Barion Pixel
Weboldalunk használatával jóváhagyja a cookie-k használatát a Cookie-kkal kapcsolatos irányelv értelmében.
Menu
Your are here: > Home >

Privacy Statement

Privacy Statement

The subject of these provisions is Caffecaps Hungary Kft. (registered office: 1141 Budapest, Pered utca 25. , registration authority: Cégbríósága of the Capital Court, company registration number: 01-09-384846 , tax number: 25966127-2-42 , hereinafter "Service Provider"), by the following website groups operated: https://caffecaps.myshoprenter.hu/ (hereinafter "Website") definition of data protection and data management principles and practices (hereinafter "Data Management Information").

In particular, the legal provisions taken into account when creating the Data Management Notice:

  1. CXII of 2011 on the right to information self-determination and freedom of information. law (hereinafter: Law);
  2. VI of 1998 on the promulgation of the Convention on the Protection of Individuals during the Machine Processing of Personal Data dated January 28, 1981 in Strasbourg. law;
  3. Act C of 2003 on electronic communications.

The purpose of this Data Management Notice is to ensure that the rules regarding the handling of personal data in all areas of the Service Provider's online services are ensured for all individuals, without discrimination of any kind (gender, race, religion, etc.), that their fundamental rights are respected by machine or manual processing of their personal data during. The Service Provider recognizes the contents of the Data Management Information as binding for itself.

Definitions

  • personal data: data that can be associated with the data subject, in particular the data subject's name, identification mark, and one or more physical, physiological, mental, economic, cultural or social characteristics of the data subject, as well as the conclusion about the data subject that can be drawn from the data;
  • consent: the voluntary and firm declaration of the data subject's will, which is based on adequate information, and with which he gives his unequivocal consent to the processing of his personal data - in full or covering certain operations;
  • Objection: the statement of the data subject objecting to the processing of their personal data and requesting the termination of data processing or the deletion of processed data;
  • data controller: the natural or legal person or organization without legal personality who, or which independently or together with others determines the purpose of data management, makes and implements decisions regarding data management (including the device used), or has them implemented by the data processor;
  • data management: regardless of the procedure used, any operation performed on the data, or the set of operations, including in particular the collection, recording, recording, organization, storage, change, use, query, transmission, disclosure, coordination or connection, locking, deletion and destruction, as well as preventing further use of the data, taking photographs, audio or video recordings, and recording physical characteristics suitable for identifying the person (e.g. fingerprints or palm prints, DNA samples, iris images);
  • data transfer: making the data available to a specific third party;
  • disclosure: making the data available to anyone;
  • data deletion: making data unrecognizable in such a way that their recovery is no longer possible;
  • data designation: providing the data with an identification mark for the purpose of distinguishing it;
  • data blocking: providing the data with an identification mark for the purpose of limiting its further processing permanently or for a specified period of time;
  • data processing: performing technical tasks related to data management operations, regardless of the method and tool used to perform the operations, as well as the place of application, provided that the technical task is performed on the data;
  • data processor: the natural or legal person or organization without legal personality who, or on the basis of which contract – including contracts concluded pursuant to the provisions of the law – processes data;
  • data controller: the body performing a public task, which produced data of public interest that must be published electronically, or whose operation generated this data;
  • data provider: the body performing a public task, which - if the data controller does not publish the data himself - publishes the data provided by the data controller on the website;
  • data file: the totality of the data managed in one register;
  • third party: a natural or legal person, or an organization without legal personality, who or which is not the same as the data subject, the data manager or the data processor;
  • EEA state: a member state of the European Union and another state that is a party to the Agreement on the European Economic Area, as well as the state whose citizen is the European Union and its member states, as well as a state that is not a party to the Agreement on the European Economic Area, on the basis of the European Economic Area He enjoys the same legal status as a citizen of a state party to the Territorial Agreement;
  • third country: any state that is not an EEA state.

The Data Management Principles of the Service Provider

Personal data can be processed if

  • the person concerned consents to it, or
  • it is ordered by law or - based on the authority of the law, within the scope defined therein - by a local government decree for a purpose based on public interest.

Personal data can only be processed for specific purposes, in order to exercise rights and fulfill obligations. All stages of data management must comply with this purpose.

Only personal data that is essential for the realization of the purpose of data management and suitable for achieving the purpose can be processed. Personal data can only be processed to the extent and for the time necessary to achieve the purpose.

The Service Provider undertakes to plan and implement the data management operations in such a way as to ensure the protection of the privacy of the data subjects.

The Service Provider ensures the security of the data and takes the technical and organizational measures, develops the procedural rules, which are necessary to enforce the law and current data and privacy protection rules.

The Service Provider undertakes to protect the data against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as against accidental destruction and damage, as well as against becoming inaccessible due to changes in the technology used.

The Service Provider's IT system is protected against computer-assisted fraud, computer viruses and hacking. The Service Provider and the operator of its IT system ensure security with server-level and application-level protection procedures.

The Service Provider may transfer personal data to a data controller engaged in data management in a third country, or transfer it to a data processor engaged in data processing in a third country, if the data subject has expressly consented to it, or the conditions for data management stipulated in the law exist and the transferred data is managed in the third country, and an adequate level of protection of personal data is ensured during its processing.

Data transfer to the EEA states must be considered as data transfer within the territory of Hungary.

The rights of those concerned and their enforcement

Information, correction and deletion of data

The data subject can apply to the Service Provider:

  • information about the management of your personal data,
  • correcting your personal data, as well as
  • deletion or blocking of your personal data.

At the request of the data subject, the Service Provider provides information about the data subject's data managed by it or processed by the data processor commissioned by it, its source, the purpose, legal basis, duration of the data processing, the name and address of the data processor and its activities related to data processing, and - forwarding the data subject's personal data in case of - on the legal basis and recipient of the data transmission.

The Service Provider keeps a data transfer register for the purpose of checking the legality of the data transfer and informing the data subject, which includes the date of transfer of the personal data managed by it, the legal basis and recipient of the data transfer, the definition of the scope of the transferred personal data, as well as other data specified in the legislation requiring data management.

The duration of the obligation to preserve the data in the data transfer register - and, based on this, the obligation to provide information - may be limited by the legislation prescribing data management.

In the case of personal data, a period of less than five years cannot be established within this limitation. The Service Provider is obliged to provide the information in writing at the request of the data subject in an understandable form as soon as possible, but no later than 30 days after the submission of the request.

The Service Provider may refuse to provide information to the data subject only if permitted by law. The Service Provider is obliged to inform the data subject of the reason for refusing to provide information. In case of refusal to provide information, the Service Provider informs the affected person of the possibility of legal remedies in court, as well as the possibility of turning to the National Data Protection and Freedom of Information Authority (hereinafter: the Authority).

If the personal data does not correspond to the reality, and the personal data corresponding to the reality is available to the Service Provider, the personal data will be corrected by the Service Provider.

Personal data must be deleted if

  • handling is illegal;
  • the data subject requests;
  • is incomplete or incorrect - and this state cannot be legally corrected - provided that deletion is not precluded by law;
  • the purpose of data management has ceased, or the statutory period for data storage has expired;
  • it was ordered by the court or the Authority.

The Service Provider marks the personal data it manages if the data subject disputes its correctness or accuracy, but the incorrectness or inaccuracy of the disputed personal data cannot be clearly established.

The Service Provider shall refrain from notifying the data subject of the correction, blocking, marking and deletion, if this does not harm the legitimate interest of the data subject in view of the purpose of the data management.

The affected user has the right to request the correction or deletion of their incorrectly recorded data at any time. The data subject can correct some of his data on the Website; in other cases, the Service Provider will delete the data within 3 (three) working days from the receipt of the request, in which case they will not be recoverable. The deletion does not apply to data processing required by law (e.g. accounting regulations), the Service Provider will keep them for the necessary period.

If the Service Provider does not comply with the request for rectification, blocking or deletion of the data subject, within 30 days of receiving the request, the Service Provider shall notify the factual and legal reasons for rejecting the request for rectification, blocking or deletion in writing. In case of rejection of the request for correction, deletion or blocking, the Service Provider informs the person concerned of the possibility of legal remedies in court and of turning to the Authority.

Objection to the processing of personal data

The Service Provider undertakes and accepts that the data subject may object to the processing of his personal data. The Service Provider accepts that, in the event of a protest, it will provide written information in the manner specified in the Act and according to the procedure within 15 days of the submission of the request.

In this statement, the Service Provider informs the data subject that he/she can appeal to the court against the Service Provider's decision or failure to make a decision in the manner specified in the Act and within the time limit.

Court enforcement

In the event of a violation of their rights, as well as in the event of non-fulfilment or inadequate fulfillment of objections to the processing of personal data, the data subject may apply to court against the Service Provider. The court acts out of sequence in the case.

The Service Provider is obliged to prove that the data management complies with the provisions of the law.

Adjudication of the lawsuit falls within the jurisdiction of the court. At the choice of the data subject, the lawsuit can also be initiated before the court of the data subject's place of residence or residence. The Authority can intervene in the lawsuit in order to win the case for the person concerned.

If the court approves the request, it obliges the Service Provider to provide the information, correct, block, delete the data, annul the decision made through automated data processing, take into account the right of objection of the data subject, and release the data requested by the data recipient.

The court may order the publication of its verdict - by publishing the identification data of the Service Provider - if it is required by the interests of data protection and the rights of a larger number of stakeholders protected by this law.

Other data protection information

Purpose of data management

The Service Provider processes personal data in particular to achieve the following goal:

  • Registration in the webshop
  • Newsletter subscription
  • Question to customer service
  • Posting to the forum

Registration in the webshop

Registration is not necessary to view information about the product, but it is necessary if the Website visitor wants to buy or order the product immediately or just inquires about a product. The Service Provider processes the following data during registration.

E-mail address, Surname, Surname, Phone number, Shipping address, Billing name, billing address

These data are necessary so that the Service Provider can deliver the ordered goods to the customer (who is also the data subject). If the customer (the person concerned) does not receive the goods at the Service Provider's premises, the data will be forwarded. You can read more about data transfer in the section "To whom and in what form data is transferred".

Subscribe to the newsletter When subscribing to the newsletter, the Service Provider manages the following data:

Full name, e-mail address

The Service Provider pays particular attention to the legality of the use of the electronic mail addresses it manages, so it only uses them in the manner specified below to send (informational or advertising) e-mails.

The management of e-mail addresses primarily serves the purpose of identifying the data subject, maintaining contact during the fulfillment of orders and the use of services, so e-mails are sent primarily for this purpose.

The Service Provider sends letters containing advertisements or advertisements (newsletters) to the electronic mail addresses provided during registration only with the express consent of the person concerned, in cases and in a manner that complies with legal requirements. The person concerned can unsubscribe from the newsletter at any time, using the link at the bottom of the newsletter.

Question to customer service. Our customer service uses a so-called ticket system designed for this purpose. This system processes the questions asked through the Website.

The system manages the following data:

Full name, e-mail address

Posting to the forum

In the notebook-alkatresz.hu web store, stakeholders can comment on the products and product categories in many places. They must then provide the following information: Nickname, e-mail address

How can personal data be accessed, updated and deleted?

The Service Provider enables the affected parties to permanently terminate communication with the Service Provider, i.e. to delete them from the database ahead of time. This does not apply to financial documents and invoices that may have already been issued.

You can request deletion in the following way:

  • By phone, e-mail, in person.
  • You can unsubscribe from the newsletter by clicking on the "subscribe from newsletter" link at the bottom of the newsletter.

Legal basis for data management

In order to use some of the Service Provider's services available through the Website, the person concerned must fill out a registration form or a contact form. Filling out the registration form and the contact form is voluntary. The Service Provider is entitled to manage and use the information and data provided by the data subject during the registration or filling out the contact form in order to achieve the goals of the legal relationship that the data subject wishes to establish with him or possibly already exist between them, and taking into account its rules, or use them in any way.

The person entitled to data management and data processing, the circle of those entitled to access the data, data transfer

Current employees of the Service Provider.

In addition, the following data controllers in connection with the Service Provider, with whom the Service Provider cooperates in order to provide maximum customer service. These are the following:

Electronic invoicing

Számlázz.hu (headquarters: 2000 Szentendre, Táltos u. 22/b) They ensure that the invoice is always prepared in accordance with the current accounting laws. Our company prepares an electronic invoice by default, however, the customer can always request a paper-based invoicing method (further information: https://www.szamlazz.hu).

Personal data to be forwarded: Billing name, billing address

Courier services

GLS Courier Service. (headquarters: 2351 Alsónémedi GLS Európa u. 2.) They ensure us that the goods are delivered to their destination according to the customer's needs, and that the goods are delivered from the customer to our premises (more information: https://gls-group.eu/HU/hu/) .

Personal data to be forwarded: E-mail, Surname, Surname, Telephone number, Shipping address, Billing name, billing address

Pick Pack Point - Magyar Lapterjesztó Zrt. (Head office: 1097 Budapest, Táblás u 32.) They ensure that the ordered goods are delivered to the pick-up point chosen by the customer in accordance with the customer's needs (further information: https://www.sprinter .hu/).

Personal data to be transferred: E-mail, Surname, Surname, Telephone number, Shipping address, Billing name, billing address

Facebook

CXII of 2011 on the right to information self-determination and freedom of information. based on Article 20 (1) of the Act, the following must be defined as part of the data transmission activity of the webshop website:

  1. the fact of data collection,
  2. the range of stakeholders,
  3. purpose of data collection,
  4. the duration of data management,
  5. the identity of possible data controllers authorized to access the data,
  6. description of the rights of data subjects related to data management.

The fact of the data collection, the scope of the processed data: the name registered on the social networking site Facebook.com, and the public profile picture of the user.

Scope of stakeholders: All stakeholders who have registered on the social networking site Facebook.com and liked the website.

Purpose of data management: Sharing and liking certain content elements, products, promotions, or the website itself on Facebook.com.

Duration of data management : the identity of the possible data managers authorized to access the data and the description of the rights of the data subjects in relation to data management: You can find information about the source of the data, its management, the method of transfer and its legal basis at http://www.facebook.com/about/privacy/ affected.

Data management takes place on the Facebook.com website , so the duration and method of data management, as well as the options for deleting and modifying data, are governed by the regulations of the facebook.com community website: ( http://www.facebook.com/legal/terms ), ( http://www.facebook.com/about/privacy/ )

The legal basis for data management: the voluntary consent of the concerned person to the processing of his personal data on the Facebook.com website.

Google Analytics

The Visitor data of the online store is measured by the Service Provider using the Google Analytics service. When using the service, data is transmitted. The transmitted data are not suitable for identifying the data subject. More information on Goggle's data protection principles can be found here: http://www.google.hu/policies/privacy/ads/

Product searcher

For the  operation of the www.arukereso.hu  (Naspers OCS Hungary Kft., 1074 Budapest, Rákóczi út 70-72., Tax number: 24868291-2-42, Company registration number: 01-09-186759) Trusted Shop Program , after purchases made here the customer's e-mail address and the name of the product purchased by him will be forwarded to arukereso.hu. Purpose of data transfer: request and display customer feedback. Naspers OCS Hungary Kft. handles the personal data transmitted in this way in accordance with the Data Protection and Data Management Policy of www.arukereso.hu.

Online payment

The Service Provider maintains a relationship with the following companies that enable online payment, however, the Service Provider does not share personal data with these companies, nor does it store payment-related financial, bank and credit card information:

Barion: Provides online bank card acceptance for the Service Provider.

Barion: The Service Provider does not share personal data with the barion system, nor does it receive personal information from the barion system.

If you upload your personal data to the Website, we consider that you have consented to the transfer of data to all the data controllers described in this data management information. We would like to point out that we have no influence on whether the companies that have access to your data comply with the legal provisions on the protection of personal data.

If you do not agree with the transfer of data, please contact our store in person!

The Service Provider is not responsible for the legal data management of companies that have a customer relationship with the Service Provider, as well as for the online data transfer, which are vulnerable to network threats with an unfair purpose or criminality, regardless of the data transfer protocol used. However, we can assure you that, in our capacity as data controller, we will do everything we can to ensure that you can fully exercise your right to self-determination of information. If you would like to receive more information about the data processing carried out by the persons or organizations affected by the data transfer, please contact the respective data controller directly.

Using Google Ads conversion tracking

The Data Controller uses the online advertising program called "Google Ads", and also uses Google's conversion tracking service within its framework. Google conversion tracking is an analysis service of Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; hereinafter: Google).

When a user accesses a website through a Google ad, a cookie required for conversion tracking is placed on their computer. The validity of these cookies is limited and they do not contain any personal data, so the user cannot be identified by them.

When the user browses certain pages of the Website and the cookie has not yet expired, both Google and the Data Controller can see that the user has clicked on the ad.

Each Google Ads customer receives a different cookie, so they cannot be tracked through the websites of Ads customers.

The information - obtained with the help of conversion tracking cookies - serves the purpose of creating conversion statistics for Ads' customers who choose conversion tracking. In this way, clients are informed about the number of users who click on their ad and are redirected to a page with a conversion tracking tag. However, they do not get access to information that could identify any user.
The fact of the data management, the scope of the managed data: E-mail address, which is encrypted and pseudonymized during the service, so that their personal data character is lost. More information: 
https://support.google.com/adwords/answer/6334160

Scope of stakeholders: All stakeholders registered and browsing the Website.
Purpose of data management: Publishing targeted Google ads to users.
Duration of data management, deadline for data deletion: Data processing lasts until the withdrawal of the consent statement.

When using conversion tracking tools, we do not provide any identifiable data to Google, but if you are logged into other Google services while browsing www.notebook-alkatresz.hu, Google, as the data controller, can identify you and record your activity on our site. More information about personalized ads is available here:  https://safety.google/privacy/ads-and-data/ 

If you do not want to participate in conversion tracking, you can refuse this by disabling the installation of cookies in your browser. After that, you will not be included in the conversion tracking statistics.

Further information and Google's data protection declaration are available at  
www.google.de/policies/privacy/

Remarketing and retargeting

There are also cookies that give you the opportunity to repeatedly display the products you are interested in. Google and Facebook use such cookies.

SMA Rendszerház kft uses remarketing tools, on the basis of which, after browsing www.notebook-alkatresz.hu, visitors may be shown unique content related to the products or services of www.notebook-alkatresz.hu when browsing other Google websites (remarketing). When using remarketing tools, we do not provide any identifiable data to Google, however, if you are logged into other Google services while browsing www.notebook-alkatresz.hu, Google, as the data controller, can identify you and record your activity on our site. More information about personalized ads is available here:  https://safety.google/privacy/ads-and-data/ 

SmartLook

The Data Controller uses the online user behavior analysis program called "SmartLook". The SmartLook analysis program is an  analysis service of Smartlook.com, s.r.o.  (head office: Šumavská 524/31, Veveří, 602 00 Brno; hereinafter: SmartLook).

When a user visits the website, a cookie necessary for analytics is placed on his computer. The validity of these cookies is limited and they do not contain any personal data, so the user cannot be identified by them.

Each SmartLook customer receives a different cookie, so they cannot be tracked.

The information - which is recorded with the help of analysis cookies - serves the purpose of enabling the Data Controller to better understand and improve the operation of the website and the customer experience. However, they do not get access to information that could identify any user. More information on data security:  https://help.smartlook.com/en/articles/3244454-data-security

What are cookies and how are they used?

CXII of 2011 on the right to information self-determination and freedom of information. on the basis of § 20 (1) of the Act, the following must be defined as part of the cookie data management of the webshop website:

  1. the fact of data collection
  2. range of stakeholders
  3. purpose of data collection
  4. the duration of data management
  5. the person of the possible data controllers entitled to access the data
  6. description of the rights of data subjects related to data management

A cookie is a method used by web servers to determine how a particular user uses a website. There are two types of cookies:

  • persistent cookie
  • cookie stored for the duration of the session

Permanent cookies are stored for as long as the time specified by the web server when sending the cookie to the browser. These cookies are used to store status data between each visit to the website.

Session-only cookies only store state data for one session. These cookies are stored in the cache only for as long as the user is connected to the web server that issued the cookie valid for the duration of the session, and are deleted from the cache after the session ends.

Cookies issued for the duration of the session are often used because without them, a web store becomes "inoperable". The Service Provider only uses cookies created in connection with the session. When using the "Store user ID" option, the Service Provider's system creates a persistent cookie on your computer.

Cookies are small text files placed on your computer by websites you visit. Websites use cookies to help users navigate efficiently and perform certain functions. Cookies necessary for the proper functioning of the website can be set without your permission. All other cookies must be approved before they can be set in your browser.

  • Strictly necessary cookies . Strictly necessary cookies enable basic website functions such as user login and account management. The website cannot be used properly without absolutely necessary cookies.
  • Performance cookies . Performance cookies are used to see how visitors use the website, e.g. analytical cookies. These cookies cannot be used to directly identify a particular visitor.
  • Targeting cookies . Targeting cookies are used to identify visitors between different websites, e.g. content partners, banner networks. These cookies can be used by companies to build a profile of visitor interests or to display relevant advertisements on other websites.
  • Functionality cookies . Functionality cookies are used to remember website visitor data, e.g. language, time zone, enhanced content.
  • Unclassified cookies . Uncategorized cookies are cookies that do not belong to another category or are being categorized.

You can change your consent to the use of cookies below.

Search