Barion Pixel

Privacy policy

Zsolt Paragh e.v. / inoya.hu (hereinafter referred to as the "Data Controller") Privacy Policy and Data Management.
(Page was automatically translated, in case of any legal disputes the Hungarian version shall be considered as a prevailing one.)


1. Purpose of the Rules

The purpose of this Policy is to set out the data protection and processing principles applied by the Data Controller and the data protection and processing policy which the Data Controller recognises as binding on itself.

2. Legislation

Its data management principles comply with the applicable legislation on data protection, in particular the following:

  • Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information;
  • Act V of 2013 - on the Civil Code;
  • Act CXIX of 1995 on the processing of name and address data for the purposes of research and direct marketing.
  • Act CLV of 1997 - on Consumer Protection ;
  • Act XIX of 1998 - on criminal procedure ;
  • Act C of 2000 - on accounting ;
  • Act CVIII of 2001 - on certain aspects of electronic commerce services and information society services ;
  • Act C of 2003 - on electronic communications ;
  • Act XLVIII of 2008 - on the basic conditions and certain restrictions of economic advertising activities ,
  • Act LXVI of 1992 on the registration of personal data and addresses of citizens
  • Act LXIII of 1992 on the protection of personal data and the disclosure of data of public interest.

The Data Controller may engage in the business of sending parcels in accordance with the law.

The purpose of this Policy is to ensure that in all areas of the services provided by the Data Controller, all individuals, regardless of their nationality or place of residence, are guaranteed that their rights and fundamental freedoms, in particular their right to privacy, are respected when their personal data are processed by automated means (data protection).

3. Definitions

Personal data: data that can be associated with a specific natural person (hereinafter referred to as "data subject"), the inference that can be drawn from the data concerning the data subject. Personal data shall retain this quality during processing for as long as the link with the data subject can be re-established;

Data processing: the collection, recording and storage, processing, utilisation (including transmission and disclosure) and erasure of personal data, irrespective of the process used. Processing also includes altering data and preventing their further use;

Data Controller: Tócóskert square 2. 4/25., Debrecen, 4031


Processing of data: the performance of processing operations, technical tasks, regardless of the method and means used to perform the operations and the place of application;

Transfer: when the data are made available to a specified third party;

Disclosure: when data are made available to any person;


Data processor: a natural or legal person or unincorporated body that processes personal data on behalf of the controller;

Data deletion: rendering data unrecognisable in such a way that their recovery is not possible;

Automated data file: a set of data that is processed automatically;

Machine processing: includes the following operations, when carried out in whole or in part by automated means: storage of data, logical or arithmetical operations on data, alteration, deletion, retrieval and dissemination of data.


4. Scope of personal data processed

Data which may be provided at the user's choice: e-mail address, telephone number, name, place of residence/residence

5. Legal basis, purposes and methods of processing

The data processing is based on the voluntary, duly informed declaration of the users of the Internet content on the inoya.hu website, which, by accepting the General Terms and Conditions, includes the express consent of the users to the use of their personal data provided during the use of the website. The legal basis for data processing is the voluntary consent of the data subject pursuant to Article 3 (1) (a) of Act LXIII of 1992 on the Protection of Personal Data and the Disclosure of Data of Public Interest (Avtv.).

The purpose of data processing is to ensure the provision of services available under the URL of the Data Controller.

The Controller shall not use the personal data provided for purposes other than those described in these points. Unless otherwise required by law, the disclosure of personal data to third parties or public authorities shall only be possible with the prior express consent of the user.

The Controller does not control the personal data provided to it. The person providing the data is solely responsible for the correctness of the data provided. By providing an e-mail address, any user also accepts responsibility for the fact that he/she is the only one to receive services from the e-mail address provided. With regard to this responsibility, any liability for access to the service from an e-mail address is the sole responsibility of the user who registered the e-mail address.

6. Principles of data management

Data must be obtained and processed fairly and lawfully.

Data must be stored only for specified and lawful purposes and must not be used in any other way.

The data must be proportionate to, and compatible with, the purpose for which it is stored and may not go beyond that purpose.

The means of storing the data must be such as to permit identification of the data subject only for the time necessary for the purpose for which the data are stored.

Appropriate security measures should be taken to protect personal data stored in automated data files against accidental or unlawful destruction or accidental loss, and against unlawful access, alteration or dissemination.


7. The data protection policy applied

The Data Controller uses personal data that are indispensable for the use of the Data Controller's services on the basis of the consent of the data subjects and only for the purposes for which they are collected.

The Data Controller undertakes to process the data in its possession in accordance with the Data Protection Act and the data protection principles set out in this Policy and not to transfer them to third parties. An exception to this is the use of data in aggregated statistical form, which may not contain the name of the user concerned or any other identifiable data in any form.

In certain cases, the Data Controller may make available to third parties the accessible data of the user concerned in the event of a formal judicial or police request, legal proceedings for infringement or reasonable suspicion of infringement of copyright, property rights or other rights, or for the purpose of prejudicing the interests of the Data Controller, endangering the provision of its services, etc.

The Data Controller's system may collect data on the activity of users, which cannot be linked to other data provided by users at the time of registration, nor to data generated by the use of other websites or services.

The Data Controller undertakes to publish a clear, prominent and unambiguous notice informing users of the method, purpose and principles of data collection before any data of users is collected, recorded or processed. In addition, in all cases where the collection, processing or recording of data is not required by law, the Data Controller shall draw the user's attention to the voluntary nature of the data provision. In the case of mandatory provision of data, the legal provision imposing the processing shall also be indicated. The data subject shall be informed of the purposes of the processing and of the persons who will process the data. The information on the processing shall also be provided where the law provides for the inclusion of data by transfer or linking from existing processing.


In all cases where the Data Controller intends to use the data provided for purposes other than those for which they were originally collected, the Data Controller shall inform the user thereof and obtain his or her prior explicit consent or give him or her the opportunity to object to such use.

The Data Controller shall in any case comply with the restrictions laid down by law in the collection, recording and processing of data and shall inform the data subject of its activities by electronic mail, as requested by the data subject. The Data Controller undertakes not to impose any sanctions on a user who refuses to provide non-compulsory data.

The Data Controller undertakes to ensure the security of the data, to take technical and organisational measures and to establish procedural rules to ensure that the data recorded, stored or processed are protected and to prevent their destruction, unauthorised use or unauthorised alteration. It also undertakes to require any third party to whom it may transfer or disclose the data to fulfil its obligations in this respect.


8. Duration of processing

The processing of personal data provided by the user will continue until the user unsubscribes from the service with the given user name. The date of deletion shall be 10 working days from the date of receipt of the user's unsubscription (request for deletion). In the event of unlawful or fraudulent use of personal data or in the event of a criminal offence or system attack committed by the user, the Data Controller is entitled to delete the data immediately upon termination of the user's registration, but in the event of suspicion of criminal offence or civil liability, the Data Controller is also entitled to retain the data for the duration of the proceedings to be conducted.

The personal data provided by the user, even if the user does not unsubscribe from the service, may be processed by the Data Controller until the user explicitly requests in writing that the processing of such data be terminated. A user's right to request the cessation of processing without unsubscribing from the service does not affect his/her right to request the service, but he/she may not be able to use certain services without personal data. Data will be deleted within 10 working days of receipt of the request.

Data which are automatically and technically recorded during the operation of the system will be stored in the system for a period of time from the moment they are generated which is reasonable for the purposes of ensuring the functioning of the system. The Data Controller shall ensure that these automatically recorded data cannot be linked to other personal user data, except in cases required by law. If the user has withdrawn his/her consent to the processing of his/her personal data or has unsubscribed from the service, his/her identity will no longer be identifiable from the technical data.

9. Processing of personal data

Changes to personal data or requests for the deletion of personal data may be communicated by means of an express written statement sent by letter via the internal mail system of the service. The sending of newsletters may be cancelled in writing or by replying to the newsletter.

Once a request for deletion or modification of personal data has been fulfilled, the previous (deleted) data can no longer be restored.

10. Data processing

The Data Controller also uses a separate external data processor. Barion Payment Zrt. uses cookies to collect data about visits; information about what is clicked on, which product/service the visitor is interested in or about abandoned orders. Data is collected to build models of visitor behaviour and to create personalised offers and digital advertisements. The aim is to display relevant ads to visitors about products they are really interested in. Barion Payment Ltd. manages the information itself or passes it on to its contracted media and advertising partners.

Data processing partners

as a user to Barion Marketing Cloud and Barion Pixel:

  • DataMe Kft. 1118 Budapest, Ugron Gábor utca 35.
  • DataMe Kft., 1118 Budapest, Ugron Gábor utca 35.
  • Dentsu Hungary Kft., 1027 Budapest, Kacsa utca 15-23.
  • GroupM, 1123 Budapest, Alkotás utca 53.
  • Matterkind CEE, 1082 Budapest, Vajdahunyad utca 41.
  • Vodafone Hungary, 1096 Budapest, Lechner Ödön fasor 6.


11. Possibility of data transfer

The Data Controller is entitled and obliged to transmit to the competent authorities any personal data at its disposal and stored by it in accordance with the law, which it is required to transmit by law or by a final and binding obligation of a public authority. The Controller shall not be held liable for such transfers and the consequences thereof.

If the Data Controller transfers the operation or use of the content service on inoya.hu in whole or in part to a third party, the Data Controller may transfer the data processed by it to such third party for further processing without requesting a separate consent. This transfer of data may only serve to ensure the continuity of the registration of users who have already registered, but may not place the user in a more disadvantageous position than the data management and data security rules specified in the current version of this data management policy.


12. Amendments to the Privacy Policy

The Controller reserves the right to amend this Privacy Policy at any time by unilateral decision. Following the amendment of the Privacy Policy, all users shall be informed in an appropriate manner (newsletter, login pop-up). By continuing to use the service, users acknowledge the changed Privacy Policy and no further consent is required.


13. Rights of users in relation to their personal data processed by the controller

Users may request information about the processing of their personal data from the Data Controller at any time in writing, by registered or certified mail sent to the address of the Data Controller or by e-mail to contact@inoya.hu. Requests for information sent by e-mail shall be considered authentic by the Controller only if they are sent from the registered e-mail address of the user. The request for information may cover the data of the user processed by the controller, the purpose, legal basis and duration of the processing, the names and addresses of any data processors, the activities related to the processing, as well as who has received or is receiving the user's data and for what purpose.

The controller shall reply to any query regarding the processing within 8 working days of receipt. In the case of e-mail, the date of receipt shall be deemed to be the first working day following the sending of the e-mail.


14. Enforcement options

Legal remedies and complaints may be lodged with the National Authority for Data Protection and Freedom of Information:

  • Name: National Authority for Data Protection and Freedom of Information
  • Headquarters.
  • Postal address: 1530 Budapest, PO Box 5.
  • Phone: +36 1 391 1400
  • Fax: +36 1 391 1410
  • E-mail: ugyfelszolgalat@naih.hu
  • Website: http://www.naih.hu


For any questions or comments related to data management, you can also contact the Data Controller's staff at contact@inoya.hu.

Close
Click for more products.
No products were found.

Menu

Share

QR code

Settings

Click for more products.
No products were found.

Please sign in first.

Sign in