GDPR prospectus - Sofa
Főmenü:
English
Introduction
The SOFA FAIPARI KFT.( provider ) wishes to fully comply with the statutory requirements for the processing of personal data, in particular the provisions of Regulation (EU) No 2016/679 of the European Parliament and of the Council.
This Data Handling Notice on the Protection of Personal Data of Natural Persons and the Free Movement of Data has been drawn up pursuant to Regulation (EU) No 2016/679 of the European Parliament and of the Council, law on information self-determination and freedom of information.
Name of Service Provider, Data Controller:
Name / Company Name: SOFA FAIPARI KFT.
Head office: 2890 TATA, NEW ROUTE 50.
VAT number: 24093101-2-11
Website Name: www.sofakft.hu
Contact details of the data controller:
Name / Company Name: SOMOGYVÁRI TAMÁS / SOFA FAIPARI KFT.
Head office: 2890 TATA, NEW ROUTE 50.
Correspondence address: 2890 TATA, KAKAS U. HRSZ .: 0153/5
E-mail: info@sofakft.hu
Phone: +36 20 4021789
Concept Definitions
- GDPR (General Data Protection Regulation) is the new EU Privacy Policy;
- Data Handling: means any operation or operation in any automated or non-automated way of personal data or data files, such as collecting, recording, rendering, compiling, storing, modifying or modifying, querying, inspecting, using, communicating, transmitting, distributing or otherwise disclosure, coordination or interconnection, restriction, deletion or destruction;
- data processor: a natural or legal person, a public authority, agency or any other body that manages personal data on behalf of the data controller;
- personal data: any information relating to an identified or identifiable natural person (s) concerned; a natural person may be identified, directly or indirectly, based on one or more factors relating to the physical, physiological, genetic, intellectual, economic, cultural or social identity of an identifier such as name, number, positioning data, online identifier or natural person identified;
"data controller" means a natural or legal person, public authority, agency or any other body that determines the purposes and means of handling personal data individually or with others; where the purposes and means of data management are defined by Union or national law, the data controller or the particular aspects of the designation of the data controller may also be defined by Union or national law;
- the consent of the person concerned: a voluntary, concrete and appropriate and informed and clear statement of the will of the person concerned, indicating his or her consent to the handling of personal data affecting him by means of a declaration of intent or a manifest error of expression;
- privacy incident: a breach of security resulting in accidental or unlawful destruction, loss, alteration, unauthorized disclosure or unauthorized access to personal data transmitted, stored or otherwise handled.
"recipient" means a natural or legal person, a public authority, agency or any other body with whom or with which personal data is communicated, whether or not it is a third party. Public authorities which have access to personal data in an individual investigation in accordance with Union or national law shall not be considered recipients; the management of such data by those public authorities must comply with the applicable data protection rules in accordance with the purposes of data management;
- third party: a natural or legal person, a public authority, an agency or any other body other than the data subject, the data controller, the data processor or any person authorized to manage personal data under the direct control of the data controller or the data processor .
Data management policies
The data controller declares that he / she manages the processing of personal data as set out in the Data Handling Notice and complies with the applicable legal regulations, with special regard to:
The processing of personal data shall be carried out legally and fairly and in a manner transparent to the person concerned.
Collecting personal data can only be done for a specific, clear and legitimate purpose.
The purpose of personal data management is to be appropriate and relevant and only to the extent necessary.
Personal data must be accurate and up-to-date. Inaccurate personal data should be deleted immediately.
Personal data should be stored in a form that allows the identification of the data subjects for a limited time only. The storage of personal data for longer periods of time may only take place if the storage takes place for public interest archiving, for scientific and historical research purposes or for statistical purposes.
Personal data should be handled in such a way as to ensure adequate security of personal data, including the protection against unauthorized or unlawful handling, accidental loss, destruction, or damage to data by using appropriate technical or organizational measures.
The principles of data protection apply to all identified or identifiable natural person information.
Important data management information
The purpose of data management is to provide the provider / data controller with adequate additional services for the persons registered on the site during the operation of the web site.
The legal basis for data handling is the consent of the person concerned.
The subject of data management is the registration user of the website.
Data management time and data erasure:
The duration of the data management is always a function of the specific user goal, but the data must be deleted immediately if the originally targeted goal has already been achieved. Your consent to data handling may be withdrawn by the person concerned at any time by email sent to the contact email address. If the deletion has no legal impediment, then the data will be deleted.
The data controller and his / her employees are entitled to know the data.
The person concerned may apply to the data controller for access to, correction, deletion or limitation of access to personal data concerning him or her and may object to the handling of such personal data as well as the right to access the data concerned.
The person concerned may withdraw his consent to the processing of data at any time, but this does not affect the lawfulness of the data handling carried out on the basis of the consent prior to the withdrawal.
The person concerned may exercise the right to submit a complaint to the supervisory authority.
If the person concerned intends to use the benefits of the registration, ie to use the services in this site, it is necessary to provide the requested personal data. The person concerned is not obliged to provide personal data and does not have any disadvantages to the lack of data provision. However, accessing certain functions of the web site is not possible without registration.
The data subject shall have the right to rectify or supplement any inaccurate personal data that he or she is entitled to request without delay.
The data subject shall have the right, at his or her request, to delete unclear personal data without undue delay, and the data controller shall be required to delete the personal data of the data subject without undue delay without any other legal basis for the data handling.
Modification or deletion of personal data may be initiated via e-mail, phone or letter as stated above.
Registration on the website
The purpose of data management is to provide extra service and contact.
The legal basis for registration data is your consent.
The subject of data management is the registration user of the website.
Duration of data handling. The data processing takes place until the consent is withdrawn. You may withdraw your contribution to data processing at any time by email sent to your contact email address.
Data is deleted when the consent for data management is withdrawn. You may at any time withdraw your contribution to the data processing by sending a letter to your contact email address.
The data controller and his / her employees are entitled to know the data.
Data storage method: electronic.
Modification or deletion of personal data may be initiated via e-mail, phone or letter as stated above.
The provision of personal data is absolutely necessary because of identification and contact in databases. The exact business name and address are required for billing, which is a legal obligation.
Scope of managed data The specific purpose of data management data
Name Authentication, contact, billing.
Company Identification, Contact, Billing.
Address Authentication, contact, billing.
E-mail Authentication, Contact.
Phone Identification, Contact.
Date of registration Technical information operation.
IP Address Technical Information Operation.
The user's data management consent can be done by deliberately clicking the blank checkbox on the web page and expressly for that purpose.
You, as a concerned person, may object to the processing of your personal data, in this respect you are entitled to proceed with the above-described data management information and this process and the procedures described in the prospectus.
Submit Order
The purpose of data management is to provide additional services, to contact, to send a confirmation email. We can only complete your order if you provide your contact and billing information, which is absolutely necessary for your contact and billing.
The legal basis for data handling is your consent. In the case of invoicing, the data processing is based on legal requirements.
The subject of data management is the registration user of the website.
Duration of data handling. Data processing is subject to legal regulation or consent being withdrawn. You may withdraw your contribution to data processing at any time by email sent to your contact email address.
Data is deleted when the consent for data management is withdrawn. You may at any time withdraw your contribution to the data processing by sending a letter to your contact email address. Deletion of billing information can be done according to legal regulations.
The data controller and his / her employees are entitled to know the data.
Data storage method: electronic.
Modification or deletion of personal data may be initiated via e-mail, phone or letter as stated above.
Scope of managed data The specific purpose of data management data
Name Authentication, contact, billing.
Company Identification, Contact, Billing.
Address Authentication, contact, billing.
E-mail Authentication, Contact.
Phone Identification, Contact.
Product Information Product Identification.
Date of registration Technical information operation.
IP Address Technical Information Operation.
The user's data management consent can be done by deliberately clicking the blank checkbox on the web page and expressly for that purpose.
The person concerned may object to the processing of his / her personal data, in this respect he / she is entitled to proceed with the data handling information detailed above, as well as this prospectus and the procedures described in the prospectus.
Invoicing
The purpose of data processing is to issue and send an electronic invoice as an e-mail attachment.
The legal basis for data processing is statutory mandatory data management.
The range of stakeholders involved in data management is the supplier's customer partners.
Duration of data handling. Data processing is subject to legal regulation or consent being withdrawn. You may withdraw your contribution to data processing at any time by email sent to your contact email address.
Data is deleted when the consent for data management is withdrawn. You may at any time withdraw your contribution to the data processing by sending a letter to your contact email address. Deletion of billing information can be done according to legal regulations.
The data controller and his / her employees are entitled to know the data.
Data storage method: electronic.
Changing or deleting your account information can be initiated via email, phone, or email using the contact options listed above.
Scope of managed data The specific purpose of data management data
Name Authentication, contact, billing.
Company Identification, Contact, Billing.
Address Authentication, contact, billing.
E-mail Authentication, Contact.
Phone Identification, Contact.
Tax number / tax identification Identifier of the buyer.
Account Data Identifying the Account.
Time of issuing a bill Technical information operation.
The user's data management consent can be done by deliberately clicking the blank checkbox on the web page and expressly for that purpose.
The person concerned may object to the processing of his / her personal data, in this respect he / she is entitled to proceed with the data handling information detailed above, as well as this prospectus and the procedures described in the prospectus.
Cookies
Cookies are placed on the user's computer by the websites you visit and include information such as page settings or login status.
Cookies are therefore the small files created by the visited websites. Save your browsing data to improve your user experience. Using cookies, the web site remembers your site settings and offers locally relevant content.
The website of the web site visitor to your computer sends a small file (cookie) to the fact that the visit and fact can be verified. This provider informs the visitor of the website.
The circle of people involved in data management is the visitors of the website.
The purpose of data management is to provide additional service, identification, tracking of visitors.
The legal basis for data handling. User consent is not required if the use of cookies is strictly needed by your service provider.
Data range: unique identification number, date, setup data.
The user has the option of deleting cookies in the Settings menu at any time from browsers.
Data controllers are entitled to know the data. By using cookies you do not manage your personal data with the data manager.
Data storage method: electronic.
Google Analytics
Our website uses the Google Analytics application □ does not use it
When using Google Analytics:
Google Analytics reports to customers about cookie users' custom cookies (cookies).
On behalf of the web site operator, Google uses the information to use it
evaluate how users are using the website. As a further service, it reports to the web site operator's reports related to the activity of the site to perform additional services.
Data is stored on Google servers in encrypted format to make it more difficult and prevent data misuse.
Blocking Google Analytics can be done as follows. Quote from the side:
Web site users who do not want Google Analytics JavaScript to report their data can install the Google Analytics opt-out browser extension. This plugin forbids Google Analytics JavaScript (ga.js, analytics.js, and dc.js) to send information to Google Analytics. The browser extension can be used in most recent browsers. The Google Analytics Disabling Browser Extension does not prevent the data being sent to the site itself and other Internet analytics services.
https://support.google.com/analytics/answer/6004245?hl=hu
Google Privacy Policy: https://policies.google.com/privacy
Information on using and protecting data is available in detail in the above links.
Privacy in detail: https://static.googleusercontent.com/media/www.google.com/en//intl/en/policies/privacy/google_privacy_policy_en.pdf
Data Processors
Hosted by:
Name / Company Name: DiMa.hu Kft
Head office: 4032 Debrecen, Békessy Béla u. 9. Building C 3rd Floor 10th Door
Phone: +36 52 212 284
E-mail: info@dima.hu
The information you provide is stored by the hosting server. Data can only be accessed by our staff or by the server operating personnel, but they are all responsible for the safe handling of the data.
Name of activity: hosting service, server service.
The purpose of data management is to ensure the operation of the website.
Treated data: personal data provided by the person concerned
Time of data handling and deadline for deleting data. Data management until the end of the web site's operation and according to a contractual agreement between the web site operator and the hosting provider. The person concerned may also ask for the deletion of his or her data if requested by the hosting service provider.
The legal basis for data handling is the consent of the person concerned or legal data management.
Data Rights
The right to request information
You can ask us about the details of our company, what legal basis, what kind of data management purpose, how long and how long it will handle through the specified contacts. Upon your request, we will notify you immediately, but within 30 days, of the e-mail contact you provide.
Right to rectification
You can request us to modify some of your data via the specified contact details. We will do so immediately and within 30 days of your request. We will send you information about the e-mail you provided.
The right to cancel
You can request the cancellation of our data via the specified contact details. Upon your request, we will do so promptly, but within 30 days, we will send you information about the e-mail address you provide.
The right to block
You can request the blocking of our data through the specified contacts. Locking will continue until the reason you specify requires the data to be stored. Upon your request, we will do so promptly, but within 30 days, we will send you information about the e-mail address you provide.
Right to protest
You may object to data handling through the specified contacts. The protest will be examined within the shortest time, but not later than 15 days after the submission of the application. We will make a decision on your validity and we will inform you of your decision by e-mail.
Enforcement of data management
In the event of illegal handling of data you are experiencing, please let our company know, so it will be possible to restore the legal status within a short time. For your convenience, we will do our best to resolve the problem outlined.
If you consider that legitimate status can not be restored, please notify this authority on the following contact details:
National Privacy and Freedom Authority
Postal address: 1530 Budapest, Pf .: 5.
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22 / c
Phone: +36 (1) 391-1400
Fax: +36 (1) 391-1410
E-mail: service@naih.hu
URL: https://naih.hu
Coordinates: S 47 ° 30'56 ''; K 18 ° 59'57 ''
Legislation underlying data management
- REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Regulation (EC) No 95/46 / General Data Protection Regulation).
- 2011 CXII. law on information self-determination and freedom of information.
- Act LXVI of 1995 on Public Works, Public Archives and the Protection of Private Archives Material. law.
- Decree 335/2005 on the General Requirements for Document Management of Public Servants (XII.29.) Government decree.
- CVIII of 2001. Act on Electronic Commerce Services and Information Society Services Issues.
- Act C of 2003 on electronic communications.