Privacy statement
Name and contact details of the data controller
Name of the data controller: Bormatura Kft (hereinafter: Data Controller)
Data controller’s postal address: 1067 Budapest, Podmaniczky u. 31. I/7 (doorbell 31)
Data controller’s email address: info@borkollegium.hu
Website: www.borkollegium.hu
Legal background, legal basis, purpose of the data processing performed on the website, scope of the processed personal data and duration of the data processing
Information on the use of cookies
What is a cookie?
The Data Controller uses so-called cookies when you visit the website. The information package consists of cookie letters and numbers that our website sends to your browser for the purpose of saving certain settings, facilitating the use of our website and helping collect some relevant, statistical information about our visitors. Cookies contain no personal information and are not able to identify an individual user. Cookies often contain a unique identifier – a secret, randomly generated sequence of numbers – that your device stores. Some cookies expire after you close the website, while some are stored on your computer for a longer period.
Legal background and legal basis of cookies:
The background of data processing is the provisions of Act CXII of 2011 on the right to Informational Self-determination and Freedom of Information (Privacy Act) and Act CVIII on Certain Issues of Electronic Commerce Services and Information Society Services. The legal basis for data processing is your consent in accordance with Section 5(1)(a) of the Privacy Act.
The main features of the cookies used by the website are:
Cookies required strictly for operation: These cookies are essential for using the website and enable you to use the website’s basic functions. Without these, many of the website’s features will not be available to you. The lifespan of these types of cookies is limited to the duration of the session only.
Cookies to improve user experience: These cookies collect information about your use of the website, such as which pages you visit most often or what error messages you have received from the website. These cookies do not collect any information which identifies the user, i.e. they work with completely general, anonymous information. The data obtained from these is used to improve website performance. The lifespan of these types of cookies is limited to the duration of the session only.
RTB personalised retargeting cookies: These may appear to previous visitors or users when they browse other sites on the Google Display Network or search for terms related to their products or services. Visitors to the website can opt out of the use of RTB technology by clicking on the following link: http://adpilot.com/index.php?pid=privacy-opt-out
If you do not accept the use of cookies, certain features will not be available to you. You can find more information on deleting cookies on the following links:
Internet Explorer: http://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie=ie-11
Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer
Chrome: https://support.google.com/chrome/answer/95647?hl=en
Order and invoicing data processing
Legal background and legal basis of data processing:
The background of data processing is the provisions of Act CXII of 2011 on the Right to Informational Self-determination and Freedom of Information (Privacy Act) and Act C of 2000 on Accounting (Accounting Act). The legal basis for data processing is your consent in accordance with Section 5(1)a of the Privacy Act and, in the event of the withdrawal of your consent, the fulfilment of the legal obligation imposed on the Data Controller pursuant to Section 6(5)a of the Privacy Act and the Accounting Act.
Data processing purpose:
Issuance of an invoice in accordance with the law and fulfilment of the obligation to keep accounting documents. Pursuant to Section 169(1)-(2) of the Accounting Act, companies must keep accounting records directly and indirectly in support of their accounts.
Scope of data processed:
Name, address, email address, phone number, date of birth, invoicing address.
Duration of data processing:
Issued invoices shall be kept for 8 years from the issuance of the invoice pursuant to Section 169(2) of the Act. We would like to inform you that if you withdraw your consent to the issuance of the invoice, the Data Controller is entitled to keep any personal data obtained during the issuance of the invoice for 8 years pursuant to Section 6(5)a) of the Privacy Act.
Data processing related to the sending and display of personalised advertisements
Legal background and legal basis of data processing:
The background of data processing is Act CXII of 2011 on the Right to Informational Self-determination and Freedom of Information (Privacy Act) and Act XLVIII of 2008 on the Essential Conditions and Certain Limitations to Business Advertising Activity (Advertising Act). The legal basis for data processing is your consent in accordance with Section 5(1)a) of the Privacy Act and Section 6(1)-(2) of the Advertising Act.
Data processing purpose:
The purpose of data processing is to provide you with personalised offers that best suit your needs and preferences.
Scope of data processed:
Name, email address.
Duration of data processed:
Until the withdrawal of your consent.
On the use of data processors and their activities related to data processing
Data processing for the storage of personal data
Data Processor’s name: Websas.hu Kft
Data Processor’s contact details: Email address: info@websas.hu
The Data Processor stores personal data on the basis of a written contract concluded with the Data Controller. It is not entitled to access personal information.
Data security measures
The Data Controller declares that it has taken appropriate security measures to protect personal data against unauthorised access, alteration, transfer, disclosure, deletion or destruction, as well as accidental destruction and damage, and becoming inaccessible due to changes in the technology used.
Your rights during data processing
During the period of data processing, you are entitled to:
the right to information,
the right to rectify the data,
the right to delete data,
the right to block data, and
the right to object.
You may request information from the Data Controller regarding the processing of your personal data during the period of data processing. The Data Controller shall inform you in writing, in a comprehensible form, about the processed data, the purpose, legal basis, duration of the data processing and, if the data has been transferred, to whom and for what purpose they have received it, as soon as possible, but no later than 25 days after the submission of the request.
You may request that the Data Controller correct your personal data within the period of data processing. The Data Controller will comply with your request within 15 days at the latest.
You are entitled to request the deletion of your personal data, which the Data Controller will comply with within 15 days at the latest. The right of deletion does not apply if the Data Controller is obliged by law to store the data further, or if the Data Controller is entitled to further process personal data (for example in connection with invoicing) in accordance with Section 6(5) of the Privacy Act.
You may request that the Data Controller block the personal data if the permanent deletion of the data would harm the legitimate interests of the data subject. Data blocked in this way may only be processed for as long as the purpose which precluded the deletion of the personal data exists.
You may object to the processing of your personal data,
if the processing or transfer of personal data is necessary only for the fulfilment of a legal obligation to the Data Controller or to enforce the legal interest of the Data Controller, data recipient or third party, except in the case of mandatory data processing and in the case provided for in Section 6(5) of the Privacy Act;
if the use or transfer of personal data is made without your consent for the purpose of direct business acquisition, public opinion polling or scientific research.
The Data Controller will examine your objection as soon as possible, but no later than within 15 days of the submission of the request, decide on the merits of the request and inform you of its decision in writing. If the Data Controller decides not to comply with the data subject’s request for rectification, blocking or deletion, it shall, within 25 days of receipt of the request, communicate in writing, or with the consent of the data subject, electronically, the reasons for rejecting the request for rectification, blocking or deletion.
Legal remedies
If, in your opinion, the Data Controller has violated any legal provision on data processing or has not complied with any of your requests, the National Data Protection and Freedom of Information Authority may initiate an investigation procedure to terminate the alleged unlawful data processing (postal address: 1530 Budapest, Pf.: 5, email:ugyfelszolgalat@naih.hu).
We would also like to inform you that in the event of violation of the legal provisions on data processing, or if the Data Controller has not complied with any of your requests, you may take legal action against the Data Controller.
Data Protection Registry registration
Pursuant to the provisions of the Privacy Act, the Data Controller must notify the Data Protection Registry of certain data processing operations.
Data protection registration number: NAIH-73798/2014
Modification of data processing information
The Data Controller reserves the right to amend this data processing information. Your use of the website after any change takes place means that you accept the amended data processing information. In the event of a change, the Data Controller shall ensure that the previous version of the text is also available on the website.