Privacy policy

PURPOSE OF THE PRIVACY INFORMATION

Precise information for the users of the website and the users of the services available on the website about who and how their personal data is processed and used, and what rights they have in relation to the processing of data.

BASIC CONCEPTS RELATED TO DATA MANAGEMENT:

Personal data: Any information about an identified or identifiable natural person (“data subject”); identifiable natural person, a natural person who, directly or indirectly, in particular by means of an identifier such as a name, an identification number, a location data, an online identifier or the physical, physiological, genetic, intellectual, economic, cultural or social identity of a natural person identifiable by one or more relevant factors;

Data management: Any operation or set of operations on personal data or data files, whether automated or non-automated, such as collecting, recording, organizing, segmenting, storing, transforming or altering, querying, viewing, using, transmitting communications , by distribution or otherwise making available, coordination or interconnection, restriction, deletion or destruction;

Restrict data management: Mark personal information stored to limit its future processing.

Profiling: Any form of automated processing of personal data that involves the evaluation of certain personal characteristics of a natural person, in particular his or her job performance, economic situation, health status, personal preferences, interests, reliability, behavior , used to analyze or predict location or movement characteristics;

Aliasing: The processing of personal data in such a way that it is no longer possible to determine to which individual the personal data relate without the use of additional information, provided that such additional information is stored separately and technically and organizational measures are taken to ensure that this personal data cannot be linked to identified or identifiable natural persons;

Data controller: Any natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data. where the purposes and means of the processing are defined by Union or Member State law, the controller or the specific criteria for the designation of the controller may be determined by Union or Member State law;

Processor: any natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller;

data subject’s consent: a voluntary, specific and well-informed and clear statement of the data subject’s consent to the data subject’s consent to the processing of personal data concerning him or her by means of a statement or unambiguous statement of confirmation;

Privacy Incident: A security breach that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or unauthorized access to personal information that is transmitted, stored, or otherwise handled.

PRIVACY STATEMENT

We only collect and use personal data that is strictly necessary for the operation of the website, the use of the website and the Web Store. We collect and use this personal information only with your consent. An exception to this is when, due to certain circumstances, it is not possible to obtain prior consent, but data processing is permitted or required by law.

We treat personal data confidentially, in accordance with the applicable legal regulations, and keep it confidential.

We will take all technical and organizational measures and establish all the organizational procedures and rules that are primarily set out in the European Union General Data Protection Regulation (Regulation 679/2016, hereinafter: GDPR), CXII of 2011 on the right to self-determination and freedom of information (hereinafter referred to as the Data Protection Act) and other applicable legislation are necessary to enforce or prevent unauthorized access to or use of personal data and the means used to process personal data.

The Data Controller shall ensure that the processed data cannot be accessed, disclosed, transmitted, modified or deleted by unauthorized persons. The processed data may be accessed only by the Data Controller or the data processor or its relevant employees, and the Data Controller shall not transfer them to a third party who is not entitled to access the data without the consent of the data subject. However, this does not apply to any mandatory data transfers required by law. Before fulfilling each official request for data, the Data Controller checks whether the legal basis for the data transfer really exists. The data is stored on the server provided by Magyar Hosting Kft.

The data controller will do everything in its power to ensure that the data is not accidentally damaged or destroyed. The Data Controller also prescribes the above commitment for its employees participating in the data management activities. Under no circumstances will the Data Controller collect special data. If such data has been recorded in the database by the Customer, the Data Controller shall delete it immediately.

By browsing the website or making a purchase, by ticking the data management information box during the purchase, you acknowledge that you have read the contents of this data management information and consent to the data controller processing the data provided by you in accordance with the relevant legislation.

2. DATA CONTROLLER DATA, DATA PROCESSORS

THE DATA MANAGER:

Name: BENCZE-INVEST Kft.

Headquarters: 4030 Debrecen, Epreskert utca 2.

Cg. Number: 09-09-013459, registration authority: Debrecen Court as Registry Court

Represented by: Zsolt Bencze

Contact details:

Zsolt Bencze 06 20 455 1555

Email address: zsoltbencze73@gmail.com,

Website: www.jazmin-thai-masszazs.hu

Data Protection Officer: The Data Controller is not obliged to appoint a Data Protection Officer under Article 37 of the GDPR.

Data processing: data processing is carried out by the persons indicated below

Data transfer abroad: no data transfer abroad

DATA PROCESSOR:

The data controller is entitled to use the data processing service. The data processor must carry out its activities in accordance with the order, these regulations and the relevant legal regulations. The data controller shall inform the data processor if he or she becomes aware of the modification or change in the handling of the personal data made available for the purpose of processing. By using the services of www.jazmin-thai-masszazs.hu , the user consents to the transfer of his / her data to the data processor.

Data processors depending on the purposes of data management:

• Current employees of the data controller

• Magyar Hosting Kft. (Registered office: 1132 Budapest, Victor Hugo utca 18-22.), Company registration number 01-09-968314 – hosting service

• Adó-Nyerő Kft. (Registered office: 4220 Hajdúböszörmény, Korányi Frigyes utca 35., cg. No .: 09-09012224) and its employees – accounting

• Szamlazz.hu online invoicing program operators – regarding invoicing

• Employees of CIB Bank Zrt. – based on payment through the CIB financial system

PRIVACY PURPOSES

ONLINE SALES:

You have the option of making an online purchase in the Webshop without registering, however, you must provide the information required to complete the purchase (invoicing and paying online) during the purchase.

The data controller manages the personal data of users and customers in connection with its online sales activities, solely for the purpose of fulfilling expectations and fulfilling its obligations related to fulfillment (invoicing, online payment). It only handles personal data that is necessary for the purpose of data processing and suitable for that purpose. It processes personal data only to the extent and for the time necessary to achieve the purpose. The Data Controller protects the personal data of the users managed in the Web Store in all expected ways.

Consent to Data Management: Providing certain minimum information on the part of the Customer is essential to fulfilling your order, failing which you will be prevented from completing your purchase. By providing the necessary data, the Buyer expressly consents to the processing of his / her personal data necessary for the fulfillment of the order.

Stakeholders: Customers

Legal basis for data processing: Article 6 (1) (a) GDPR, ie the consent of the data subject and Article CVIII of 2001 on certain aspects of electronic commerce services and information society services. Act 13 / A. § (3), in the case of direct marketing: Act XLVIII of 2008 on the basic conditions and certain restrictions of commercial advertising activities. pursuant to Section 6 (1) and (5) of the Act.

In the case of an invoice in accordance with the accounting rules in force: Article 6 (1) (c) GDPR, ie the processing is necessary to fulfill the legal obligation of the Data Controller;

Scope of data managed: The information you provide to complete your order: name, zip code, city, home address, email address, phone number, service purchased, billing address, tax number for businesses, When making a payment, the Customer will provide the credit card number, the expiration date and the 3-digit CVC code on the back, a valid e-mail address.

Purpose of data management: Fulfill orders, purchases, billing, payment, and customer contact.

Identifiers of potential Data Controllers: www.jazmin-thai-masszazs.hu operator, employees of massage parlors

Of the data processors:

• Adó-Nyerő Kft. (Registered office: 4220 Hajdúböszörmény, Korányi Frigyes utca 35., cg. No .: 09-09012224) and its employees – accounting

• Szamlazz.hu online invoicing program operators – regarding invoicing

• Employees of CIB Bank Zrt. – based on payment through the CIB financial system

Duration of data management:

• the handling of personal data provided during the order – mandatory and non-mandatory – necessary for the establishment and performance of the contract for 5 years after the termination of the contract. If the website is terminated, the data will be deleted automatically within 30 days of the termination. Requests to delete personal information you provide will be received in writing, email, (jazminthai@gmail.com) or mail. Deletion of data is performed by the Data Controller.

• for invoicing data, at least 8 years under section 169 (1) of Act C of 2000 on Accounting .

The rights of data subjects and remedies are governed by points 10 and 11.

The scope of access to the data, the data processors:

• Magyar Hosting Kft. (Registered office: 1132 Budapest, Victor Hugo utca 18-22.), Company registration number 01-09-968314 – hosting service

• Adó-Nyerő Kft. (Registered office: 4220 Hajdúböszörmény, Korányi Frigyes utca 35., cg. No .: 09-09012224) and its employees – accounting

• Szamlazz.hu online invoicing program operators – regarding invoicing

• Employees of CIB Bank Zrt. – based on payment through the CIB financial system

MANAGEMENT OF DATA RECEIVED AND COLLECTED THROUGH THE USE OF THE WEBSITE

LOG OF THE JAZMIN-THAI-MASSAGE.HU SERVER

When you visit the website jazmin-thai-masszazs.hu, the web server automatically logs the visitor’s activity.

Purpose of data management: When you visit the website, the service provider records visitor data to verify the operation of the services, to refine and supplement customer searches, to provide personalized service, and to prevent abuse.

Legal basis for data processing: Article 6 (1) (a) GDPR, ie the consent of the data subject and Article CVIII of 2001 on certain aspects of electronic commerce services and information society services. Act 13 / A. § (3).

Scope of data managed: The date and time of the visit, the address of the page visited, the IP address of the user’s computer, the type and version of the operating system and browser, and the searches of the users.

Duration of data management: 30 days from the date the website is viewed

Possible data controllers entitled to access the data: The operator of the jazmin-thai-masszazs.hu webshop and the hosting provider: Magyar Hosting Kft. (registered office: 1132 Budapest, Victor Hugo utca 18-22.), company registration number 01 -09-968314.

The Data Controller does not combine the data learned during the log analysis with other information, and does not seek to identify the user.

IP addresses can be used to locate a visitor using a computer geographically. The range of data processed alone is not yet sufficient to identify the data subject, but may be combined with other data to draw conclusions about the user.

EXTERNAL SERVICE PROVIDERS ‘LOGGING DATA MANAGEMENT

The html code of the portal contains links to and from an external server, independent of the web store operator. The third-party server is directly connected to the user’s computer. The providers of these links are able to collect user data (e.g., IP address, browser, operating system data, page address visited, and time of visit) due to direct connection to their server, direct communication with the user’s browser.

Data processing: Magyar Hosting Kft. (registered office: 1132 Budapest, Victor Hugo utca 18-22.), company registration number 01-09-968314 – hosting service

TREATMENT OF JAZMIN-THAI-MASSAGE.COM COOKIE

A so-called cookie or cookie, or anonymous visitor ID, is a unique set of tokens that users place on a visitor’s computer to identify and store profile information. Such a sequence of tokens cannot identify the visitor on its own, it is only and exclusively suitable for recognizing the visitor’s machine, since the full IP address is not stored during its use. When using such a solution, the service provider does not even request data from the visitor, so it is not necessary to provide a name, e-mail address or other personal data / information, the data is actually exchanged between the machines.

Our website uses cookies for the following purposes:

• collecting information about your browsing habits, which parts of our website are used the most by the visitor, so we can find out how to provide an even better user experience if you visit our site again,

• development of our website,

• make it easier for the visitor to navigate our website

The purpose of data management: to ensure the efficient and secure operation of the website, to ensure a better user experience (optimized navigation)

Legal basis for the processing: Article 6 (1) (a) GDPR, ie the consent of the data subject

The scope of the data you manage: The date, time, and pages you’ve previously visited don’t record personal information.

Possible data controllers entitled to access the data : The operator of the jazmin-thai-masszazs.hu webshop, employees, hosting provider: Magyar Hosting Kft. (registered office: 1132 Budapest, Victor Hugo utca 18-22.), company registration number 01 -09-968314.

Duration of data management: until the end of browsing the website; in the case of permanent cookies, until their expiry date or cancellation

The visitor can disable the placement of cookies on the computer or delete the cookies already placed there.

More information about cookies can be found at the following links: https: //hu.wikipedia .org / wiki / HTTP cookie

EXTERNAL SERVICE PROVIDERS COOKIE / COOKIE MANAGEMENT ON THE JAZMIN-THAI-MASSAGE.HU WEBSITE

Some service partners remarketing, a third-party site to display personalized ads, to identify and track users on the user’s computer a small data packet, the so-called a cookie is placed and read back when you use the Internet. If the browser returns a previously saved cookie, the service provider handling the cookie has the option to link the user’s current visit to the previous ones for websites that use the external service provider’s cookie.

As an external service provider, the Google Analytics server assists in the independent measurement and auditing of the traffic and other web analytics data of the website jazmin-thai-masszazs.hu. For detailed information about how this data is handled, please contact the Data Controller at http://www.google.com/intl/en/policies/ >.

In accordance with Article 2 (1) (f) of the GDPR Regulation, we use Google Analytics, a service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland, “Google”) to tailor and continuously improve our websites. Google Analytics uses text files, known as cookies, to analyze a user’s use of a website. about your habits:

• browser type, version,

• the operating system used,

• referral URL (previously visited page),

• the computer name (IP address) of the accessing computer,

• the date of the server request,

On behalf of the site operator, Google will use this information for the purpose of analyzing your use of the site, compiling reports on website activity for website operators and providing other services relating to website activity. Google does not associate the IP address from your browser with any other data held by Google Analytics. You can prevent cookies from being saved at any time by using the appropriate settings in your browser, but in this case you may not be able to use all the features of the website. Additionally, by downloading and installing the browser plug-in available through the following link, you may prevent the information generated by the cookie about your use of the website from being recorded, transmitted to or processed by Google: tools.google .com / dlpage / gaoptout? hl = de.

Instead of using the plug-in, especially in the mobile terminal browser, you can prevent Google Analytics from recording this information by clicking the link below. This method is based on placing an opt-out cookie that prevents your data from being recorded when you visit this site in the future. The cookies saved on your device are valid only in this browser and only on our website. If you delete cookies in this browser, you will need to re-place the negative cookie. To learn more about Google Analytics, visit the following Google website: https://support.google.com

The purpose of data management: to investigate and report on visitor activity and visitation habits on the website.

Legal basis for data processing : Article 6 (1) (a) GDPR, voluntary consent of the data subject

Scope of data processed: IP address, analytical cookies are anonymized and aggregate data that do not allow the computer to identify the user.

Data processing duration: Doesn’t automatically expire

The visitor’s computer is also directly connected to the servers of Google AdWords and Facebook to serve personalized ads. For information about the logging practices of these carriers, see https: // www .facebook.com / about / privacy and http://www.google.com/intl/en/policies/privacy/

The purpose of data management: to examine and report on the visitor operations and visitation habits performed on the website.

Legal basis for data processing : Article 6 (1) (a) GDPR, voluntary consent of the data subject

Scope of data processed: IP address, analytical cookies are anonymized and aggregate data that do not allow the computer to identify the user.

Data processing duration: Doesn’t automatically expire

The Data Controller also operates the following community (facebook) page for marketing purposes: https://www.facebook.com/jazminthaimassagedebrecen, https://www.facebook.com/jazminthaimassagebudapest,

however, where stand-alone profiling, no database is created.

To enhance the user experience, Facebook may also access certain information related to your visit to the pages. For information about Facebook’s privacy practices, please visit https: //www.facebook.com/privacy/explanation

For deleting and disabling cookies, see section 5.2.3. (cookie / cookie handling).

CORRESPONDENCE

The webshop jazmin-thai-masszazs.hu handles mail at the following e-mail address: jazminthai@gmail.com The operator of the webshop e-mail is stored together with the data contained therein, depending on the contents of the e-mail, until the purpose of data processing, but for a maximum of 1 year from the date of receipt. Further contact details of the data controller are provided in point 3.

OTHER DATA MANAGEMENT

We will inform the data subject about all other data processing when the data is collected.

The Data Controller will only transfer the data to a third party if it is required by law or if the user has consented to this in a credible manner.

SECURITY OF DATA PROCESSING

The data storage locations of the website and the Webshop can be found on the servers operated by Magyar Hosting Kft.

Pursuant to Article 32 of the GDPR and Article CXII of 2011 on the right to information self-determination and freedom of information. Pursuant to Section 7 of the Act, the Data Controller shall plan and carry out data processing operations in such a way as to ensure the protection of the privacy of data subjects during the application of this Act and other rules concerning data management.

The controller and the processor shall take appropriate technical and organizational measures to take into account the state of the art and the costs of implementation and the nature, scope, circumstances and purposes of the processing and the varying probability and severity of the risk to the rights and freedoms of natural persons. to ensure a level of data security commensurate with the degree of risk, including, where appropriate:

(a) the pseudonymisation and encryption of personal data;

(b) ensuring the continued confidentiality, integrity, availability and resilience of the systems and services used to process personal data;

(c) in the event of a physical or technical incident, the ability to restore access to and availability of personal data in a timely manner;

(d) a procedure for the regular testing, assessment and evaluation of the effectiveness of the technical and organizational measures taken to ensure the security of data processing.

In determining the appropriate level of security, particular account shall be taken of the risks arising from the processing of personal data arising in particular from the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data which have been transmitted, stored or otherwise handled.

The controller and the processor shall take measures to ensure that natural persons with access to personal data acting under the control of the controller or the processor may process such data only in accordance with the instructions of the controller, unless otherwise required by Union or Member State law. .

The data shall be protected by appropriate measures, in particular against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as against accidental destruction and damage, and from becoming inaccessible as a result of changes in the technology used.

In order to protect the data files processed electronically in the various registers, it shall ensure, by means of an appropriate technical solution, that the data stored in the registers, unless permitted by law, cannot be directly linked and assigned to the data subject.

During the automated processing of personal data, the data controller and the data processor shall provide additional measures

(a) prevent the unauthorized input of data;

(b) prevent the use of automatic data – processing systems by unauthorized persons using data communication equipment;

(c) the verifiability and traceability of the personal data to which personal data have been or may be transmitted using data communication equipment;

(d) the verifiability and traceability of which personal data have been input into automated data-processing systems, when and by whom;

(e) the resilience of installed systems to failure; and

(f) that errors in automated processing be reported.

The Data Controller and the Data Processor shall take into account the state of the art when defining and applying data security measures. From several possible data management solutions, you choose the one that provides a higher level of protection of personal data, unless this would be a disproportionate burden for the Data Controller.

METHOD OF DATA MANAGEMENT

Personal data is stored and processed by computer on a computer.

PRIVACY AND PRIVACY REQUESTS
Requests and complaints regarding data protection can be sent to the following postal address: 4030 Debrecen, Epreskert utca 2. or to jazminthai@gmail.com . The Data Controller will respond to requests and complaints as soon as possible, but no later than within 30 days, to the address indicated in the letter.

INCIDENT MANAGEMENT

The concept of a data protection incident

A breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or unauthorized access to personal information that is transmitted, stored, or otherwise handled.

Measures taken by the Data Controller in the event of an incident:

The Data Controller shall, without undue delay and if possible no later than 72 hours after becoming aware of the data protection incident, notify the competent supervisory authority, unless the data protection incident is not likely to pose a risk to natural persons. rights and freedoms.

If the data protection incident is likely to pose a high risk to the rights and freedoms of natural persons, the Data Controller shall inform the data subject of the data protection incident without undue delay.

The notification shall include at least the following:

(a) describe the nature of the data protection incident, including, where possible, the categories and approximate number of data subjects and the categories and approximate number of data affected by the incident;

(b) the name and contact details of the data protection officer or other contact person for further information;

(c) a description of the likely consequences of the data protection incident;

(d) describe the measures taken or planned by the Data Controller to remedy the data protection incident, including, where appropriate, measures to mitigate any adverse consequences arising from the data protection incident.

1.4. The Data Controller shall keep a record of the data protection incidents, indicating the facts related to the data protection incident, its effects and the measures taken to remedy it.

9.5 The data subject need not be informed of a data protection incident if

(a) the Data Controller has implemented appropriate technical and organizational security measures and these measures have been applied to the data affected by the data protection incident, in particular measures such as the use of encryption which make it incomprehensible to persons not authorized to access personal data the data;

(b) the Data Controller has taken further measures following the data protection incident to ensure that the high risk to the data subject’s rights and freedoms is no longer likely to materialize;

Fordítás típusai
Szövegfordítás
Forrásszöveg
4 752 / 5 000
Fordítási találatok
the information would require a disproportionate effort. (In such cases, the data subject shall be informed by means of publicly available information or a similar measure shall be taken to ensure that the data subject is equally effectively informed.)

The competent authority may instruct the Data Controller to inform the data subject of the data protection incident (Article 58 (2) (e) GDPR).

RIGHTS OF DATA CONTROLLERS

Those subject to the processing of personal data have the following rights under the law:

(a) right of access : access to data, whether data is being processed;

(b) right to rectification : correction of inaccurate, incorrect data;

(c) right of erasure : only in the case of consent-based data processing, the withdrawal does not affect the lawfulness of the data processing carried out on the basis of the consent prior to the withdrawal);

d) Restrictions on data processing : If the user disputes the accuracy of the data stored about them, if the data processing is illegal and the data is no longer needed but does not want the data to be deleted or needs to be deleted to bring, assert or defend against legal claims or if you have objected to the processing;

(e) right to data portability : the data subject has the right to receive personal data concerning him or her made available to the Data Controller in a structured, widely used machine-readable format and to transfer it to another Data Controller without being hindered by the Data Controller to whom you have made the personal data available;

(f) protest against the processing of personal data: the data subject has the right to object at any time to the processing of his or her personal data under Article 6 (1) (e) or (f) for reasons related to his or her situation, including profiling based on those provisions. In this case, the Data Controller may not further process the personal data, unless the Data Controller proves that the data processing is justified by compelling legitimate reasons which take precedence over the interests, rights and freedoms of the data subject or which are necessary to submit, enforce or protect legal claims. are related.

STAKEHOLDERS ‘REMEDIES FORUMS

Data protection supervisory authority: National Data Protection and Freedom of Information Authority (NAIH) Headquarters: 105-11 Budapest, Falk Miksa utca 9-11.

Mailing address: 1374 Budapest, Pf .: 603.

Phone: + 36-1-391-1400

Fax: + 36-1-391-1410

Email address: ugyfelszolgalat@naih.hu.

Court: If the data subject does not agree with the decision made by the Data Controller, he or she may appeal against it to the court within 30 days of its notification. The Data Controller is obliged to prove that the data processing complies with the provisions of the law. The court has jurisdiction to hear the case.

Data protection lawsuits may also be brought before the court of the data subject’s place of residence or stay, at the option of the data subject.

OTHER PROVISIONS:

The Data Controller does not verify the personal data provided. The person providing the data shall be liable for damages resulting from the provision of false or incorrect data.

This prospectus has been prepared in accordance, in particular, but not exclusively, with the provisions of the following legislation:

& nbsp;

a. European Union General Data Protection Regulation No. 679/2016 Regulation (GDPR)

b. Act CXII of 2011 on the right to information self-determination and freedom of information. law

c. CVIII of 2001 on certain aspects of electronic commerce services and information society services. law

d. Act XLVIII of 2008 on the Basic Conditions and Certain Restrictions of Commercial Advertising law

e. Act V of 2013 on the Civil Code

f. Act C of 2000 on Accounting

The Data Controller reserves the right to unilaterally amend this Privacy Notice by means of a notice published on the Website. By browsing the website, the user accepts the amended policy.

The content of this website is the intellectual property of BENCZE-INVEST Kft., Which may not be used in any form without the prior written permission of the owner.

Debrecen, October 06, 2020

BENCZE-INVEST Kft.

All rights reserved!

0
    0
    The cart is emptyBack to home
    Call Now Button