Privacy Policy
Andrea Sebestyén-Kurucz (Headquarters: 2336 Dunavarsány, Csermely utca 50 tax number: 68632221-1-33) (hereinafter: Service Provider) during the operation of the website www.twinsfit.hu/en (hereinafter: Website), visitors to the Website, placing orders and manages the data of those who register on the Website (hereafter referred to as the Data Subject).
In connection with the management of data, the Service Provider hereby informs the Data Subjects about the personal data it manages on the Website, the principles and practices followed in the management of personal data, as well as the manner and possibilities of exercising the rights of the data subjects.
By using the Website, by sending an order, or by registering, where appropriate, the Data Subject accepts the provisions of the Data Management Notice and consents to the data management defined below.
- Definitions
Data subject: any natural person identified or – directly or indirectly – identified on the basis of personal data;
Personal data: data that can be associated with the data subject – in particular the data subject’s name, identification mark, and one or more physical, physiological, mental, economic, cultural or social characteristics of the data subject – as well as the conclusion about the data subject that can be drawn from the data;
consent: the voluntary and decisive declaration of the data subject’s will, which is based on adequate information, and with which he gives his unequivocal consent to the processing of his personal data – in full or covering certain operations;
protest: the data subject, with which he objects to the processing of his personal data and requests the termination of the data processing or the deletion of the processed data;
data controller: the natural or legal person or organization without legal personality who, independently or together with others, determines the purpose of data management, makes and implements decisions regarding data management (including the device used), or has them implemented by the data processor commissioned by it;
data management: regardless of the procedure used, any operation performed on the data or the set of operations, including in particular the collection, recording, recording, organization, storage, change, use, query, transmission, disclosure, coordination or connection, locking, deletion and destruction, and preventing further use of the data, taking photographs, audio or video recordings, and recording physical characteristics suitable for identifying the person (e.g. fingerprint or palm print, DNA sample, iris image);
data processing: performing technical tasks related to data management operations, regardless of the method and tool used to perform the operations, as well as the place of application, provided that the technical task is performed on the data;
data processor: the natural or legal person or organization without legal personality who processes data on the basis of the contract concluded with the data controller – including the conclusion of a contract based on the provisions of the law;
data transfer: making the data available to a specific third party;
disclosure: making the data available to anyone;
data deletion: making data unrecognizable in such a way that their recovery is no longer possible;
data blocking: providing the data with an identification mark for the purpose of limiting its further processing permanently or for a specified period of time;
data destruction: complete physical destruction of the data carrier containing the data;
third party: a natural or legal person, or an organization without legal personality, who is not the same as the data subject, data controller or data processor.
- Purpose of data management
The Service Provider stores and processes the data provided by the Data Subject for a specific purpose, solely for the purpose of fulfilling the order, enabling invoicing, delivering the products to the home, and later proving the terms of the concluded contract.
The purpose of the automatically recorded data is to create statistics and the technical development of the IT system.
The Service Provider does not use or may use the provided personal data for purposes other than those specified above. The release of personal data to third parties or to authorities – unless the law has otherwise binding force – is possible with the prior express consent of the Data Subject.
In any case, if the Service Provider intends to use the provided data for a purpose other than the purpose of the original data collection, the Data Subject shall be informed of this, and the Data Subject shall be given prior, express consent to this, and shall be given the opportunity to prohibit the use.
- Legal basis for data management
Data management is carried out on the basis of a voluntary, properly informed statement by the users of the Website, which statement contains the Data Subject’s express consent to the use of their personal data provided during the use of the Website.
CXII of 2011 on the right to self-determination of information and freedom of information applies to data processing by the Service Provider. Act (hereinafter: Info.tv.) according to Section 5 (1) point a) on the basis of the Data Subject’s voluntary consent, as well as CVIII of 2001 on certain issues of electronic commercial services and services related to the information society. takes place on the basis of law.
The service provider does not check the authenticity of the personal data provided to him. The person providing it, the Data Subject, the contracting party, is solely responsible for the adequacy of the data provided. When any Data Subject provides his/her e-mail address, he/she also assumes responsibility for the fact that only he/she uses the service from the given e-mail address. In view of this assumption of responsibility, any responsibility related to logins at a specified e-mail address rests solely with the Data Subject who registered the e-mail address.
- Designation of service provider as data controller
Company name: Andrea Sebestyén-Kurucz
Headquarters: 2336 Dunavarsány, Csermely utca 50
Tax number: 68632221-1-33
E-mail address: info@twinsfit.hu
- Duration of data management
The processing of personal data mandatorily provided during registration begins with registration and lasts until it is deleted upon request. In the case of non-mandatory data, the data will be processed until the order is fulfilled. The registration can be canceled at any time, after the cancellation request has been sent, as set out in the General Terms and Conditions (hereinafter: GTC). In this case, the deadline for deleting the data is 5 working days after the receipt of the request.
The logged data is stored by the system for 1 month from the date of logging, with the exception of the date of the last visit, which is automatically overwritten.
The above provisions do not affect the fulfillment of retention obligations defined in legislation (e.g. accounting legislation), as well as data processing based on additional consents given during registration on the Website or in any other way.
- Scope of processed personal data
Registration data
In order to use the services on the Website, and in particular to place an order on the Website, the Data Subjects must fill out a registration form, during which the following data must be provided in order for the Service Provider to complete the order:
Last name,
first name,
E-mail address
In order to send the order, you must enter additional data:
zip code,
city,
Street name,
House number,
Country
county
telephone number
Technical data
The data of the Data Subject’s logged-in computer that are generated during the use of the service and that are recorded by the Service Provider’s system as an automatic result of technical processes. These are, in particular, the date and time of the visit, the IP address of the Data Subject’s computer, the type of browser, the address of the viewed and previously visited website.
The data that is automatically recorded is automatically logged by the system upon entry or exit without a separate declaration or action by the Data Subject. These data cannot be combined with other personal user data – except in cases made mandatory by law. Only the Service Provider has access to the data.
The Service Provider’s system may collect data on the activities of the Data Subjects, which cannot be linked to other data provided by the Advertiser during registration or when the User contacts the Advertiser, nor to data generated when using other websites or services.
The html code of the Website may contain links to and from an external server independent of the Service Provider. The providers of these links are able to collect user data due to the direct connection to their server.
External servers assist in the independent measurement and auditing of the website’s visitor and other web analytics data (Google Analytics). The data controllers can provide the Data Subject with detailed information on the management of the measurement data.
Their availability: www.google.com/analytics/
Cookies
In order to provide customized service, the Service Provider and the designated external service providers store a small data package on the Data Subject’s computer, so-called cookies are placed and read back. If the browser returns a previously saved cookie, the cookie management service provider has the option to link the Data Subject’s data saved during current visits with previous ones, but only with regard to its own content.
The Service Provider uses the following cookie:
Temporary (session) cookie: session cookies are automatically deleted after the Data Subject’s visit. These cookies are used to make the Website of the Service Provider work more efficiently and more securely, so they are essential for certain functions of the Website or certain applications to function properly.
Persistent cookie: the Service Provider also uses persistent cookies for a better user experience (e.g. providing optimized navigation). These cookies are stored for a longer time in the cookie file of the browser. The duration of this depends on what setting the Data Subject uses in his internet browser. With the help of such cookies, the Service Provider collects data anonymously for marketing and optimization purposes. The Service Provider does not use the data to personally identify the Data Subject. Of course, you can block the use of the Data Subject’s data in this way at any time at any of the Service Provider’s contact details indicated above.
If the Data Subject does not want Google Analytics to measure the above data in the manner and for the purpose described, install the blocking add-on in his browser.
The website uses Google Adwords remarketing tracking codes. This is based on the fact that visitors to the page can later be approached with remarketing ads on websites belonging to the Google Display network. The remarketing code uses cookies to tag visitors. Website Users can disable these cookies if they visit the Google advertising settings manager and follow the instructions there. After that, personalized offers from the Service Provider will not appear for them.
The “Help” function, found in the menu bar of most browsers, provides information on the Data Subject’s own browser
how you can disable cookies,
how to accept new cookies,
how to instruct your browser to set a new cookie or
how to disable other cookies.
- The scope of the persons familiar with the data, data transmission, data processing
The Service Provider and the Service Provider’s internal employees are primarily entitled to know the data, but they will not be published or passed on to third party(ies).
The service provider may use a data processor (e.g. PayPal, system operator, transport company, accountant) for the fulfillment of orders and settlement of accounts. The service provider is not responsible for the data management practices of such external actors.
This website (twinsfit.hu/en) does NOT ask for bank card details! the service provider (Andrea Sebestyén-Kurucz) is not responsible for its release.
We ask for the amount of the order only by bank transfer to the bank account number on the invoice, or in case of personal collection in cash or via paypal.
Designation of data processors
Name: PACKETA HUNGARY KFT
Headquarters: 1044 Budapest, Ezred utca 1-3. B2/11. ép.
Mailing address: 1044 Budapest, Ezred utca 1-3. B2/11. ép.
E-mail address: nfo@packeta.hu
Telephone:+06 1 400 8806
Company registration number: 01 09 202186
For information on our data protection please see the privacy policy of Packeta.hu:
https://files.packeta.com/web/files/HU_Egyseges-adatkezelesi-tajekoztato-GDPR-HU-PACKETA.pdf
This message and any attachment may be confidential and intended exclusively for the addressee.
If you are not the intended addressee please notify the sender immediately and delete this message and any attachment from your system.
Data of hosting provider:
Name: Net-Tech Kft.
Headquarters: 1191. Budapest Kisfaludy utca 16. 6/18.
E-mail address: ufsz@domainadminisztracio.hu
Phone number: +36 (30) 426 6905
In addition to the above, it may take place in the cases required by the law on personal data concerning the Data Subject, as well as based on the consent of the Data Subject.
Paypal:
Paypal bank details:
https://www.globaldata.com/company-profile/paypal-holdings-inc/
https://www.paypalobjects.com/webstatic/ua/pdf/US/ints/privacy.pdf
- Affected rights and legal enforcement options
8.1. Right to information
The Data Subject is entitled at any time to request information about his/her personal data managed by the Service Provider, and can also modify them at any time in his/her own account on the Website.
At the request of the Data Subject, the Service Provider provides information about the data it manages, the purpose, legal basis and duration of the data management, as well as about who and for what purpose their data is or has been received. The service provider shall provide the requested information in writing within 30 days of the submission of the request.
The Data Subject may contact the Service Provider’s staff with any questions or comments related to data management via the contact details indicated below.
8.2. The data subject can request the deletion, correction or blocking of their data
The Data Subject has the right to request the correction or deletion of his/her incorrectly recorded data at any time at one of the contact details indicated below. The service provider will delete the data within 5 working days from the receipt of the request, in which case they will not be recoverable. The deletion does not apply to data processing required by law (e.g. accounting regulations), which are retained by the Service Provider for the necessary period.
The Data Subject may also request the blocking of their data. The Service Provider locks the personal data if the data subject requests this, or if it can be assumed based on the information available that deletion would harm the Data Subject’s legitimate interests. The personal data locked in this way can only be processed as long as the data management purpose exists, which precluded the deletion of the personal data.
The Data Subject, as well as all those to whom the data was previously forwarded for the purpose of data management, must be notified of the correction, blocking and deletion. The notification can be omitted if this does not violate the legitimate interests of the User in view of the purpose of the data management.
If the data controller does not comply with the data subject’s request for correction, blocking or deletion, within 30 days of receiving the request, the data controller shall notify the factual and legal reasons for rejecting the request for correction, blocking or deletion in writing.
8.3. The data subject may object to the processing of his personal data
The Data Subject may object to the processing of his personal data. The service provider examines the objection as soon as possible, but no later than 15 days after the submission of the application, makes a decision on its validity, and informs the applicant of its decision in writing.
The Data Subject can exercise his rights at the contact details indicated in point 1
8.4. The data subject is based on Info.tv and the Civil Code (Act V of 2013)
You can apply to the National Data Protection and Freedom of Information Authority (1125 Budapest, Szilágyi Erzsébet fasor 22/c.; www.naih.hu ) or assert your rights before the Court.
If the Data Subject provided third-party data during registration to use the service or caused damage in any way while using the Website, the Service Provider is entitled to claim compensation from the Data Subject. In such a case, the Service Provider will provide all possible assistance to the acting authorities in order to establish the identity of the person violating the law.
- Use of e-mail addresses
The Service Provider pays particular attention to the legality of the use of the electronic mail addresses it manages, so it only uses them in the manner specified below to send (informational or advertising) e-mails.
The management of e-mail addresses primarily serves the purpose of identifying the Data Subject, maintaining contact during the fulfillment of orders and the use of services, so e-mails are sent primarily for this purpose.
- Data security
The service provider undertakes to ensure the security of the data, and to take the technical measures to ensure that the recorded, stored and managed data are protected, and to do everything possible to prevent their destruction, unauthorized use and unauthorized change. You also undertake to call on all third parties to whom you may forward or transfer the data to fulfill their obligations in this regard.
