Privacy Policy
These Regulations are effective from March 1, 2021 and will remain in effect until revoked.
Introduction
PTM PROJEKT LTD. (HUN)
Name of the service provider: PTM Projekt Kft.
The registered office of the service provider is: HUNGARY 4071 Hortobágy Ady Endre utca 10.
The service provider has no premises.
Mailing address of the service provider: 4071 Hortobágy Ady Endre utca 10.
The service provider’s contact information and regularly used email address for contacting users: ptmprojekt@gmail.com
Company registration number: 09 09 031949
Tax number: 28755500-1-09
Website: https://uniquecomic.com ; https://egyedikepregeny.hu/en/
Language of the contract: ENGLISH
Hereinafter: Service provider, (data controller) submits to the following information.
CXII of 2011 on the right to information self-determination and freedom of information. law (hereinafter: Info tv.) § 20. (1) states that the data subject (in this case, the webshop user, hereinafter: user) must be informed before data processing begins that data processing is based on consent or is mandatory.
Before data processing begins, the data subject must be informed clearly and in detail about all the facts related to the processing of his data, including, in particular, the purpose and legal basis of data processing, the person entitled to data processing and data processing, and the duration of data processing.
The person concerned must be informed by Info tv. On the basis of Section 6 (1), personal data can be processed even if obtaining the data subject’s consent would be impossible or disproportionately expensive, and the processing of personal data is necessary for the purpose of fulfilling a legal obligation to the data controller, or the data controller or a third party has the right to it is necessary for the purpose of enforcing its interest, and the enforcement of this interest is proportionate to the limitation of the right to the protection of personal data.
The information must also cover the data subject’s rights and legal remedies.
If personal information of the data subjects would be impossible or disproportionately expensive (such as in the present case in an online store), the information can also be provided by disclosing the following information:
- a) the fact of data collection,
- b) the range of stakeholders,
- c) purpose of data collection,
- d) duration of data management,
- e) the identity of potential data controllers authorized to access the data,
- f) description of the rights and remedies of the data subjects related to data management, as well as
This data management information sheet regulates the data management of the following websites:
https://www.egyedikepregeny.hu/en/ and is based on the content specification above. The information is available from the following page: https://www. uniquekepregeny.hu/en/adatkezelesi-tajekozato
Amendments to the prospectus will take effect upon publication at the above address.
Interpretive concepts
Data subject/User: any natural person identified or – directly or indirectly – identified on the basis of personal data; personal data: data that can be associated with the data subject – especially the data subject’s name, identification mark, and one or more physical, physiological, mental, economic, cultural or social characteristics of the data subject – as well as the conclusion about the data subject that can be drawn from the data; data controller: the natural or legal person or organization without legal personality who, independently or together with others, determines the purpose of data management, makes and implements decisions regarding data management (including the device used), or has them implemented by the data processor commissioned by it; data management: regardless of the procedure used, any operation performed on the data or the set of operations, including in particular the collection, recording, recording, organization, storage, change, use, query, transmission, disclosure, coordination or connection, locking, deletion and destruction, and preventing further use of the data, taking photographs, audio or video recordings, and recording physical characteristics suitable for identifying the person (e.g. fingerprint or palm print, DNA sample, iris image); data processing: performing technical tasks related to data management operations, regardless of the method and tool used to perform the operations, as well as the place of application, provided that the technical task is performed on the data; data processor: a natural or legal person, or an organization without legal personality, who processes data on the basis of the contract with the data controller, including the conclusion of a contract based on the provisions of the law; data protection incident: unlawful handling or processing of personal data, including in particular unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as accidental destruction and damage.
Data management related to online store operation
CXII of 2011 on the right to information self-determination and freedom of information. On the basis of Article 20 (1) of the Act, the following must be defined as part of the data management related to the operation/operation of the webshop:
- a) the fact of data collection,
- b) the range of stakeholders,
- c) purpose of data collection,
- d) duration of data management,
- e) the identity of potential data controllers authorized to access the data,
- f) description of the rights of data subjects related to data management.
The fact of data collection, the scope of processed data and the purpose of data management:
– Surname and first name: Necessary for making contact, making purchases and issuing regular invoices.
-E-mail address: Contact, more efficient negotiation of questions related to invoicing or delivery.
-Invoicing name and address: Issuing the legal invoice, creating the contract, defining its content, modifying it, monitoring its performance, invoicing the resulting fees, and asserting related claims.
-Delivery name and address: Enabling home delivery.
-Date of purchase/registration: Execution of a technical operation.
– IP address at the time of purchase/registration: Execution of a technical operation.
-In the case of the e-mail address, it is not necessary that it contain personal data.
Scope of stakeholders: All stakeholders registered/purchased on the website of the online store.
Duration of data management, deadline for data deletion: After finalizing the purchase, the personal photos required for the comic will be kept for 14 days, after which they will be permanently deleted. Except in the case of accounting documents, as this data must be kept for 8 years based on § 169 (2) of Act C of 2000 on accounting.
The accounting documents directly and indirectly supporting the bookkeeping (including ledger accounts, analytical and detailed records) must be kept in legible form for at least 8 years, in a way that can be retrieved by reference to the accounting records.
Personal photos are used only and exclusively for the creation of the comic book. It will not be passed on to third parties. The completed comics can be used for marketing activities with the prior consent of the customer.
Person of possible data controllers entitled to access the data: Personal data can be handled by the sales and marketing staff of the data controller, in compliance with the above principles.
Description of the data processing rights of the data subjects: The following data can be modified on the websites: surname and first name, e-mail address, telephone number, shipping address, shipping name, billing address, billing name. The data subject can initiate the deletion or modification of personal data in the following ways: by e-mail to the e-mail address info@uniquecomic.com.
Legal basis for data management: User’s consent, Infotv. Paragraph (1) of § 5, and CVIII of 2001 on certain issues of electronic commerce services and services related to the information society. Act (hereinafter: Elker Law) 13/A. Section (3):
For the purpose of providing the service, the service provider may process the personal data that is technically absolutely necessary for the provision of the service. If the other conditions are the same, the service provider must choose and in any case operate the tools used in the provision of services related to the information society in such a way that personal data is only processed if this is absolutely necessary for the provision of the service and the fulfillment of other objectives defined in this law necessary, but also in this case only to the extent and for the necessary time.
Management of cookies
CXII of 2011 on the right to information self-determination and freedom of information. based on Section 20 (1) of the Act, the following must be defined as part of the cookie data management of the online store website
- a) the fact of data collection,
- b) the range of stakeholders,
- c) purpose of data collection,
- d) duration of data management,
- e) the identity of potential data controllers authorized to access the data,
- f) description of the rights of data subjects related to data management.
Cookies typical for online stores are the so-called “cookie used for a password-protected session”, “cookies required for the shopping cart” and “security cookies”, the use of which does not require prior consent from the data subjects.
The fact of the data management, the scope of the managed data: Unique identification number, dates, times
Scope of stakeholders: All stakeholders visiting the website.
Purpose of data management: Identification of users, registration of the “shopping basket” and tracking of visitors.
Duration of data management, deadline for deleting data: In the case of session cookies, the duration of data management lasts until the end of visiting the websites, while in other cases it lasts a maximum of 100 days.
The person of the possible data controllers entitled to access the data: The data controller does not manage personal data through the use of cookies.
Description of data processing rights of data subjects: The data subject has the option to delete cookies in the Tools/Settings menu of browsers, usually under the settings of the Data Protection menu item.
Legal basis for data management: Consent from the data subject is not required if the sole purpose of using cookies is the transmission of information via an electronic communication network or if the service provider absolutely needs it to provide a service related to the information society specifically requested by the subscriber or user.
Data transfer
CXII of 2011 on the right to information self-determination and freedom of information. based on Article 20 (1) of the Act, the following must be defined as part of the data transmission activity of the webshop website:
- a) the fact of data collection,
- b) the range of stakeholders,
- c) purpose of data collection,
- d) duration of data management,
- e) the identity of potential data controllers authorized to access the data,
- f) description of the rights of data subjects related to data management.
The fact of data management, the scope of the managed data.
The scope of the transmitted data in order to carry out the delivery: Delivery name, delivery address, telephone number.
Scope of stakeholders: All stakeholders who order the product.
Purpose of data management: Production of the ordered product and delivery by email
Duration of data management, deadline for data deletion: It lasts until the digital product is sent.
Customer relations and other data management
If a question arises when using our data management services, or if the data subject has a problem, you can contact the data manager using the methods provided on the website (telephone, e-mail, social media sites, etc.).
The data controller processes received e-mails, messages, on the phone, on Facebook, etc. data provided, together with the name and e-mail address of the interested party, as well as other voluntarily provided personal data, will be deleted after a maximum of 2 years from the date of data communication.
We provide information on data management not listed in this information when the data is collected.
The Service Provider is obliged to provide information, communicate and transfer data, and make documents available in the event of an exceptional official inquiry, or in the event of an inquiry by other bodies based on the authorization of the law.
In these cases, the Service Provider only releases personal data to the requester – if he has specified the exact purpose and the scope of the data – to the extent and to the extent that is absolutely necessary to achieve the purpose of the request.
Data security
The data controller plans and executes the data management operations in such a way as to ensure the protection of the privacy of the data subjects.
The data controller ensures the security of the data (protection with a password, antivirus, SSL encryption), takes the technical and organizational measures and develops the procedural rules that are necessary to enforce the Info tv. and other data and confidentiality rules.
In particular, the data controller protects the data with appropriate measures
unauthorized access,
the change
the transmission,
disclosure,
deletion or destruction,
accidental destruction and damage,
against becoming inaccessible due to changes in the technology used.
The data controller ensures with a suitable technical solution that the data stored in the registers cannot be directly linked and assigned to the data subject.
In order to prevent unauthorized access to personal data, changes and unauthorized disclosure or use of data, the data manager ensures:
on the establishment and operation of the appropriate IT and technical environment,
on the controlled selection and supervision of employees participating in the provision of services,
on issuing detailed operating, risk management and service procedures.
Based on the above, the service provider ensures that the data it manages
be available to the right holder,
its authenticity and authentication are ensured,
its invariance can be verified,
The data controller and its storage provider’s IT system protects, among other things
computer fraud,
spying
computer viruses,
spam,
the hacks
and against other attacks.
Rights of data subjects
The data subject may request the Service Provider to provide information about the handling of his personal data, may request the correction of his personal data, and may request the deletion or blocking of his personal data – with the exception of mandatory data management.
At the request of the data subject, the data controller provides information about the data subject’s data managed by it or processed by the data processor commissioned by it or at its disposal, its source, the purpose, legal basis, duration of data processing, the name and address of the data processor and its activities related to data processing, the circumstances of the data protection incident , its effects and the measures taken to prevent them, and – in the case of forwarding the data subject’s personal data – the legal basis and recipient of the data transfer.
The data controller – if it has an internal data protection officer, through the internal data protection officer – keeps a register for the purpose of checking the measures related to the data protection incident and informing the data subject, which includes the scope of personal data concerned, the scope and number of those affected by the data protection incident, the date of the data protection incident , its circumstances, its effects and the measures taken to prevent it, as well as other data specified in the law that prescribes data management.
In order to verify the legality of the data transmission and to inform the data subject, the data controller keeps a data transmission register, which contains the date of transmission of the personal data it manages, the legal basis and recipient of the data transmission, the definition of the scope of the transmitted personal data, as well as other data specified in the legislation requiring data management.
At the request of the User, the Service Provider provides information about the data it manages, its source, the purpose, legal basis, duration of the data management, the name, address and activities related to the data management of any data processor, as well as – in the case of forwarding the data subject’s personal data – the legal basis and recipient of the data transfer. The service provider shall provide the information in writing in an understandable form as soon as possible, but no later than 25 days after the submission of the request. The information is free.
If the personal data does not correspond to the reality and the personal data corresponding to the reality is available to the data controller, the service provider will correct the personal data.
Instead of deletion, the Service Provider blocks the personal data if the User requests this, or if, based on the available information, it can be assumed that the deletion would harm the User’s legitimate interests. Locked personal data can only be processed as long as the data management purpose that precluded the deletion of personal data exists.
The Service Provider deletes the personal data if its processing is illegal, the User requests it, the processed data is incomplete or incorrect – and this situation cannot be legally remedied – provided that the deletion is not precluded by law, the purpose of the data management has ceased, or the storage of the data is defined by law the deadline has expired, it was ordered by the court or the National Data Protection and Freedom of Information Authority.
The data controller shall mark the personal data it manages if the data subject disputes its correctness or accuracy, but the incorrectness or inaccuracy of the disputed personal data cannot be clearly established.
The data subject and all those to whom the data was previously transmitted for the purpose of data management must be notified of the correction, blocking, marking and deletion. The notification can be omitted if this does not harm the legitimate interests of the data subject in view of the purpose of the data management.
If the data controller does not comply with the data subject’s request for correction, blocking or deletion, within 25 days of receiving the request, the data controller shall notify the factual and legal reasons for rejecting the request for correction, blocking or deletion in writing. In case of rejection of the request for correction, deletion or blocking, the data controller informs the data subject of the possibility of legal remedies in court, as well as the possibility of turning to the Authority.
Legal remedy
The user may object to the processing of his personal data if
the processing or transmission of personal data is necessary only to fulfill the legal obligation of the Service Provider, or to enforce the legitimate interests of the Service Provider, the data recipient or a third party, unless the data processing is mandated by law;
personal data is used or forwarded for the purpose of direct business acquisition, public opinion polls or scientific research;
in other cases specified by law.
The service provider examines the objection as soon as possible, but no later than 15 days after the submission of the application, makes a decision on its validity, and informs the applicant of its decision in writing. If the Service Provider determines that the protest of the person concerned is well-founded, it will terminate the data management – including further data collection and data transmission – and block the data, as well as notify all those to whom the personal data affected by the protest was previously transmitted about the protest and the measures taken based on it. and who are obliged to take measures to enforce the right to protest.
If the User does not agree with the decision made by the Service Provider, he/she may appeal to the court within 30 days of its notification. The court acts out of order.
You can file a complaint with the National Data Protection and Freedom of Information Authority against possible violations of the data controller:
National Data Protection and Freedom of Information Authority
1125 Budapest, Szilágyi Erzsébet fasor 22/C.
Mailing address: 1530 Budapest, PO Box: 5.
Telephone: +36 -1-391-1400
Fax: +36-1-391-1410
E-mail: ugyfelszolgalat@naih.hu
Court enforcement
The data controller is obliged to prove that the data management complies with the provisions of the law. The data recipient is obliged to prove the legality of the data transfer.
Adjudication of the lawsuit falls within the jurisdiction of the court. At the choice of the data subject, the lawsuit can also be initiated before the court of the data subject’s place of residence or residence.
A person who otherwise does not have legal capacity can be a party to the lawsuit. The Authority can intervene in the lawsuit in order to win the case for the person concerned.
If the court approves the request, it obliges the data controller to provide information, correct, block, delete the data, annul the decision made by automated data processing, take into account the data subject’s right to protest, and release the data requested by the data recipient.
If the court rejects the data recipient’s request, the data controller is obliged to delete the data subject’s personal data within 3 days from the notification of the judgment. The data manager is obliged to delete the data even if the data recipient does not apply to the court within the specified deadline.
The court may order the publication of its judgment – by publishing the identification data of the data controller – if it is required by the interests of data protection and the protected rights of a larger number of stakeholders.
Compensation and damages
If the data controller violates the data subject’s right to privacy by illegally handling the data subject’s data or violating data security requirements, the data subject may demand damages from the data controller.
The data controller is liable to the data subject for the damage caused by the data processor, and the data controller is also obliged to pay the data subject the damages due in the event of a privacy violation caused by the data processor. The data controller shall be released from responsibility for the damage caused and from the obligation to pay compensation if it proves that the damage or the violation of the privacy rights of the data subject was caused by an unavoidable cause outside the scope of data management.
The damage does not have to be compensated and no compensation can be claimed if the damage resulted from the intentional or grossly negligent behavior of the injured party or the violation of the right to privacy.
Clause
During the preparation of the information, we paid attention to the following legislation:
CXII of 2011 Act – on the right to self-determination of information and freedom of information (hereinafter: Infotv.)
CVIII of 2001 Act – on certain issues of electronic commercial services and services related to the information society (mainly § 13/A)
XLVII of 2008 law – on the prohibition of unfair trade practices towards consumers;
XLVIII of 2008 Act – on the basic conditions and certain limitations of economic advertising (especially § 6.a)
XC of 2005. Act on Electronic Freedom of Information
Act C of 2003 on electronic communications (specifically § 155.a)
16/2011. s. Opinion on the EASA/IAB Recommendation on Best Practices for Behavioral Online Advertising
The recommendation of the National Data Protection and Freedom of Information Authority on the data protection requirements of prior information
This site uses cookies
Some pages of údikakepregeny.hu use cookies in order to provide a higher quality service. While browsing the údikakepregeny.hu website, you agree to the use of cookies based on your browser settings. If you visit our site and the use of cookies is enabled in your browser, you accept our terms, according to which cookies are enabled on the site.
It is possible to change the use of cookies in the browser settings.
What are cookies?
Cookies are small data files that the browser places on the user’s computer or other type of device (e.g. smartphone, tablet). Among other things, cookie files collect information, remember the individual settings of the visitor and facilitate the use of the website for users. They usually contain the name of the website from which they originate, as well as their validity period and values. On the next visit, the browser will automatically read the cookie data. Cookies themselves do not collect data stored on your computer or in files, the cookies we use do not damage your computer.
Why do we use cookies?
The use of cookies is necessary for the sake of our appropriate and continuously developing services, so that they are tailored to your interests. The websites of údikakepregeny.hu may contain permanent and temporary cookies. Temporary, it only collects information while they are on the site. Persistent cookies, on the other hand, remain on your device until they expire or are modified (deleted). The period for which the data is stored depends on the type of cookie.
We use different types of cookies on our site:
Performance cookies
With the help of these cookies, we collect statistical data about how our websites are used. This is technical information, on the basis of which we know which links were clicked on the website, which page was opened last and similar. These types of cookies help us analyze and develop our pages in terms of their content and appearance. If these cookies are not allowed, unfortunately we cannot guarantee that the site will function flawlessly.
Basic cookies
These data files ensure the functionality of our website, such as online payment. Basic cookies include e.g. comment on the login, repeated login without re-entering the password, automatic filling of some fields. Without these cookies, we cannot provide our services, which form the basis of our websites. If these cookies are not allowed, unfortunately we cannot guarantee that the site will function flawlessly.
Functional cookies
Functional cookies are not absolutely necessary, but they help in the development of our websites. It remembers the settings approved on the previous visit, e.g. content layout and the like so that you don’t have to set it up again. With the help of these cookies, we determine whether some of our services have already been published, and we also transmit current information from your environment, of course only if you agree to the sharing of such data. It depends only on your settings to use this type of cookies, but if you turn it off, you may miss services that may be of interest to you.