Privacy Policy (March 05, 2019)
Introductory
Dear Visitor! When you use our services to transfer your personal information to the operator (hereinafter: Data Controller), we will treat your personal data as a data controller. Personal data is any data that you can clearly identify. These data are handled in two ways by us. On the one hand, the browser you use, the web address, the technical data (cookies = cookies) you visit, are automatically generated, and on the other hand you will need to provide your identification and contact details to order, even if you want to make a personal contact with us .The primary purpose of our data management is to fulfill our customers' orders and related obligations and provide information about our business. It is important for us to protect our personal data and comply with GDPR (EUROPEAN PARLIAMENT AND COUNCIL (EU) 2016/679). We operate our website and organize our operation in such a way that we treat our personal data only to the extent and to the extent strictly necessary for the provision of our service, as well as to the maximum security of data management that we expect to be able to provide. We reserve the right to amend our privacy policy, but we undertake to notify our visitors of any changes in time. Our site may contain a link that leads to other providers' sites. The Data Controller does not assume any moral or financial responsibility for the data and information protection practices of these providers or for certain issues arising therefrom.
Who is the provider?
Company Name: Herbai Csaba E.V.
Headquarters: 1165 Bp Hunyadvár u. 97
Tax number: 69534982-1-42
Registration number: 53324131
Telephone number: 06-70-323-3541
web: http://designertextil.hu email: designertextilshop@gmail.com
Your hosting provider: UNAS Online Kft. (Headquarters: 9400 Sopron, Kőszegi út 14.)
What kind of personal data are we handling and for what purpose?
Name and address for individuals: required for Billing
Bank Account Number: When you make a payment by bank transfer, you will be automatically informed, otherwise you will not be aware of it
Customer name (in case of an individual), e-mail address, phone number: number provided by him for signing a contract or fulfilling our contractual obligations, as well as contact and delivery
Receiver name, phone number, address: Required for shipping
Price, quantity and size of ordered goods / services : Required to fulfill our contractual obligations
IP Address : Data Management for Statistical Purposes
We do not handle special data.
The legal basis for data management
Personal data requested by the Data Controller on the online interface, or personally or by telephone, if they are based on a law (for data necessary for billing) or a contractual obligation (data necessary for the conclusion of a contract or performance of a contractual obligation, and data required for delivery), it is obligatory to give the customer the purchase of our products, in the absence of which we cannot establish or maintain a contractual relationship with it.
In case of subscribing to the newsletter, our data management is based on a voluntary contribution, which can be withdrawn at any time by the data subject by clicking on the option to unsubscribe from the newsletter. In this case, we will immediately delete the data used for this purpose.
Visitors also have the opportunity to send email. Messages not related to our orders or contracts will be deleted after 30 days. But upon request, the cancellation request is received immediately upon receipt. Phone numbers were only saved in connection with orders (the legal basis of which is the performance of the contract), otherwise we are not listed, saved and guarded.
Data that can be used for contacting users (such as email addresses) will be used solely for the purpose approved by the user, and will not be transferred, sold or sold to third parties under any circumstances without the prior written permission of the user. and we only forward it to data processors that are secure from a data protection point of view. Personal data is typically obtained as a data controller from the data subject.
If the customer does not provide himself / herself as a delivery address or contact person, or other information, he / she assumes responsibility for the accuracy of the data provided and the lawfulness of the data disclosure (ie that the specified person is aware of the delivery as a contact person and accepts it).
If any person discovers that any person has provided us with personal information on its behalf, immediately notify the Data Controller of this circumstance and immediately delete your data.
Data Manager can automatically collect information about the number of visits to our pages, the number and frequency of visits. This information is only processed in aggregate, non-identifiable form, and is used for statistical purposes. The analysis of collective data helps to assess the visitor's interest and the development of services on demand.
Visitors can log in with their Facebook or Google account as well, and can start an online chat with their messenger account. The data we receive is the facebook or google identifier, that are stored until the customer registration is in place, and will be automatically deleted after it has expired.
We store the data in the following ways:
- keep the invoices issued or paid by us electronically;
- preserve the orders placed and contracts and related correspondence and other documents and clothing data on both electronic and paper basis;
- build a database of customer contact information so that we can access information about our service; The data collected online is stored exclusively on our hosting server in Hungary. The personal data stored on paper are stored in a closed manner, destroyed after the expiry of their guarding time, so that no personal data can be reconstructed. Digitally stored data is also permanently deleted.
Cookies
Our pages can automatically register the IP address of our users, the type of operating system and browser they use, and other non-personal information. We use this information only in aggregated and processed form to correct possible errors on our pages, to improve their quality, and for statistical purposes. We do not link the data to other data provided by the users in any form.
Some of our pages may include unique identifiers, so-called cookies on our computer.
These are the cookies on the one hand that are necessary for the operation of the website, so they only take note of them but do not need to accept them. We do not process them, we do not forward them. The system keeps logs of the visitors' IP addresses for the legitimate interests of the service provider, and these log files are automatically deleted regardless of registration.
We also use cookies that serve statistical purposes, aggregate non-personal information. Marketing-grade cookies help you enhance the user experience by displaying the most interesting content for the visitor. Marketing based cookies are used if you agree, otherwise do not press the accept button. If you click the accept marketing cookies button, you enable them. The prohibition of the marketing cookie user is not a barrier to our use of our services, but may in some cases restrict the user to accessing some of the information on our site.
The data stored by the cookies is retained for up to six months at the latest. You can also delete all cookies stored on your computer, and you can disable their installation in most browsers. In this case, however, you may have to make certain settings manually each time you visit a particular page, and you may also be aware that some features and features may not work. To turn off cookies, select your browser by clicking the appropriate icon:
You can disable Google cookies here.:
https://privacy.google.com/take-control.html?categories_activeEl=sign-in
Or, you can protest against this data management by the Data Controller.
Facebook
Facebook maintains a profile called Designer Textil, where data is provided on a voluntary basis, and depends on data published by like and followers. The published data can be corrected and deleted by the data subject. You can find Facebook's information management guide here: https://www.facebook.com/privacy/explanation
Data transfer, data processing
In order to fulfill the legal and contractual obligations of the Data Processor, or for the legitimate interest of the Business, personal data will be transferred to data processors (subcontractors) with the following contractual relationships.
Name: UNAS Online Kft (9400 Sopron, Kőszegi út 14.)
Activity: Hosting service, newsletter management system
Range of data transferred: All data processed online
Name: UNAS Online Kft (9400 Sopron, Kőszegi út 14.)
Activity: Website development
Range of data transferred: All data processed online
Name: Csomagküldő.hu Kft. (1031 Budapest, Vízimolnár utca 10 6/54)
Activity: Delivery, courier service
Range of data transferred: Shipping name, contact name, phone number
Name: KBOSS.hu Kft
1031 Budapest, Záhony utca 7.
Activity: Billing program
Range of data transferred: Name, address
Name: MailChimp - The Rocket Science Group, LLC
675 Ponce de Leon Ave NE
Suite 5000
Atlanta, GA 30308 USA
Activity: Newsletter sending
Range of data transferred: Name, email address, basket, order
Name: Barion Payment Zrt.1117 Budapest, Infopark sétány 1. I. épület 5. emelet 5
Activity: online payment transactions, transaction confirmation, and fraud monitoring for user protection
Range of data transferred: Billing information, name, email address
Marketing-based cookies: data processing based on voluntary contributions for marketing purposes, data transfer:
Name : Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)
Activity: Online marketing
Range of data transferred: Customer Preferences, IP Address
Name : Facebook Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland)
Activity: Login, identification
Range of data transferred: Username, Profile Image
Marketing Data Processing Personal Data is only released to service providers that recognize the EU-US Data Exchange Shield Agreement as binding on themselves. Data securityThe Data Controller handles personal data with the utmost care, strictly confidential, only to the extent necessary to use the services. The Data Controller has taken such technical and organizational measures or established the procedural rules necessary to enforce data management and data protection laws, and has undertaken an adequate confidentiality obligation with the employees and service providers (data processors) it employs, ensures the appropriate protection of the data it stores on the server level and application-level protection procedures. We store documents containing personal data safely and securely in our premises and at our headquarters.In this way, the controller ensures the availability, authenticity, integrity and confidentiality of the personal data processed.The Data Controller reviews these measures and rules regularly and, if necessary, modifies them.Data received on-line is stored on the hosting server of our hosting provider in Hungary.We inform our customers and users that despite the expected precautions, electronic data transmitted over the Internet cannot be fully protected from any attack.If a data protection incident has occurred, we must notify the supervisory authority within 72 hours of being notified, and we will keep a record of the data protection incidents. If the data protection incident is likely to pose a high risk to the rights and freedoms of natural persons, the data controller shall inform the data subject of the data protection incident without undue delay. Legal remedy The data subject of the personal data may request information about the management of your data in writing (via email). The Data Controller shall provide information on the data processed by it or the processor it processes, the purpose of the processing, its legal basis, duration, source, categories of data, name, address (headquarters) of the data processor and its activities related to data management, as well as who and for what purpose they receive or received the data. The controller shall provide the information in writing, in a comprehensible form, in the shortest possible time from the submission of the request, but within a maximum of 25 days, by e-mail in the absence of an express request. The Data Controller may set a reasonable fee for requesting information that is re-occurring in the current year.The data subject may request rectification of their data. You can request their deletion if the data processing was illegal or the data management period has expired. The data controller shall notify the data subject and the persons to whom the data have been forwarded for the purpose of data management.We inform our clients that the contract may not be lawfully objected to by the law and the data management necessary for the performance of our contracts, and can not lawfully request the deletion of such data.However, they may protest against marketing data management by email, in which case we will immediately discontinue the data management of the affected person and delete the data that is not necessarily handled.The data subject may also request a restriction of data management if they dispute their accuracy and the lawfulness of the treatment. The Data Controller will evaluate the restriction requests within 10 days.If the data subject disagrees with any decision of the Data Controller, he or she may appeal to the court within 30 days of its notification.If our clients have doubts about the legality of our data management, they may complain to the National Authority for Data Protection and Freedom of Information.Anyone who believes that his / her rights have been violated as a result of Data Controller's data management may go to court. The court acts out of the case. The Metropolitan Tribunal is competent to bring the action, but the case may also be initiated at the discretion of the person who initiated it before the court of the place of residence or place of stay.
