23rd December: | Customer service, dispatch service: 800 - 1630 |
24 - 29th December: | We're closed |
30 - 31th December: | Customer service, dispatch service: 800 - 1630 |
1 - 5th January: | We're closed due to annual inventory, dispatch service not available |
From 6th January: | Normal opening hours 800 - 1800 |
DATA PROCESSING INFORMATION OF THE WEBSITE
in accordance with the provisions of the
REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
valid as of 18th of December, 2018
1. CONTROLLER
The purpose of this Data Processing Information is to briefly and in simple terms inform the affective natural persons on the processing of their personal data in accordance with the provosions of the General Data Protection Regulation (Regulation (EU) 216/679 of the European Parliament and of the Council) and with the provisions of the Hungarian Law on information self-determination and freedom of information (Act CXII of 2011).
Reklámajándék.hu Kft (hanceforth: Controller) subcribes to the rules contained in this Data Processing Information which have been developed with regards to the effective legal regulation.
The Data Processing Information for the website distributor.golding.eu is available under: https://distributor.golding.eu/data-processing-information
Data of the Controller:
Name: Reklámajándék.hu Kft
Address: 1097 Budapest, Gubacsi út 61.
Phone: +36 (1) 464-4444
E-mail: info@reklamajandek.hu
Representative: Martos Péter executive director
Tax number: 23850727-2-43
Company register number: Cg. 01-09-981320 Törvényszék Cégbírósága
Web hosting company:
EVOLUTIONET Kft.
7342 Mágocs, Széchenyi utca 75.
info@evolutionet.hu
14992511-2-02
Controller undertakes that during the operation of the website its data processing activities fully meet with the rules of all-time regulations and Laws of the European Union and of Hungary. Controller maintains the right to modify this Data Processing Information at any time but also undertakes the obligation to publish such modified version.
2. THE CATEGORIES OF THE PERSONAL DATA CONCERNED
General information On our website, registration in its original sense is not possible, but one has the possibility to own a unique user name and password. In this case, ones designated account manager generates a user name with a password assigned to the company specifically. Logging in with these data, one can see their personal discount prices for the products of the webstore.
In this case the categories of the data recorded in the system are the following: first and last name, phone number, address and e-mail address, and, in case of discrepancy of the addresses the billing data.
3. DATA PROCESSORS
3.1. GLS General Logistics Systems Hungary Csomag-Logisztikai Kft.
- headquarters: 2351 Alsónémedi, GLS Európa u. 2.
- categories of data processed: name, delivery address, phone number
- purpose of data processing: delivery of the purchased products by courier service
- time period of data processing: 8 years by course of the Law on Accounting
3.2. Express One Hungary Kft.
- headquarters: 1239 Budapest, Európa utca 12.
- categories of data processed: name, delivery address, phone number
- purpose of data processing: delivery of the purchased products by courier service
- time period of data processing: 8 years by course of the Law on Accounting
3.3. DHL Express Magyarország Kft
- headquarters: 1185 Budapest, BUD Nemzetközi Repülőtér, repülőtér 302. ép
- categories of data processed: name, address, phone number
- purpose of data processing: delivery of the purchased products by courier service
- time period of data processing: 8 years by course of the Law on Accounting
3.4. Gebrüder Weiss Szállítmányozási és Logisztikai Kft.
- headquarters: 2330 Dunaharaszti, Raktár utca 2. (7600/1 hrsz)
- categories of data processed: name, address, phone number
- purpose of data processing: delivery of the purchased products by courier service
- time period of data processing: 8 years by course of the Law on Accounting
4. CATEGORIES OF PERSONAL DATA PROCESSED BY THE CONTROLLER, THE PURPOSE, THE LEGAL BASIS AND THE TIME PERIOD OF THE DATA
4.1. Legal basis of the data processing:
In case of data necessary for the fulfillment of the purchase: Section 6. point 1. paragraph (b) of the GDPR, and, in accordance with the provisions of Section 169. paragraph (2) of the Law on Accounting, the processing is necessary for compliance with a legal obligation (Section 6. point 1. paragraph (c) of the GDPR).
4.2. Data of the website visitors
In the course of visiting the website - as the controller and administrator of the website - we record the IP addresses of the (non identifiable) users; the time of the visit and the address of the website visited. This is done for technical purposes. These data is solely statistical, we do not assign them to identifiable customers.
Data are stored in the server for a maximum period of 1 year.
Legal basis of the data: the voluntary consent of the data subject.
In order to provide customised service, Controller will place small data packages (cookies) on your computer. Using the the website users consent to the use of such cookies.
Service provider as a technical contributing partner may grant other contracted partners the right - particularly for Google Inc. - to make a record of the visit using such cookies, so that the contracted partner can place advertisements on the website for the users.
Users can delete such cookies from their personal computer, or set the browser to disable the use of cookies. In addition, Google ensures that users may disable cookies placed by Google on the Google Ads Disabling page (http://www.google.com/privacy_ads.html). By disabling or deleting the use of cookies, the use of websites may become more uncomfortable for the users.
4.3. Order submission, billing, customer correspondence
Anything that can prove the occurrence of an economic event qualifies as an accounting document and, as such, is stored for 8 years.
Categories of data processed: name, address, phone number, e-mail address.
Time period of data processing: In case of placing an order, or if the correspondence with the customer can be directly related to an economic event, the data related to the order or the messages are used only for the intended purpose, stored and managed in accordance with rules of law on accounting and tax. Billing data will be stored for a time period of 8 years in accordance with provision under Section 169 paragraph (1) of the Law on Accounting.
4.4. Contact
In case of contacting the website - requesting a call back, sending feedback - we store the data for 1 month and then permanently delete it.
The stored data in this case are: Company name, Name, E-mail, Phone.
4.5. Other data processing
Regarding activities not mentioned in this Data Processing Agreement, consent will be requested and detailed information will be provided right before starting the data processing activity.
5. METHOD OF DATA STORAGE, SECURITY
5.1. Data security
During data processing Controller will ensure:
-integrity and confidentiality: protects information to access only those who are authorized to do so, and ensures the accuracy and completeness of data processing;
availability: ensures that when neccessary, the proper tools are available so that the user can actually access the information needed.
Electronic messages transmitted over the Internet, regardless of protocol (e-mail, web, ftp, etc.) are vulnerable to network threats which can lead to unfair activities, contract disputes, disclosure or modification of information. To protect against such threats, Controller will take all reasonable precautions. Systems are monitored in order to record any security deviations and provide evidence for all security incidents. System monitoring also allows checking the effectiveness of the applied precautions.
5.2. Data storage
The controller selects and operates its software and IT tools allowing that:
- data is accessible to authorized persons only (availability),
- authenticity and authentication of the data is ensured (authenticity of data processing),
- data is unchanged (data integrity),
- data is protected against unauthorized access (data confidentiality).
The controller implements technical and organisational measures to ensure the security of data management, providing a level of protection appropriate to the risks associated with data management.
6. DATA TRANSMISSION
In case of each data processing activities Controller will not transfer personal data to any third party without the explicit, prior and informed consent of the data subjects with the exception of the transfer of data to authorities who have the adequate legal basis to request such (for example, in the case of investigative authorities as regulated under Section 264 of Act XC on Criminal Proceedings) in which cases the transfer of data is a legal obligation of the Controller on the basis of the requests of the relevant authorities.
7. LEGAL REMEDIES
7.1. Information
The data subject may at any time request information on the management of his or her personal data, the rights and warranties of the data processing, in particular the data controller, the data processor, the legal basis for the data processing, its purpose, duration, location of data storage, and data security measures.
At the request of the data subject, Controller shall provide information on its data processing activities and on the transfer of the data.
Controller shall provide the information in writing, in a comprehensible form, within a reasonably short period of time from the submission of the request, but not later than 30 days.
The information is free of charge if the data subject has not yet submitted a request for information to the Controller for the same activity or data in the same year.
In other cases, Controller sets a cost reimbursement and provides the information only after it has been paid.
7.2. Right to restriction of processing
(1) The data subject shall have the right to obtain from the Controller restriction of processing where one of the following applies:
a) the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
c) the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims;
d) the data subject has objected to processing pending the verification whether the legitimate grounds of the controller override those of the data subject.
(2) Where processing has been restricted such personal data shall, with the exception of storage, only be processed with the data subjects consent or for the establishment, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
(3) A data subject who has obtained restriction of processing shall be informed by the Controller before the restriction of processing is lifted.
7.3. Deletion, rectification
Controller will delete personal data in case the processing of it is unlawful, or the data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, or the time period defined by the law has been expired or the personal data have to be erased for compliance with an order of a Court or Data Protection Authority, or the the data subject requests to do so except the processing is a legal obligation of the Controller.
Data subject shall have the right to obtain from the Controller the rectification of inaccurate personal data concerning him or her in the manner indicated at the registration or through customer service.
Data subject and all other third parties to whom the data have been transferred for the purpose of processing will be informed on the deletion or on the rectification of the data by the Controller. The notification may be omitted if it does not violate the legitimate interest of the data subject with respect to the purpose of the data processing.
7.4. Right to object
The data subject shall have the right to object if:
-the processing or the transfer of personal data is only necessary for the enforcement of the right or legitimate interest of the Controller or the data recipient, unless the data processing is prescribed by law;
-the purpose of the use or transfer of personal data is direct marketing, opinion polling or scientific research;
-the exercise of the right of objection is otherwise permitted by law.
Controller - by suspending data management at the same time, shall examine the objection as soon as possible after the submission of the request, but within a maximum of 15 days, and shall inform the data subject ont he result in writing
If the objection is justified, the data controller terminates the data management, including further data collection and data transfer, locks the data, and informs all third parties to whom the personal data have previously been forwarded and on the objection the measures taken on the basis thereof they must take action to enforce the right of protest.
If the data subject disagrees with the decision of the Controller, he or she may appeal to the court within 30 days of its notification.
The data controller cannot delete the data of the data subject if the data processing has been ordered by law. However, the data cannot be transmitted to the data receiver if the Controller has agreed to the protest or the court has established the legitimacy of the protest.
7.5. Authority, judicial remedy
Complaints can be made against the activities of the Controller, proceedings can be initiated:
Name: National Authority for Data Protection and Freedom of Information (NAIH)
Headquarters: 1125 Budapest, Szilágyi Erzsébet fasor 22 / c
Postal address: 1534 Budapest, Pf .: 834
Phone: +36 (1) 391-1400
Telefax: +36 (1) 391-1410
E-mail: ugyfelszolgalat@naih.hu
In the event of a violation of the rights of the data subject, onemay also apply to the court against the Controller. The rules of court jurisdiction indicate which Tribunal can initiate proceedings in a particular case.