed personal data

inform the Controller about the following information:

the purposes of data management;

the categories of personal data you manage;

information about the recipients or categories of recipients with whom or with whom the Data Manager has communicated or will communicate the personal data;

the planned duration of the storage of personal data or, if this is not possible, the criteria for determining that period;

your right to request from the Data Controller to rectify, erase or limit the processing of your personal data and, in the case of data processing based on legitimate interest, to object to the processing of such personal data;

the right to lodge a complaint with the supervisory authority;

if the data were not collected from you, all available information about their source;

the fact that automated decision-making (if used), including profiling, and at least in these cases the logic used and understandable information on the significance of such data management and the expected consequences for you.

The purpose of exercising the right may be to establish and verify the lawfulness of the data processing, and in case of multiple information requests, the Data Controller may charge a fair compensation for the fulfillment of the information.

The Data Controller shall ensure that access to personal data is provided by posting your personal data and information after you have been identified by email. If you have a registration, you will be granted access by accessing and checking your personal information when you log in to your account.

Please indicate in your application whether you are requesting access to personal data or requesting information on data management.

 

Right to rectification

You are entitled to rectify your inaccurate personal information about you without delay upon request by the Data Controller.

Right to restrict data management

You are entitled to limit the processing of your data upon request by one of the following:

You dispute the accuracy of personal data, in which case the limitation applies to the time period that allows the Data Controller to verify the accuracy of the personal data, if the exact data can be determined immediately, there is no restriction;

data processing is illegal, but you are against deleting data for any reason (for example, because the data is important for you to enforce a legal claim), so it does not ask for the deletion of the data, but instead asks for a restriction on its use;

the Data Controller no longer needs personal data for the specified data management, but you require them to submit, validate or defend legal claims; or

You have objected to the data management, but the Data Manager’s legitimate interest may justify data management, in which case, until it is determined whether the legitimate reasons of the Data Controller take precedence over your legitimate reasons, the data management must be restricted.

If data management is restricted, such personal data may be handled only with the consent of the data subject or with the submission, validation or protection of legal claims or the protection of the rights of another natural or legal person, or of an important public interest of the Union or a Member State.

The Data Controller will inform you in advance (at least 3 business days before the restriction is lifted) of the restriction of data management.

For deletion – the right to forget

You are entitled to delete your personal data without undue delay by the Data Controller if one of the following reasons exists:

personal data are no longer needed for the purpose for which they were collected or otherwise handled by the Data Controller;

You withdraw your consent and there is no other legal basis for data management;

You protest against data management based on legitimate interest and there is no legitimate legal reason (ie legitimate interest) in data management,

personal data was unlawfully managed by the Data Controller and found to be based on the complaint

personal data must be erased in order to fulfill a legal obligation under EU or Member State law applicable to the Data Controller.

If, for any legitimate reason, the Data Controller has disclosed personal data managed by you and is obliged to delete it for any of the above reasons, it shall take reasonable steps, including technical measures, to inform the data, taking into account available technology and implementation costs. Managing other data controllers that you have requested to delete the relevant personal data links or a copy or duplicate of such personal data.

Deletion is not applicable if data management is required:

to exercise the right to freedom of expression and information;

fulfillment of an obligation under EU or national law applicable to the controller for the processing of personal data (such as the processing of data in the context of billing as it is required by law to preserve the account) or for the performance of a task carried out in the public interest or in the exercise of public authority conferred on the controller;

submission, validation or protection of legal claims (eg if the Data Controller has a claim against you and has not yet fulfilled it or if you are handling a consumer, data management complaint).

Right to protest

You have the right to protest at any time, for reasons related to your own situation, against the legitimate interest of your personal data. In this case, the Data Controller may not further process the personal data unless it proves that the data management is justified by compelling legitimate reasons that take precedence over your interests, rights and freedoms, or which are related to the submission, validation or protection of legal claims.

If your personal data is processed for the purpose of direct marketing, you have the right to protest at any time against the processing of your personal data for this purpose, including profiling, if it is related to direct marketing. If you object to the processing of personal data for the purpose of direct marketing, then personal data may no longer be handled for this purpose.

 

Right to rectification

You are entitled to rectify your inaccurate personal information about you without delay upon request by the Data Controller.

Right to restrict data management

You are entitled to limit the processing of your data upon request by one of the following:

You dispute the accuracy of personal data, in which case the limitation applies to the time period that allows the Data Controller to verify the accuracy of the personal data, if the exact data can be determined immediately, there is no restriction;

data processing is illegal, but you are against deleting data for any reason (for example, because the data is important for you to enforce a legal claim), so it does not ask for the deletion of the data, but instead asks for a restriction on its use;

the Data Controller no longer needs personal data for the specified data management, but you require them to submit, validate or defend legal claims; or

You have objected to the data management, but the Data Manager’s legitimate interest may justify data management, in which case, until it is determined whether the legitimate reasons of the Data Controller take precedence over your legitimate reasons, the data management must be restricted.

If data management is restricted, such personal data may be handled only with the consent of the data subject or with the submission, validation or protection of legal claims or the protection of the rights of another natural or legal person, or of an important public interest of the Union or a Member State.

The Data Controller will inform you in advance (at least 3 business days before the restriction is lifted) of the restriction of data management.

For deletion – the right to forget

You are entitled to delete your personal data without undue delay by the Data Controller if one of the following reasons exists:

personal data are no longer needed for the purpose for which they were collected or otherwise handled by the Data Controller;

You withdraw your consent and there is no other legal basis for data management;

You protest against data management based on legitimate interest and there is no legitimate legal reason (ie legitimate interest) in data management,

personal data was unlawfully managed by the Data Controller and found to be based on the complaint

personal data must be erased in order to fulfill a legal obligation under EU or Member State law applicable to the Data Controller.

If, for any legitimate reason, the Data Controller has disclosed personal data managed by you and is obliged to delete it for any of the above reasons, it shall take reasonable steps, including technical measures, to inform the data, taking into account available technology and implementation costs. Managing other data controllers that you have requested to delete the relevant personal data links or a copy or duplicate of such personal data.

Deletion is not applicable if data management is required:

to exercise the right to freedom of expression and information;

fulfillment of an obligation under EU or national law applicable to the controller for the processing of personal data (such as the processing of data in the context of billing as it is required by law to preserve the account) or for the performance of a task carried out in the public interest or in the exercise of public authority conferred on the controller;

submission, validation or protection of legal claims (eg if the Data Controller has a claim against you and has not yet fulfilled it or if you are handling a consumer, data management complaint).

Right to protest

You have the right to protest at any time, for reasons related to your own situation, against the legitimate interest of your personal data. In this case, the Data Controller may not further process the personal data unless it proves that the data management is justified by compelling legitimate reasons that take precedence over your interests, rights and freedoms, or which are related to the submission, validation or protection of legal claims.

Right to Portability

If data management is automated, or if data management is based on your voluntary consent, you have the right to ask the Data Controller to receive the data you provide to the Data Controller, provided by Data Controller in xml, JSON, or csv format. may, if technically feasible, request that the Data Controller forward the data in this form to another data controller.

Automated decision making

You are entitled to exclude from the scope of a decision based solely on automated data management (including profiling) that would have legal effect on you or would affect you in a similar way. In such cases, the Data Controller shall take appropriate measures to protect the rights, freedoms and legitimate interests of the data subject, including at least the right of the data subject to seek the intervention of the data controller, to express his or her position and to object to the decision.

The above does not apply if the decision is:

It is necessary for you to conclude or execute a contract between the data controller and the data controller;

EU or national law applicable to the controller, which lays down appropriate measures to protect your rights and freedoms and legitimate interests; or

based on your explicit consent.

Data security measures

The Data Controller declares that it has taken appropriate security measures to protect personal data against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as against unavailability due to accidental destruction and damage to the technology used.

Data Controller will do everything in its power to ensure that its data controllers take appropriate data security measures when working with your personal data as compared to organizational and technical capabilities.

Remedies

If, in your opinion, the Data Controller has violated any statutory provisions on data management or has not complied with any of its requests, the National Data Protection and Freedom of Information Authority may initiate an investigation procedure in order to terminate the alleged unlawful data management (mailing address: 1530 Budapest, Pf .: 5., e- mail: ugyfelszolgalat@naih.hu).

We also inform you that in case of violation of legal provisions on data management, or if the Data Controller has not complied with any of your requests, you may start a civil lawsuit against the Data Controller.Y

Changing Data Management Guide

The Data Controller reserves the right to modify this Data Management Information in a manner that does not affect the purpose and legal basis of the data management. By using the website after the entry into force of the amendment, you accept the amended data management guide.

If the Data Controller wishes to perform additional data management for purposes other than the purpose for which they were collected, prior to further processing, he / she informs you about the purpose of the data management and the following information:

the duration of the storage of personal data or, if this is not possible, the criteria for determining the duration;

the right to request from the Data Controller access to, rectification, erasure or restriction of personal data relating to you and, in the case of data management based on legitimate interest, to object to the processing of personal data and, in the case of data processing based on consent or contractual relationship, request data storage rights;

consent based data management that you can revoke your consent at any time,

the right to lodge a complaint with the supervisory authority;

whether the provision of personal data is based on a statutory or contractual obligation or a prerequisite for the conclusion of a contract, and whether you are obliged to provide personal information and what the possible consequences of failure to provide data may be;

the fact that automated decision-making (if used), including profiling, and at least in these cases the logic used and understandable information on the significance of such data management and the expected consequences for you.

Data management can only start after this, if the legal basis for data management is consent, you must also contribute to the data management in addition to the information.

This document contains all relevant data management information regarding the operation of the webshop in the European Union General Data Protection Regulation 2016/679 (hereinafter: GDPR Regulation) and in CXII of 2011. TV. (hereinafter referred to as “Infotv.”).