[et_pb_section fb_built=”1″ _builder_version=”4.0.8″ global_colors_info=”{}”][et_pb_row _builder_version=”3.25″ global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” global_colors_info=”{}” custom_padding__hover=”|||”][et_pb_text _builder_version=”4.10.4″ hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]
Privacy Policy
- Purpose of the Privacy Statement
Femmetex Hungary Kft. (registered office: 5400 Mezőtúr VII. Street 24 , company registration number: 16-09-018784, tax number: 27064269-2-16 , hereinafter referred to as Controller) as the Controller is bound by the content of this legal notice. Controller undertakes that all data management related to its activity will meet the expectations laid down by this Policy, National Provisions inforce and the Acts of the European Union.
Privacy Policy, relating to data processing by the Controller, is constantly available at https://thisisredy.com/privacy-policy .
Controller reserves the right to modify this Policy at any time. Customers will be informed about the changes in a timely manner. If you have a question related to this Communication, please write to us and our colleague will answer to your question.
Controller is committed to protecting the personal data of its customers and partners. Controller considers the respect of the customers’ right to informational self-determination to be particularly important. The Controller shall treat the personal data confidentially and shall take all security, technical and organizational measures that guarantee the security of these data.
The data management of the Controller is described below.
- Data of the Controller
Name: Femmetex Hungary Kft.
Headquarters: 5400 Mezőtúr, 24 VII. Street
Tax number 27064269-2-16
Email: [email protected]
2.1 The Data Protection Officer
Name: Dóra Molnár
Email: [email protected]
- The scope of personal data processed
3.1 Personal information provided during registration
- Name
- Photo
- Contact details (email address, phone number, home address, billing address, shipping address)
- Date of birth (optional)
3.2 Technical Specifications
The Controller shall select and operate the IT tools used to manage the personal data in the course of providing the service in such a way that the managed data:
- accessible to authorized persons (availability);
- authenticity and authentication are guaranteed (authenticity of data management);
- consistency can be verified (data integrity);
- is protected against unauthorized access (data confidentiality).
Controller protects the data by appropriate measures against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as accidental destruction.
Controller provides such a technical, organizational measures to ensure the protection of the security of data management that provides a suitable security level to the risks of the data management.
During the data management Controller retains:
- confidentiality: protects the information so that only authorized users have access to it;
- integrity: protects the accuracy and completeness of the information and the processing method;
- availability: ensures that when the authorized user needs it, he/she will be able to access the requested information, and the related resources will be available.
3.3 Cookies
- The role of cookies
- collect information about visitors and their tools;
- note the individual settings of the visitors that are/can be used, for example: using online transactions so they don’t have to type them again;
- make the website easier to use;
- provide a quality user experience.
In order to provide a personalized service, a small data package (called cookie) is placed on the user’s computer, which is read back during subsequent visits. If the browser returns a previously saved cookie, the cookie management service provider may link the user’s current visit to the previous cookie, but only for its own content.
3.3.2 Essential session cookies
The purpose of these cookies is, that the visitors can fully and seamlessly browse the Data Management website, use its functions, and its available services. The validity of these type of cookies lasts till the end of the session time (browsing), by closing your browser these type of cookies will automatically be deleted from your computer or other device used for browsing.
3.3.3 Third Party Cookies (Analytics)
The Controller also uses Google Analytics as a third party cookie on its website. The Google Analytics collects information using statistics services regarding how visitors use the webpage. The data will be used for the development of the portal and to improve the user experience. These cookies will remain on the visitor’s computer or other browsing device and on its browsers till they expire or till deleted by the visitor.
3.4 Online Ordering Information
- Name
- Company name (if applicable)
- Birthday (optional)
- Contact details (email address, phone number, billing address, shipping address)
3.5 Newsletter Related Information
- Name
- Company name (if applicable)
- Birthday (optional)
- Contact details (email address)
3.5 Data Related to Offline Events
- Name
- Photo
- Contact details (email address)
- Intended use and retention period of the data processed
Data management name
- Online order data management:
– legal basis: voluntarily reporting by the data subject
– retention period: for the period specified in Law 2000 C - Newsletter sign-up management:
– legal basis: voluntarily reporting by data subject
– retention period: until data subject requests for deletion - Data management related to offline registration:
– legal basis: voluntarily reporting by data subject
– retention period: until data subject requests for deletion of data
- Purpose, manner and legal basis of the data processing
5.1 General Privacy Policy
The Controller manages the personal data of registered users for the purpose of conducting market research and direct marketing as defined by the Act CXIX of 1995 on the Use of Name and Address Information Serving the Purpose of Research and Direct Marketing, in particular sending newsletters electronically and organizing prize games for registered users. The Controller only handles personal data that is necessary for the purpose of the data management and is suitable for securing the attainment of the objective. Personal data is processed only to the extent and for the time necessary to achieve the purpose. Management of the data management activities is based on voluntary consent. In the case of data-driven voluntary contributions, the data subject may withdraw their consent at any stage of the data processing.
Controller draws the participants’ attention, if not providing their personal data, it is their duty to obtain the consent of the data subject.
The Privacy Policy is in accordance with applicable data protection legislation, including in particular:
- CXII of 2011 Act – on the Right of Information Self-Determination and Freedom of Information ( Privacy Act .);
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
- Act V of 2013 on the Civil Code
- Act C of 2000 on accounting
- Act LIII of 2017 – on the Prevention and Impeding of Money Laundering and Terrorism Financing (AML Act)
- Act CCXXXVII of 2013 on Credit Institutions and Financial Enterprises (CIFE).
- Physical locations of data storage
Customers’ personal data (i.e. data related to You as a person) will be handled on the following way: on the one hand by maintaining the internet connection with your computer, browser, web address, technical data related to visited pages is automatically generated in our computer system, on the other hand you can also specify your name, contact information or other data if you wish to contact us when using the website.
- Data transfer, data processing, individuals who get access to the data
The Controller uses its own staff, contracted partners and the following Data Processors for its activities:
- ActiveCampaign Inc.
Data Processing Site (Website): thisisredy.activehosted.com
Data Processing Technology: Information System
Website: http://www.activecampaign.com
Headquarters: 150 North Michigan Avenue , Suite 1230, Chicago, IL 60601, United States - hu Kft.
Address of the data processor: Hungary, 2000 Szentendre, Táltos utca 22 / b.
Data Processing Location (Website or Address): szamlazz.hu
Data Processing Technology: Information System
- Ádám Tasnádi ev. (address: 6230 Soltvadkert, Ady Endre utca 8.) Purpose of data transfer: email marketing service, e-commerce and customer relationship management
- Emese Németh Zsófia ev. (address: 1091 Budapest, Üllői út 57. 5 / A.) Purpose of data transfer: email marketing service, e-commerce and customer relationship management
- Rights and exercise of rights of the data subject
The data subject may request for information about the management of his/her personal data, can also request adjustment of his/her personal data, or – with the exception of the mandatory data handling – can request erasure, revocation, can exercise his/her right to data porting-, and the right to object as indicated in the data recording part or at the controller’s above availabilities.
8.1 Right to Information
The controller shall take appropriate measures to provide any information referred to in Articles 13 and 14 and any communication under Articles 15 to 22 and 34 relating to processing to the data subject in a concise, transparent, intelligible and easily accessible form, using clear and plain language.
8.2 The data subject’s right of access
The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information: the data management objectives; the categories of personal data concerned; the recipients or categories of recipients to whom the personal data have been or will be communicated, including in particular third-country recipients or international organizations; the envisaged period for which the personal data will be stored; the right to rectification, erasure or restriction of data management and the right to object; the right of lodging a complaint with the supervisory authority; information concerning the data sources; the existence of automated decision-making, including profiling, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject. The controller shall provide the information within a maximum of one month from the submission of the request.
8.3 Right of rectification
The data subject may request the correction of inaccurate personal data and the completion of incomplete data, which are processed by the Controller. 8.4 Right to erasure
The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
- personal data are no longer needed for the purpose for which they were collected or otherwise processed;
- the data subject legitimate withdraws his/her consent as the basis for the processing and there is no other legal basis for the processing;
- the data subject objects to the processing, and there are no overriding legitimate grounds for the processing;
- the personal data have been unlawfully processed;
- the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject
- the personal data have been collected in relation to the offer of information society services
The erasure of data cannot be initiated, if the data management is required: for exercising the right of freedom of expression and information, for compliance with a legal obligation in Union or Member State law to which the controller is subject, for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, on the grounds of public interest in the area of public health, for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, or for the establishment, exercise or defence of legal claims.
8.5 Right to Restrict Data Management
At the request of the data subject, the Controller shall restrict data processing if any of the following conditions are met:
- the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data
- the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead
- the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims, or
- the data subject has objected to processing, pending the verification whether the legitimate grounds of the controller override those of the data subject
Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with the data subject’s consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
8.6 Right to Data Porting
The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to the controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.
8.7 Right to Object
The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, or for the purposes of the legitimate interests pursued by the controller or by a third party, including profiling based on those provisions.
Where there is a justified objection, the controller shall no longer process the personal data unless such compelling legitimate grounds are demonstrated for the processing, which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
8.8 Automated decision making on individual matters, including profiling
The data subject shall have the right not to be subject to a decision, based solely on automated processing, including profiling, which produces legal effects concerning him/her or similarly significantly affects him/her.
8.9 Right of Withdrawal
The data subject shall have the right to withdraw his or her consent at any time.
8.10 Right to apply to the courts
The data subject may take legal action against the controller in case of violation of his/her rights. The court will deal with the case with priority.
8.11 Data Protection Authority Procedure
Complaints can be made to the National Data Protection and Freedom of Information Authority: Name: Nemzeti Adatvédelmi és Információszabadság Hatóság
Headquarters: 1125 Budapest, Szilágyi Erzsébet fasor 22 / C.
Mailing address: 1530 Budapest, Pf .: 5. Phone: 0613911400
Fax: 0613911410
E-mail: [email protected]
Website: http://www.naih.hu
- Other Provisions
Further information about data processing not listed in this document is provided at the time of data recordings.
We inform our customers that the court, the prosecutor, the investigating authority, the misdemeanor authority, administrative authority, the National Data Protection and Freedom of Information Authority, the Hungarian National Bank, or other authorities based on legal authorization can contact the controller to receive information, for disclosure of information, for the transfer of data and to making documents available.
The controller shall disclose personal data to authorities – provided that the authority has indicated the exact purpose and scope of the data – only to the extent necessary to achieve the purpose of the request.
Mezőtúr, 01/01/2021
[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]