Privacy Policy
Privacy Statement
1. Introduction:
The purpose of this Policy is to establish the internal rules and measures to ensure that the data processing activities of Sári Mónika ev., as the data controller, related to the website http://www.hamsen-harness.com, which it operates, comply with the provisions of the EU Regulation 2016/679 (hereinafter: Regulation) – and Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (hereinafter: Infotv.).
2:
Data Controller.
Address of the Data Controller. 67 6767.
Tax number: 68589161126
E-mail address: dapfelphoto@gmail.com
Phone number: +36703972510
3. Principles of data processing:
Personal data must be processed lawfully and fairly and in a transparent manner for the data subject.
The collection of personal data must be purposeful, specific, explicit and legitimate. The data processed must be adequate, relevant and limited to what is necessary for the purposes for which they are processed.
Personal data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data are processed.
Personal data should be processed in such a way as to ensure adequate security of personal data, including protection against unauthorised or unlawful processing, accidental loss, destruction or damage, by implementing appropriate technical or organisational measures.
4. Basic concepts and their meanings in relation to personal data:
personal data means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
‘processing’ means any operation or set of operations which is performed upon personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
controller: the natural or legal person, public authority, agency or any other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of the processing are determined by Union or Member State law, the controller or the specific criteria for the designation of the controller may also be determined by Union or Member State law;
processor: a natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller;
third party: any natural or legal person, public authority, agency or any other body other than the data subject, the controller, the processor or the persons who, under the direct authority of the controller or the processor, are authorised to process personal data;
a personal data breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed.
5:
The data subjects concerned by the processing are the persons visiting the website operated by the Data Controller, the persons interested in the services of the Data Controller through the website.
The Data Controller shall process the following data of the data subject in case of enquiries about services on the website: name, e-mail address. The purpose of the data processing is to inform the data subject about the service he/she is interested in. The legal basis for the processing is the data subject’s voluntary consent (Article 6(1)(a) of the Regulation).
The data processed in the case of enquiries sent via the website will be processed by the Data Controller until the data subject is provided with the requested information. The Controller shall automatically delete the data after 1 year at the latest, unless the data subject has contacted the Controller again. In the event of a subsequent request, the Controller shall process the personal data for a maximum of 1 year from the date of the provision of the information.
6. Who has access to the data:
Only the Data Controller has access to personal data and does not transfer or make available the data it processes to third parties, whether for commercial or other purposes.
In order to obtain independent website traffic and other web analytics data, the service provider uses the Google Anatitycs software, and therefore Google Inc. acts as data processor for this data. Google Inc. Data Protection Policy is available at http://www.google.com/intl/hu ALL/privacypolicy.html. The user of the website services acknowledges that he has given his consent to the processing of his data by Google by using the website.
Cookies used on this website
A cookie is a string of information, consisting of text, which the website transfers to a small file on the hard drive of the user’s computer or mobile device. A cookie typically contains the name of the computer domain from which the cookie was received, the expiry date of the cookie and a randomly generated number (value).
The cookies used by the website serve several purposes. Some cookies are technically necessary for the functioning of the site, without which the site and its essential functions would not function. Some cookies facilitate the use of the website by remembering the visitor’s actions and personal preferences (e.g. language, font size and other unique settings related to the presentation of the website) for a limited period of time, so that the visitor does not have to re-enter them on each visit or when navigating from one page to another. There are cookies that are used to improve the performance of the website by collecting information and reporting statistics about the use of the website.
If the visitor concerned has consented to the use of cookies on the website, he or she will also have the possibility to change the cookie settings or delete cookies from his or her device. Web browsers allow you to change cookie settings or delete cookies.
7. Security of personal data:
The Data Controller ensures the security of the processed and stored data, its protection against access by unauthorized persons and against unauthorized modification or alteration, by means of state-of-the-art measures (e.g. firewall). The Data Controller shall provide the level of protection expected when processing the data.
8. Rights of data subjects in relation to data processing, legal remedies:
The data subject may request from the Controller access to, rectification, erasure or restriction of the processing of the personal data concerned and may object to the processing of such personal data.
The data subject shall have the right to obtain feedback from the Controller as to whether or not his or her personal data are being processed. If such processing is ongoing, he or she has the right to be informed of the purposes of the processing, the categories of personal data concerned, the categories of recipients of the data, the envisaged storage period of the personal data (if this is not possible, the criteria for determining this period).
The Controller shall provide the data subject with a copy of the personal data processed. For additional copies, the Controller may charge a reasonable fee based on administrative costs. Where the data subject has made the request by electronic means, the information shall be provided in a commonly used electronic format, unless otherwise requested.
The personal data shall be deleted if:
the personal data is no longer necessary for the purposes for which it was collected or otherwise processed;
the data subject withdraws the consent on which the processing is based and there is no other legal basis for the processing;
the data subject objects to the processing and there are no overriding legitimate grounds for the processing or the data subject objects to the processing on the basis of Article 21(2) of the Regulation;
the personal data have been unlawfully processed;
the personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the controller is subject;
personal data have been collected in connection with the provision of information society services directly to children.
The data subject may request that the controller restricts processing if any of the following conditions are met:
the accuracy of the personal data is contested, in which case the restriction shall be for a period of time which allows the controller to verify the accuracy of the personal data;
the processing is unlawful and he or she opposes the erasure of the data and requests instead the restriction of their use;
the controller no longer needs the personal data for the purposes of the processing but the data subject requires them for the establishment, exercise or defence of legal claims; or
the data subject has objected to the processing; in this case, the restriction shall apply for a period of time until it is established whether the legitimate grounds of the controller override the legitimate grounds of the data subject.
The data subject shall have the right to obtain the relevant personal data provided to the controller in a structured, commonly used, machine-readable format and the right to transmit those data to another controller.
The data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to the processing of his or her personal data where the processing is based on a ground relating to his or her particular situation:
processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party.
In such a case, the controller may no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
Where personal data is processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such purposes, including profiling, where it is related to direct marketing.
If the personal data breach is likely to result in a high risk to your rights and freedoms, the Data Controller shall inform the data subject of the personal data breach without delay.
The data subject may send questions, requests or comments to sarimonika.photo@gmail.com.
The data subject may take legal action against the controller in the event of a breach of his or her rights. The court will rule on the case out of turn.
Complaints may be lodged with the National Authority for Data Protection and Freedom of Information:
Name: National Authority for Data Protection and Freedom of Information
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/C.
Postal address: 1530 Budapest, PO Box 5.
Phone: 06 1 391 1400
Fax: 06 1 391 1410
E-mail: ugyfelszolgalat@naih.hu