DATA PROTECTION POLICY
- Purpose of this privacy notice
The owner and operator of the
web shop www.letzshopping.hu (hereinafter referred to as the
Service Provider, Data Controller) Nnamchi
Bernard Ikechukwu, sole proprietor,
1025 Budapest, Szépvölgyi út 124., as Data Controller, acknowledges the contents of this legal notice as binding upon him. It undertakes to ensure that any processing of data relating to its activities complies with the requirements of this policy and the applicable national legislation and European Union acts.
The Data Protection Policy relating to the processing of personal data by the Data Controller is permanently available at www.letzshopping.hu
The Data Controller reserves the right to modify this policy at any time and will inform its audience of any changes in due time.
If you have any questions regarding this notice, please contact us at firstname.lastname@example.org and one of our team will answer your questions.
The Data Controller is committed to protecting the personal data of its customers and partners, and attaches the utmost importance to respecting the right to information self-determination of its customers. The Data Controller handles personal data confidentially and takes all security, technical and organisational measures to ensure the security of the data.
The Data Controller describes its data management practices below.
- Data Controller's data
If you would like to contact our company, you can contact the Data Controller at email@example.com, but you can also send a direct message via the website.
The Controller will delete all e-mails received by it, together with the personal data, after a maximum of five years, i.e. 5 years, from the date of communication.
Company name: Nnamchi Bernard Ikechukwu
1025 Budapest, Szépvölgyi út 124.
Registration number: 57098737
Tax number: 58748583-1-41
Customer service e-mail address: firstname.lastname@example.org
Data Protection Officer: Nnamchi Bernard Ikechukwu
- Scope of personal data processed
- Technical data
The Data Controller selects and operates the IT tools used to process personal data in the provision of the service in such a way that the data processed:
accessible to those authorised to access it (availability);
its authenticity and authenticity are ensured (authenticity of processing);
its integrity can be verified (data integrity);
is protected against unauthorised access (data confidentiality).
The Data Controller shall take appropriate measures to protect the data against unauthorised access, alteration, disclosure, disclosure, erasure or destruction and against accidental destruction.
The Data Controller shall ensure the security of data processing by technical, organisational and organisational measures that provide a level of protection appropriate to the risks associated with the processing.
The Data Controller shall, during the processing, keep confidentiality: it shall protect information so that only those who are entitled to access it have access to it;
integrity: to protect the accuracy and integrity of the information and the processing method;
availability: it ensures that when the authorised user needs it, he has effective access to the information and the means to obtain it.
- COOKIES (COOKIES)
The purpose of cookies collect information about visitors and their devices;
remember visitors' individual preferences, which are used, for example, when they make online transactions, so that they do not have to be re-entered;
facilitate the use of the website;
provide a quality user experience.
To provide a personalised service, a small piece of data, called a cookie, is placed on the user's computer and read back during a subsequent visit. When the browser returns a previously saved cookie, the cookie provider has the possibility to link the user's current visit to previous visits, but only in relation to its own content.
- Legal background and legal basis for cookies
The legal basis for processing is your consent pursuant to Article 6(1)(a) of the Regulation.
Main characteristics of the cookies used by the website
Cookies strictly necessary for the operation of the website:
These cookies are essential for the use of the website and allow you to use its essential functions. Without them, many of the site's features will not be available to you. The lifetime of these types of cookies is limited to the duration of the session.
- Cookies to improve the user experience
These cookies collect information about a user's use of the website, such as which pages they visit most often or what error messages they receive from the website. These cookies do not collect any information that identifies the visitor, i.e. they are completely generic and anonymous. We use the information they provide to improve the performance of the website. The lifetime of these types of cookies is limited to the duration of the session.
Third-party cookies (analytics)
- Google Adwords cookie:
- Google Analytics cookie:
- Remarketing cookies:
May appear when previous visitors or users browse other sites on the Google Display Network or search for terms related to your products or services.
- Session cookie:
These cookies store the visitor's location, browser language, payment currency, and have a lifetime of either closing the browser or up to 2 hours.
- Mobile version, design cookie:
Detects the device the visitor is using and switches to full view on mobile. Lifetime 365 days.
- Cookie acceptance cookie:
Accepts the cookie storage statement in the warning window when you visit the site. Lifetime 365 days.
- Facebook pixel (Facebook cookie):
A Facebook pixel is code that allows the website to report conversions, create audiences and provide the site owner with detailed analytics data on how visitors use the site. The Facebook pixel is used to display personalised offers and ads to website visitors on Facebook.
Internet Explorer: https://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie=ie-11
DATA RELATED TO ONLINE ORDERING:
- Last name and first name,
- Street and house number,
- Postal code,
- Address, Street, Address, City, Address, Country,
- E-mail address,
- Phone number
Data related to online administration:
- Surname and first name,
- Street and house number,
- Postal code,
- Address, Street, Address, City, Address, Country,
- E-mail address,
- Phone number
- Purpose, method and legal basis of processing
- General data processing policy
The data processing of the Data Controller's activities is based on voluntary consent or on legal authorisation. For processing based on voluntary consent, data subjects may withdraw their consent at any stage of the processing.
In certain cases, the processing, storage and transmission of some of the data provided may be required by law and we will inform our customers separately.
Data Controllers are reminded that, where they do not provide their own personal data, it is the Data Controllers' responsibility to obtain the data subject's consent.
Our data management principles are in accordance with the applicable data protection legislation, in particular the following:
- Act CXII of 2011 - on the Right to Informational Self-Determination and Freedom of Information (Infotv.);
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46/EC (General Data Protection Regulation, GDPR);
- Act V of 2013 - on the Civil Code (Civil Code);
- Act C of 2000 - on Accounting (Accounting Act);
- Act LIII of 2017 - on the Prevention and Combating of Money Laundering and Terrorist Financing (PMT);
- Act CCXXXVII of 2013 - on Credit Institutions and Financial Undertakings (Hpt.).
- Physical storage locations of data
Your personal data (i.e. the data that can be associated with you personally) may be processed by us in the following ways: on the one hand, technical data relating to the computer, browser program, Internet address and pages visited in connection with the maintenance of the Internet connection are automatically generated in our computer system, and on the other hand, you may provide your name, contact details or other data if you wish to contact us personally when using the website.
- Data transfer, data processing, data subjects
The data you provide when placing an order will be transmitted only to the company(ies) that carry out the delivery of the goods, but only to the extent strictly necessary for the performance of the delivery.
- The data required for the delivery are the following:
- Surname, first name,
- Country, Town, Name and number of public area,
- Telephone number
- E-mail address
- Data subject's rights and means of redress
During the period of processing, you have the following rights under the Regulation:
- the right to withdraw consent
- access to personal data and information relating to the processing
- the right to rectification
- restriction of processing,
- the right to access to personal data and to obtain information on the processing of personal data, including the right to access to personal data
- right to object
- the right to portability.
If you wish to exercise your rights, this will involve your identification and the need for the Data Controller to communicate with you, and therefore the provision of personal data will be required for identification (but identification will only be based on data that the Data Controller already holds about you) and your complaint about the processing will be available in the email account of the Data Controller within the time period indicated in this Notice in relation to complaints.
If you have been a customer of ours and would like to be identified for the purposes of complaint handling or warranty handling, please also provide your order ID for identification purposes. We can use this to identify you as a customer.
The Data Controller will respond to complaints about data processing within 30 days at the latest.
- Right to information
The Controller shall take appropriate measures to provide data subjects with all the information referred to in Articles 13 and 14 of the GDPR and each of the disclosures referred to in Articles 15 to 22 and 34 of the GDPR concerning the processing of personal data in a concise, transparent, intelligible, and easily accessible form, in clear and plain language.
- Right of access of the data subject
You have the right to obtain from the Controller feedback as to whether or not your personal data are being processed and, if processing is ongoing, the right to:
- to have access to the personal data being processed; and
- to be informed by the Controller of the following information:
the purposes of the processing;
- the categories of personal data processed concerning you; and
- information about the recipients or categories of recipients to whom or with which the personal data have been or will be disclosed by the Controller;
- the envisaged period of storage of the personal data or, where this is not possible, the criteria for determining that period;
- your right to obtain from the Controller the rectification, erasure or restriction of the processing of personal data concerning you and, where the processing is based on legitimate interests, to object to the processing of such personal data;
- the right to lodge a complaint with a supervisory authority;
- if the data have not been collected from you, any available information about their source;
the fact of automated decision-making (where such a process is used), including profiling, and, at least in these cases, clear information on the logic used and the significance and likely consequences for you of such processing.
The purpose of the exercise of this right may be to ascertain and verify the lawfulness of the processing, and the Data Controller may charge a reasonable fee for providing the information in exchange for repeated requests for information.
Access to personal data is provided by the Data Controller by sending you, by email, the personal data and information processed after you have identified yourself.
If you are registered, we will provide access so that you can view and control the personal data we process about you by logging into your account.
Please indicate in your request whether you are requesting access to personal data or information about data processing.
- Right to rectification
You have the right to have inaccurate personal data relating to you corrected by the Data Controller without delay upon your request.
- Right to erasure
The data subject shall have the right to obtain from the Controller, upon his or her request, the erasure of personal data relating to him or her without undue delay where one of the following grounds applies:
the personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
the data subject withdraws the consent on the basis of which the processing was carried out and there is no other legal basis for the processing;
the data subject objects to the processing and there are no overriding legitimate grounds for the processing;
the personal data have been unlawfully processed;
the personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the controller is subject;
the personal data have been collected in connection with the provision of information society services.
The erasure of the data may not be initiated if the processing is necessary: for the exercise of the right to freedom of expression and information; for compliance with an obligation under Union or Member State law to process personal data or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; for public health purposes or for archiving, scientific or historical research purposes or statistical purposes in the public interest; or for the establishment, exercise or defence of legal claims.
- Right to restriction of processing
At the request of the data subject, the Controller shall restrict processing if one of the following conditions is met:
the data subject contests the accuracy of the personal data, in which case the restriction shall be limited to the period during which
If the data subject contests the accuracy of the personal data, the period of time shall be limited to the period which allows the accuracy of the personal data to be verified;
the processing is unlawful and the data subject opposes the erasure of the data and requests instead the restriction of their use;
the controller no longer needs the personal data for the purposes of the processing but the data subject requires them for the establishment, exercise or defence of legal claims; or
the data subject has objected to the processing; in this case, the restriction shall apply for a period of time until it is established whether the legitimate grounds of the controller override the legitimate grounds of the data subject.
Where processing is subject to restriction, personal data, other than storage, may be processed only with the consent of the data subject or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or of an important public interest of the Union or of a Member State.
- Right to data retention
If the processing is automated or if the processing is based on your voluntary consent, you have the right to request the Data Controller to receive the data you have provided to the Data Controller, which the Data Controller will make available to you in xml or csv format.
- Right to object
The data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to processing of his or her personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, or necessary for the purposes of the legitimate interests pursued by the controller or by a third party, including profiling based on those provisions. In the event of an objection, the controller may no longer process the personal data, unless there are compelling legitimate grounds for doing so which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
- Right of withdrawal
The data subject shall have the right to withdraw his or her consent at any time.
- Right to apply to the courts
The data subject may take legal action against the controller in the event of a breach of his or her rights. The court shall rule on the case out of turn.
- Procedure before the data protection authority
Complaints can be lodged with the National Authority for Data Protection and Freedom of Information:
Name: National Authority for Data Protection and Freedom of Information
Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/C. Postal address: 1530 Budapest, PO Box 5.
Phone: +36 1 3911400
- Other provisions
Information on data processing not listed in this information notice will be provided at the time of data collection.
We inform our customers that the court, the prosecutor, the investigating authority, the law enforcement authority, the administrative authority, the National Authority for Data Protection and Freedom of Information, the Hungarian National Bank or other bodies authorised by law may contact the data controller to provide information, to disclose or transfer data or to make documents available.
The Data Controller shall disclose to the authorities - if the authorities have indicated the precise purpose and scope of the data - personal data only to the extent and to the extent that is strictly necessary for the purpose of the request.
This document contains all relevant information on data processing in relation to the operation of the webshop in accordance with the General Data Protection Regulation of the European Union 2016/679 (hereinafter referred to as the Regulation. GDPR) and the Act CXII of 2011 (hereinafter referred to as the Infotv.).
Last modified on 2 May 2022.