Privacy Notice
I. Introduction
Octaform Kft. (Registered office: 1136 Budapest Pannónia utca 15), as a data controller, acknowledges that the content of this data protection legal notice is binding on it. You agree that your data management related to your service and the operation of the Web Store will comply with the provisions set forth in this prospectus and applicable law.
The scope of this prospectus covers data management on the Service Provider's website (www.ionvizadagolo.com) and its subdomains.
In connection with the processing of data, the Service Provider, as a data controller, hereby informs the users of the website about the personal data managed by the website, its principles and practices in the field of personal data management, organizational and technical measures taken to protect personal data, and how and how to exercise your rights.
The Service Provider treats the recorded personal data confidentially, in accordance with data protection legislation and international recommendations, in accordance with this statement. In order to protect the personal data of its service partners and users, the Service Provider considers it extremely important to respect the right of www.monomer.hu customers to self-determination of information. The service provider treats personal data confidentially and takes all security, technical and organizational measures that guarantee the security of the data.
The Service Provider's data management policies are in accordance with applicable data protection laws, in particular:
- 2011 CXII. Act on the Right to Self-Determination of Information and Freedom of Information (hereinafter: the Information Act)
- CVIII of 2001 Act - on certain issues of electronic commerce services and services related to the information society (especially Section 13 / A)
- XLVII of 2008 Act - Prohibition of Unfair Commercial Practices for Consumers
- XLVIII of 2008 Act - on the basic conditions and certain restrictions of commercial advertising (especially § 6)
- 2005 XC. Electronic Freedom of Information Act
- Act C of 2003 on Electronic Communications (specifically § 155)
- 16/2011. s. Opinion on the EASA / IAB Recommendation on Best Practices for Behavioral Online Advertising.
By using www.ionvizadagolo.com, you, as the user, agree to the provisions of this privacy statement.
The service provider is entitled to unilaterally amend this data management information in addition to informing the users in advance. The amended provisions will take effect for the user the first time they are published on the website.
II. Definitions
1. data subject / User: any natural person identified or identifiable, directly or indirectly, on the basis of personal data;
2. personal data: data which may be contacted by the data subject, in particular his or her name, identification mark and knowledge of one or more physical, physiological, mental, economic, cultural or social identities, and the conclusion which may be drawn from the data; >
3. special data:
(a) personal data concerning racial origin, nationality, political opinion or party affiliation, religious or other worldview, membership of an advocacy organization, sex life,
(b) personal data concerning health status, pathological passion and criminal personal data;
4. consent: a voluntary and firm statement of the data subject's will, based on adequate information, giving his or her unambiguous consent to the processing of personal data concerning him or her, in whole or in part;
5. protest: a statement by the data subject objecting to the processing of his or her personal data and requesting the termination of the processing or the deletion of the processed data;
6. "controller" means the natural or legal person, or any entity without legal personality, which alone or jointly with others determines the purpose for which the data are processed, makes and implements decisions on data processing (including the means used) or implements a data controller;
7. data management: any operation or set of operations on data, irrespective of the procedure used, in particular their collection, recording, recording, systematisation, storage, alteration, use, interrogation, transmission, disclosure, coordination or aggregation, blocking, erasure and destruction; and prevent further use of the data, take photographs, sound or images, and recording physical characteristics of the person (eg fingerprint or palm print, DNA sample, iris image);
8. data transfer: making the data available to a specific third party;
9. Disclosure: making the data available to anyone;
10. data erasure: making data unrecognizable in such a way that it is no longer possible to recover it;
11. data marking: the identification of the data in order to distinguish it;
12. data blocking: the identification of data in order to limit their further processing permanently or for a specified period of time;
13. Data Destruction: The complete physical destruction of the media that contains the data.
14. data processing: the performance of technical tasks related to data management operations, regardless of the method and means used to perform the operations and the place of application, provided that the technical task is performed on the data;
15. "processor" means any natural or legal person, or any entity without legal personality, who carries out the processing of data under a contract concluded with a controller, including a contract concluded in accordance with the law;
16. data controller: the body performing a public task which has produced or is in the course of the operation of data of public interest which must be published by electronic means;
17. "informant" means the public authority which, if the data controller does not publish the data itself, publishes the data provided to him by the data controller on a website;
18. data set: the totality of the data managed in one register;
19. "third party" means any natural or legal person, or any entity without legal personality, other than the data subject, the controller or the processor;
20. commercial advertising: means of communication, information or presentation which is a marketable movable property, including money, securities and financial instruments, and natural forces that can be used as such (hereinafter referred to as "product"), service, real estate , is intended to promote the sale or other use of a right in rem (hereinafter collectively: goods) or, in connection with this purpose, to promote the name, designation, activity of the undertaking or to increase the awareness of goods or signs (hereinafter: advertising).
20. third country: any country that is not a member of the European Economic Area.
III. Basics
1. Personal data may be processed only for specified purposes, in order to exercise a right and fulfill an obligation. At all stages of data management, the purpose of the data management must be appropriate, and the collection and processing of the data must be fair and lawful.
2. Only personal data that is necessary for the realization of the purpose of data processing and suitable for the achievement of the purpose may be processed. Personal data may only be processed to the extent and for the time necessary to achieve the purpose.
3. Personal information can be handled if
- the data subject consents, or
- it is ordered by law or - under the authority of law, within the scope specified therein - by a decree of a local government for a purpose based on the public interest.
4. If the data subject is unable to give his or her consent due to incapacity or for other unavoidable reasons, the personal data of the data subject during the period of impediment to the protection of his or her own or another person's manageable.
5. The consent of the legal representative of a minor who has reached the age of 16 does not require the consent or subsequent approval of his or her legal representative.
6. If the purpose of consent-based data processing is to perform a written contract with the data controller, the contract must contain all information that the data subject must know about the processing of personal data under this Act, in particular the definition of the data to be processed, the duration of data processing, use purpose, the fact of the transmission of the data, the recipients, the fact of the use of the data processor. The contract must state in an unambiguous manner that, by signing, the data subject consents to the processing of his or her data as specified in the contract.
7. The data subject's consent shall be deemed to have been given in respect of personal data communicated or disclosed by him or her in the course of his or her public performance.
8. In case of doubt, it shall be presumed that the data subject has not given his or her consent.
IV. Functional data zelling
1. The legal basis for data management on the website: the User's consent, the Infotv. Section 5 (1) and Act CVIII of 2001 on certain issues of electronic commerce services and information society services. Act 13 / A. § (3).
The data management of the service provider with regard to the natural personal identification data related to the use of the information society services, the address of the users and the date, duration and place of the use of the service are regulated by Act CVIII of 2001. (on certain aspects of electronic commerce services and information society services) and voluntary consent for other personal data. Users give their consent by registering.
2. The scope of the managed data: e-mail address, password, surname and first name, telephone number, postal address, company name, company address, date of registration, IP address at the time of registration.
By placing an order in the online store operated by Octaform Kft., each customer declares that he has read, understood and accepts these customer regulations (Customer Information).
Name, company name: The customer in whose name the invoice will be issued. Own name for individuals, company name for companies.
Email Address: You'll also need to sign in to the email address you provided here, and we'll send notifications about your order and the status of your order to that email address. Enter a real, existing address for your own sake! Information about the order and the web store will be forwarded to the email address provided in the registration.
Address: Billing information and shipping information. In our webshop, you have the option to request the delivery of the order to an address other than the billing address. After logging in, you can also change the delivery and billing addresses in the Personal Data menu. Delivery and billing addresses can only be changed by phone or email after placing your order, but before handing over the package to the shipping company.
When visiting the services, the service provider records the IP address of the users visiting the website, the time of the visit (start and end) and the address of the page viewed, as well as the type of the user's browser and operating system - for technical reasons and user habits for the purpose of. This data is logged continuously, but is not linked to other data provided during registration or use. Only the data controller has access to the data obtained in this way. The data is stored on the server for 4 × 24 hours.
3. Possibility to change the data: The following data can be changed on the website: e-mail address, password, surname and first name, telephone number, postal address, company name, company address.
4. Deadline for deleting data: Immediately by deleting the registration. Pursuant to Section 169 (2) of Act C of 2000 on Accounting, the Service Provider shall keep the accounting documents for 8 years.
5. In addition to the above, the deletion or modification of personal data can be initiated in the following ways:
- by post to 1238 Budapest Helsinki út 120 or to the e-mail address info@octaform.hu.
6. The Service Provider may be contacted by the court, the prosecutor, the investigating authority, the infringement authority, the administrative authority, the National Data Protection and Freedom of Information Authority or another authority for the purpose of providing information and data.
7. The Service Provider shall provide the above authorities with personal data only if and to the extent strictly necessary for the fulfillment of the purpose of the request or which is available to them at the time of the request, provided that the authority has indicated the exact purpose and scope of the data.
8. The Service Provider shall provide the data and information provided by the parties concerned, necessary for the performance of the Service, in accordance with Act CXII of 2011 on the right to information self-determination and freedom of information. and the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, done at Strasbourg on 28 January 1981. The Service Provider uses the processed data only in a form unsuitable for personal identification.
9. Purpose of data management: The Service Provider handles the personal data of the Users for the purpose of providing the service (full use of the website, eg registration, purchase, sending a newsletter), only to the extent and for the time necessary for that purpose. It serves this purpose at every stage of data management.
10. The Service Provider also handles the personal data that is technically absolutely necessary for the provision of the service.
11. If the personal data was collected with the consent of the User, the Service Provider shall unless otherwise provided by law.
(a) for the purpose of fulfilling a legal obligation to which he is subject, or
b) In order to enforce the legitimate interest of the Service Provider or a third party, if the enforcement of this interest is proportionate to the restriction of the right to the protection of personal data, it may be handled without further consent and after the withdrawal of the User's consent.
12. The Service Provider does not misuse the personal data managed by it.
V. Manage your cookies
1. Webshop-specific cookies are so-called “passwords for password-protected sessions,” “shopping cart cookies,” and “security cookies,” the use of which does not require prior consent from those involved.
2. Legal basis for data processing: The consent of the data subject is not required if the sole purpose of the use of cookies is the transmission of communications over an electronic communications network or the provision of an information society service specifically requested by the subscriber or user. >
3. The range of data handled by cookies: unique identification number, dates, times.
4. Deadline for deleting data: The duration of data processing for session cookies is 30 days.
The purpose of data management is to identify users, record "shopping cart" and track visitors.
5. The Websites do not contain links to external (not managed by the Service Provider) servers,
6. The Service Provider performs the traffic data of the web store using the Google Analytics service. Codes related to the Google Analytics service have been placed on the website, which transmit statistical data related to each visit to the Service Provider's external server. The data transmitted are not suitable for the sole identification of the data subject. More information about Google's privacy policy can be found at http://www.google.com/policies/privacy/
7. Data storage takes place on the IT device of the data subject. The data subject has the option to delete cookies in the Tools / Settings menu of the browsers under the settings of the Privacy menu item.
8. By using the Service, the User consents to the Service Provider collecting and managing his personal data in order to provide the full range of the service, as described in this data protection information sheet.
VI. Newsletter
1. Act XLVIII of 2008 on the basic conditions and certain restrictions of economic advertising activity. Pursuant to Section 6 of Act No.
2. Furthermore, the Customer agrees to the processing of the personal data of the Service Provider necessary for the sending of the advertising offers, keeping in mind the provisions of this prospectus.
3. The Service Provider does not send unsolicited advertising messages, and the User may unsubscribe from sending offers free of charge without restriction or justification. In this case, the Service Provider deletes all personal data - necessary for sending advertising messages - from its register and does not contact the User with its further advertising offers. The user can unsubscribe from the ads by clicking on the link in the message.
4. The legal basis of the data management: the voluntary consent of the data subject, Infotv. § 5 (1), and Act XLVIII of 2008 on the basic conditions and certain restrictions of economic advertising activity. Section 6 (5) of the Act.
5. The range of data managed: name, e-mail address, date, time.
6. Deadline for deleting data: until the consent is withdrawn, ie until unsubscribed.
VII. Data transfer
1. The Service Provider is entitled to transfer the personal data managed by it to a third party.
2. The legal basis for the data transfer: the User's consent, the Infotv. § 5 (1), and Act CVIII of 2001 on certain issues of electronic commerce services and information society services. Act 13 / A. § (3).
3. The purpose of the data transfer is: Carry out the delivery
4. Scope of data transmitted in case of delivery: Name, address, e-mail address, telephone number, transaction amount.
5. The data will be forwarded to the following data controller for delivery:
Magyar Posta Zrt.
Budapest, Dunavirág street 2-6
mailing address: Budapest 1540
phone number: +36 1 767-8200
e-mail address: ugyfelszolgalat@posta.hu
web address: www.posta.hu
data protection information: http://posta.hu/adatkezelesi_elveink
VIII. Contact
If you ask during the use of our services and, if you have a problem, it's:
Monomer Ltd.
Headquarters, billing address: 1136 Budapest, Pannónia utca 15
Location, packaging, receipt of goods: 1238 Budapest, Helsinki út 120.
Octaform Ltd. order: Phone: 06 30 455 9000 or E-mail: info@octaform.hu
VIII. Content and information sharing
We would like to inform our users that the service provider - as part of the CVIII of 2001 on certain issues of electronic commerce services and services related to the information society. statutory hosting provider - is not responsible for content provided by users and only stored by the service provider. This is especially true for the disclosure of documents that also contain personal data (eg facial image, voice) or other related data processing operations, which require the prior consent of the data subject. Obtaining consent is the responsibility of users, as content providers, who are responsible for the content made available. Subject to the above provisions, the service provider excludes all responsibility for the legality (eg photo) and accuracy (eg classifieds) of the content placed by users during the use of its service.
We consider it important to inform our users that the personal information they provide, as well as information about their contact system, is valuable information that may be misused by some.
If a user's profile is deleted or deleted, the content made available will also be deleted.
IX. Other data management
Users are informed that the court, the prosecutor and the investigating authority may contact the Service Provider in order to provide information, disclose data, transfer documents or make documents available (Section 71 of Act XIX of 1998 on Criminal Procedure). The service provider shall provide the authorities with personal data only if and to the extent strictly necessary for the purpose of the request, provided that the authority has indicated the exact purpose and scope of the data.
X. How to store personal data, security of data management
The service provider handles personal data related to the website primarily at its registered office. Its servers are located in the center of Wix.com (Namal Tel Aviv 40 6350671 Tel Aviv ISRAEL.). The data controller stores personal data on a dedicated server protected by 24-hour security.
The service provider selects and operates the IT tools used to manage personal data during the provision of the service in such a way that the managed data:
(a) accessible to those entitled to it (availability);
(b) authenticity and authentication are ensured (authenticity of data management)
(c) unchangeable can be demonstrated (data integrity)
(d) be protected against unauthorized access (data confidentiality)
The service provider shall ensure that the security of the data processing is protected by technical, organizational and organizational measures that provide a level of protection appropriate to the risks associated with the data processing.
The service provider keeps the data during the data management
(a) confidentiality: it protects the information so that only those who have access to it can access it;
(b) integrity: protects the accuracy and completeness of the information and the method of processing;
(c) availability: ensuring that, when an authorized user needs it, he has real access to the information he needs and that the means to do so are available.
The service provider's IT system and network are all protected against computer-assisted fraud, espionage, sabotage, vandalism, fire and flood, as well as computer viruses, computer hacking, and denial-of-service attacks. The operator ensures security with server-level and application-level protection procedures.
We inform users that electronic messages transmitted over the Internet, regardless of protocol (e-mail, web, ftp, etc.), are vulnerable to network threats that lead to unfair activity, contract disputes, or the disclosure or modification of information. To protect against such threats, the service provider will take all necessary precautions. It monitors the systems to record any security incidents and provide evidence of any security incidents. System monitoring also allows you to check the effectiveness of the precautions taken
Therefore, the Service Provider reserves the right to inform its customers and partners about a vulnerability in its system if its customers or partners detect it, and at the same time to restrict access to the Service Provider's system or services or certain functions thereof until the vulnerability is eliminated. zza.
XI. Details and contact details of the data controller
The operator of the ionvizadagolo.com web store is
Operator: Octaform Kft.
Tax number: 13499644-2-41
Company Registration Number01-06-738428
Headquarters: 1536 Budapest, Pannónia utca 15
Name of the representative: Béláné Kántor
Contact customer service:
Phone: 06 30 697-0645
Email address: info@octaform.hu
XII. Privacy Information
1. The data subject may request the Service Provider to provide information on the handling of his / her personal data, request the correction of his / her personal data, and request the deletion or blocking of his / her personal data, with the exception of mandatory data processing.
2. At the request of the User, the Service Provider provides information on the data managed by it, their source, purpose, legal basis, duration, name, address and activities related to data processing of any data processor, and - in case of transfer of personal data of the data subject - legal basis and recipient. The Service Provider shall provide the information in writing, in a comprehensible form, as soon as possible after the submission of the application, but not later than within 30 days. The information is free.
3. The Service Provider shall correct the personal data if the personal data does not correspond to reality and the personal data corresponding to reality is available to the data controller.
4. Instead of deleting, the Service Provider blocks the personal data if the User so requests or if, on the basis of the information available to him, it can be assumed that the deletion would harm the legitimate interests of the User. Blocked personal data may only be processed for as long as the purpose of the processing, which precluded the deletion of personal data, exists.
5. The Service Provider deletes the personal data if its processing is illegal, the User requests, the processed data is incomplete or incorrect - and this condition cannot be legally remedied - provided the deletion is not excluded by law, the purpose of data processing is terminated or the data storage expired, it has been ordered by a court or the National Data Protection and Freedom of Information Authority.
6. The Service Provider shall notify the data subject of the rectification, blocking, marking and deletion, as well as all those to whom the data has previously been transmitted for the purpose of data management. Notification may be omitted if it does not harm the legitimate interests of the data subject with regard to the purpose of the processing.
7. The data controller has 30 days to delete, block and correct personal data. If the Service Provider does not fulfill the User's request for rectification, blocking or deletion, it shall notify the reasons for the rejection in writing within 30 days.
XIII. Compensation and damages
If the controller causes damage to someone by unlawfully processing the data subject's data or violating data security requirements, he is obliged to compensate him.
If the controller infringes the data subject's right to privacy by unlawfully processing the data subject's data or by violating data security requirements, the data subject may claim damages from the data controller.
The data controller is liable to the data subject for the damage caused by the data processor and the data controller is also obliged to pay the data subject damages in the event of a personal data breach caused by the data processor. The controller shall be released from liability for damages and the payment of damages if he proves that the damage or the violation of the data subject's right to privacy was caused by an unavoidable cause outside the scope of data processing.
There is no need to compensate for damages and no claim for damages to the extent that the damage was caused by the intentional or grossly negligent conduct of the injured party or the breach of the right to privacy.
XIV. Remedies
1. A user may object to the processing of their personal data if
a) the processing or transmission of personal data is necessary only for the fulfillment of a legal obligation to the Service Provider or for the enforcement of the legitimate interest of the Service Provider, the data recipient or a third party, unless the data processing is ordered by law;
(b) personal data are used or transmitted for the purposes of direct business acquisition, public opinion polling or scientific research;
c) in other cases specified by law.
2. The Service Provider shall examine the protest within the shortest time from the submission of the application, but not later than within 15 days, make a decision on the merits of the application and inform the applicant of its decision in writing. If the Service Provider establishes the validity of the protest of the data subject, it shall terminate the data processing, including further data collection and data transmission, and shall block the data, and shall notify all parties involved of the protest and the measures taken on the basis thereof. who has previously transmitted the personal data concerned by the protest and who are obliged to take action to enforce the right to protest.
3. If the User does not agree with the decision made by the Service Provider, he / she may file a lawsuit against it within 30 days of its notification.
4. In case of violation of his rights, the User may take legal action against the Service Provider. The court is acting out of turn in the case. Remedies and complaints can be lodged with the National Data Protection and Freedom of Information Authority:
National Data Protection and Freedom of Information Authority
1125 Budapest, Szilágyi Erzsébet avenue 22 / C.
Mailing address: 1530 Budapest, Mailbox: 5.
Phone: +36 -1-391-1400
Fax: + 36-1-391-1410
E-mail: ugyfelszolgalat@naih.hu