Buda, XII. district, Istenhegy

GDPR

Summary

  • Personal data is only collected in accordance with the law.
  • Your personal data will be processed and stored as securely as possible.
  • Your data will only be used in connection with your orders (communication, quotation, invoicing)
  • This information will only be disclosed to third parties with your consent
    • if you want to take advantage of the extra guarantees offered by manufacturers
    • if you wish to collect or deliver the product by courier
  • We only contract with business partners who also guarantee the protection of personal data.
    • accountant: invoicing tasks
    • website administrator: technical operations (software updates, backups)
    • staff: contact, information, billing,
  • After identification, you can request clarification of the data stored at any time.
  • After identification, you may request the deletion of your personal data at any time in accordance with the legal conditions.

The person responsible for data protection matters:

Dr. Andrea Spisák
+36 (30) 289-2805

For ease of reference, the Privacy Notice is also linked by keyword

 

Introduction

This website is operated by its operator in accordance with the following legislation:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council (on the processing of personal data)
  • Act CXII of 2011 (on the Right to Informational Self-Determination and Freedom of Information)

Purpose of the processing

The purpose of data processing is to enable visitors to use the website to access additional services. You cannot register on the website, but you can use the contact form to request information or place an order in accordance with the Terms and Conditions.

You can give your consent to the processing of your personal data by deliberately ticking the "checkbox" on the contact forms on the website. This checkbox will always be placed above the "Submit" button and the text next to it will clearly indicate that it refers to the Privacy Notice and the GTC.

If you provide us with additional personal data by e-mail or telephone after contacting us, we will also process it in accordance with this privacy statement. You can request that it be modified or deleted

Persons and undertakings responsible for data management

The owner and operator of this website (hereinafter referred to as the Data Controller)

Dr. Andrea Spisák
+36 (30) 289-2805
Adószám:
székhely: 1125 Bp Istenhegyi út 54/c 
email: andrea.spisak@gmail.com

The hosting provider of the website: (hereinafter referred to as the Site Provider)

Sybell Informatika Kft.
1158 Budapest, Késmárk u. 7/B 2. em. 206.
25859502-2-42
01-09-293034
+36 1 707 67 26
hello@sybell.hu

The information you provide is stored by the Hosting Service on its own servers and cannot be disclosed to third parties. The Hosting Provider will continuously upgrade its servers and ensure the necessary security settings are in place to ensure that the data stored on the servers is as secure as possible.

The website will be structured and maintained by the website administrator on the basis of instructions from the Data Controller in accordance with the legal requirements. The administrator may be the Data Controller itself, its employees or a subcontractor under a contract of engagement. The administrator has declared that he/she will not make a copy of the personal data stored in the database of the website, will not carry out marketing activities with it and will not disclose it to third parties without authorisation.

The personal data processed

The fact of data collection, the scope of data processed and the purpose of data management

Significant data Purpose of the processing
Last and first name To contact us, make a purchase and issue a proper invoice.
Phone number Keep in touch, coordinate billing or delivery issues more efficiently.
E-mail address Keep in touch, coordinate billing or delivery issues more efficiently.
Census name, address The issuing of proper invoices, as well as the creation, definition, modification, monitoring of the performance of the contract, invoicing of the fees arising from it, and the enforcement of claims related thereto.
Delivery address Enabling home delivery.
Time of sending Execute a technical operation.
IP address when sending messages Execute a technical operation.

Stakeholders: visitors to the website

Give, Change, Delete consent

Consent to the processing of your data: by accepting this Privacy Notice and the Terms and Conditions, you consent to the processing of your personal data. By accepting this Privacy Policy, you authorise the Data Controller to transfer your personal data in connection with your orders to its contractual partners (brand agencies, courier services) for the purpose of processing deliveries and complaints.

You can clearly indicate your consent (to the processing of your personal data) by "ticking" the "checkbox" section of the contact forms. This is always located above the "Submit" buttons and contains clear text indicating your acceptance of the Privacy Notice and the Terms and Conditions.

Forms can only be sent if you give your consent. If you do not send the completed form, none of the data provided will be stored by the system, and will not be seen or retained by the Data Controller.

Requesting your own personal data: you have the right to request your personal data stored by the Data Controller, provided that you can prove beyond reasonable doubt that the request is justified. Please indicate your request in writing by sending an e-mail to the e-mail address of the Data Controller from the e-mail address you have previously provided.

Concepts

Respondent/User:
any natural person identified or identifiable, directly or indirectly, on the basis of personal data;

personal data:
data that can be associated with the data subject, in particular the name, the identification mark and one or more factors specific to the physical, physiological, mental, economic, cultural or social identity of the data subject, and the inference that can be drawn from the data concerning the data subject;

controller:
the natural or legal person or unincorporated body which, alone or jointly with others, determines the purposes for which the data are to be processed, takes and executes decisions regarding the processing (including the means used) or has them executed by a processor on its behalf;

Controlling of data:
any operation or set of operations which is performed upon data, regardless of the procedure used, in particular any collection, recording, recording, organisation, storage, alteration, use, consultation, disclosure, transmission, alignment or combination, blocking, erasure or destruction of data, prevention of their further use, taking of photographs, audio or video recordings, or any physical characteristics which are capable of identifying a person (e.g. fingerprints, palm prints, DNA samples, iris scans);

processing:
the performance of technical tasks related to data processing operations, irrespective of the method and means used to perform the operations and the place of application, provided that the technical task is performed on the data;

processor:
a natural or legal person or an unincorporated body which, under a contract with a controller, including a contract concluded pursuant to a legal provision, processes data;

Privacy incident:
the unlawful handling or processing of personal data, in particular unauthorised access, alteration, disclosure, disclosure, erasure or destruction, as well as accidental destruction or damage.

Cookie / Cookie

The data controller uses so-called cookies during your visit to the website. Cookies contain a unique identifier - a secret, randomly generated string of characters - that our website sends to your browser to save certain settings, facilitate the use of our website and help us to collect some relevant, statistical information about our visitors. Cookies do not contain personal information and are not used to identify individual users. Some cookies are deleted after the website is closed and some are stored on your computer for a longer period of time.

Legal background and legal basis for cookies:The legal basis for data processing is the provisions of Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information (Infotv.) and Act CVIII of 2001 on certain issues of electronic commerce services and information society services. In accordance with Article 5 (1) (a) of the Privacy Act, the data processing is based on your consent.

Required cookie: this type of cookie is essential for certain features to work properly while you are using the website.

Functional cookie: this cookie improves the functionality of the website by remembering your preferences and settings.

The cookie responsible for managing website statistics: this type of cookie collects information about the use of the website, but does not collect any information that identifies the visitor. So they work with completely general, anonymous information. The lifetime of this type of cookie is limited to the duration of the session only.

Google, Facebook

Google acts as a data processor for Google Analytics. This is also stated in the Google Ads Data Processing Agreement, which is available to all Google Analytics customers who have a direct contract with Google.

Google Analytics is a data processor under the GDPR because Google Analytics collects and processes data on behalf of its customers, under the instructions of those customers. Our clients are the data controllers and they reserve all rights in relation to the collection, access, retention and deletion of data at any time. Google may only use the data in accordance with the terms of the contracts with Google Analytics customers and the settings provided by customers in the interface of its products.

Google Analytics collects internal cookies, device/browser information, IP addresses and activity on the website/application. This data is collected so that it can be used to measure and statistically report on the actions taken by users on websites and/or applications that use Google Analytics.

Further details on Google's services " can be found HERE" .

Facebook: The purpose of data collection and processing on social networking sites is to share or "like" certain content, products, promotions or the website itself. The Facebook privacy policy " can be found HERE" .

Rights in relation to data management

Right to request information
You can request information from us via the contact details provided about what data our company processes, on what legal basis, for what purpose, from what source and for how long. Upon your request, we will send you information without delay, but within 30 days at the latest, to the e-mail address you have provided.

Right to rectification
You can ask us to rectify any of your data using the contact details provided. Upon your request, we will do so promptly, but within 30 days at the latest, by sending you an email to the email address you have provided.

Right to erasure
You can ask us to erase your data using the contact details provided. Upon your request, we will do so promptly, but within 30 days at the latest, and we will send you information to the e-mail address you have provided.

Right to blocking
You can ask us to block your data using the contact details provided. The blocking will last as long as the reason you have given us makes it necessary to store the data. Upon your request, we will do so promptly, but within 30 days at the latest, and we will send you an email to the email address you have provided.

Right to object
You may object to the processing of your data by using the contact details provided. The objection will be examined within the shortest possible time from the date of the request, but not later than 15 days, and a decision will be taken on the merits of the objection, and you will be informed of the decision by e-mail.

Remedy

Users may object to the processing of their personal data if

  • the processing or transfer of personal data is necessary solely for the fulfilment of a legal obligation to which the Service Provider is subject or for the purposes of the legitimate interests pursued by the Service Provider, the data recipient or a third party, unless the processing is required by law;
  • use or disclosure of personal data for direct marketing, public opinion polling or scientific research purposes;
  • other cases specified by law.

The service provider shall examine the objection within the shortest possible time from the date of the request, but not later than 15 days, decide whether the objection is justified and inform the applicant in writing of its decision. If the Service Provider establishes that the objection of the data subject is justified, it shall terminate the processing, including further recording and transmission of data, and block the data, and notify the objection and the measures taken on the basis of the objection to all those to whom the personal data concerned by the objection were previously transmitted and who are obliged to take action to enforce the right to object.

If the User does not agree with the decision of the Service Provider, he/she may appeal against it to the court within 30 days from the date of its notification. The court shall act out of turn.

Complaints against possible violations by the data controller can be lodged with the National Authority for Data Protection and Freedom of Information:

National Authority for Data Protection and Freedom of Information
1125 Budapest, Szilágyi Erzsébet fasor 22/C.
Postal address: 1530 Budapest, P.O. Box 5.
Telefon: +36 -1-391-1400
Fax: +36-1-391-1410
E-mail: ugyfelszolgalat@naih.hu

Limit

When preparing this information we have taken into account the following legislation:
Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information (hereinafter: the Information Act),
Act CVIII of 2001. törvény – az elektronikus kereskedelmi szolgáltatások, valamint az információs társadalommal összefüggő szolgáltatások egyes kérdéseiről (főképp a 13/A. §-a)
2008. évi XLVII. törvény – a fogyasztókkal szembeni tisztességtelen kereskedelmi gyakorlat tilalmáról;
2008. Act XLVIII of 2005 - on the basic conditions and certain restrictions on commercial advertising activities (in particular § 6 thereof)
Act XC of 2005 on the freedom of electronic information
Act C of 2003 on electronic communications (specifically § 155.§-Article 155 of the C.L. Act on the Protection of Individuals with regard to the Processing of Personal Data
16/2011 on the EASA/IAB Recommendation on best practices in behavioural online advertising
Recommendation of the National Authority for Data Protection and Freedom of Information on data protection requirements for prior information

References

"After the session, I felt a sense of peace and clarity I hadn’t experienced in years. Andi’s gentle yet powerful methods helped me release long-carried emotional burdens and reconnect with my own strength."

"During the AstroSophia reading, I gained a completely new perspective on my life. The messages from the stars and Andi’s explanations touched me deeply and helped me understand why events unfolded as they did. It was truly a life-changing experience for me."