Privacy Policy

Privacy Policy

The COMPANY (hereinafter: Service Provider, data controller) submits itself to the following prospectus.

On the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Regulation (EC) No 95/46 (General Data Protection Regulation) REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 2016 27.) we provide the following information.

This data management information regulates the data management of the following pages: reach.co.hu

The data management information is available on the following page: reach.co.hu/datvatelmelm declaration

Amendments to the prospectus will take effect upon publication at the above address.

Data controller and contact details:

Name: Ózi József

Head office: H-2120 Dunakeszi, Ungvár u. 24th

E-mail: info@reach.co.hu

Phone: +36/20 312 7325

Contact details of the Data Protection Officer:

Name: Ózi József

Head office: H-2120 Dunakeszi, Ungvár u. 24th
E-mail: info@reach.co.hu
Phone: +36/20 312 7325

Concept definitions

1. "Personal data" means any information relating to an identified or identifiable natural person ("data subject"); identify a natural person who, directly or indirectly, in particular by an identifier such as name, number, location, online identifier or one or more factors relating to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person identified;

1. "Processing" means any operation or set of operations on personal data or files, whether automated or non-automated, such as the collection, recording, systematisation, sorting, storage, transformation or alteration, retrieval, consultation, use, communication, transmission or otherwise harmonization or interconnection, restriction, deletion or destruction;

1. "Controller" means the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of the processing are determined by Union or Member State law, the controller or the specific criteria for the designation of the controller may also be determined by Union or Member State law;

1. "Processor" means any natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller;

1. "Recipient" means a natural or legal person, public authority, agency or any other body to whom personal data are disclosed, whether a third party or not. Public authorities that may have access to personal data in the framework of an individual investigation in accordance with Union or Member State law shall not be considered as recipients; the processing of such data by those public authorities must comply with the applicable data protection rules in accordance with the purposes of the processing;

1. "Consent of the data subject" means a voluntary, specific and well-informed and unambiguous statement of the data subject's intention to indicate his or her consent to the processing of personal data concerning him or her by means of a statement or an act which unequivocally confirms the confirmation;

1. "Data protection incident" means a breach of security which results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or unauthorized access to, personal data which have been transmitted, stored or otherwise handled.

Principles for the processing of personal data

Personal information:

1. be processed lawfully and fairly and in a way that is transparent to the data subject ("legality, fairness and transparency");
2. collected only for specified, explicit and legitimate purposes and not treated in a way incompatible with those purposes; in accordance with Article 89 (1), further processing for archiving purposes in the public interest, for scientific and historical research purposes or for statistical purposes ("purpose limitation") shall not be considered incompatible with the original purpose;
3. they must be appropriate and relevant to the purposes of the data processing and limited to what is necessary ("data saving");
4. they must be accurate and, where necessary, kept up to date; all reasonable steps must be taken to ensure that personal data which are inaccurate for the purposes of the processing are erased or rectified without delay ("accuracy");
5. it must be stored in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for a longer period only if the personal data are processed in accordance with Article 89 (1) for archiving in the public interest, for scientific and historical research purposes or for statistical purposes, in accordance with this Regulation; subject to the implementation of appropriate technical and organizational measures to protect its freedoms ("limited storage capacity");
6. shall be processed in such a way as to ensure adequate security of personal data, including protection against unauthorized or unlawful processing, accidental loss, destruction or damage to personal data ("integrity and confidentiality"), using appropriate technical or organizational measures.

The controller is responsible for compliance with the above and must be able to demonstrate such compliance ("accountability").

Data Treatments

Data management related to the operation of a web store

1. Fact of data collection, scope of data processed and purpose of data management :

Neither your username nor your email address is required to contain personal information.

1. Stakeholders: All stakeholders registered / buyers on the webshop website.

1. Duration of data management, deadline for deleting data: By deleting the registration immediately. Except in the case of accounting documents, as these data must be kept for 8 years pursuant to Section 169 (2) of Act C of 2000 on Accounting.

The accounting document (including general ledger accounts, analytical and detailed records) directly and indirectly supporting the accounting records must be kept in a legible form for at least 8 years, retrievable by reference to the accounting records.

1. Identity of potential data controllers, recipients of personal data : Personal data may be processed by the data controller's sales and marketing staff, subject to the above principles.

1. Description of data subjects' rights in relation to data processing:

• The data subject may request from the controller access to, rectification, erasure or restriction of the processing of personal data concerning him or her, and
• may object to the processing of such personal data, and
• the data subject has the right to data portability and to withdraw his or her consent at any time.

1. Access to, deletion, modification or restriction of the processing of personal data, portability of data, protest against data processing can be initiated by the data subject in the following ways:

• by e-mail to the e-mail address info@reach.co.hu

1. Legal basis for data management:

• Consent of the data subject, Article 6 (1) (a), Infotv. Section 5 (1),

• Act CVIII of 2001 on certain issues of electronic commerce services and information society services. Act (hereinafter: Elker Act) 13 / A. § (3):

The service provider may process the personal data that are technically necessary for the provision of the service in order to provide the service. If the other conditions are the same, the service provider must choose and in all cases operate the means used in the provision of the information society service in such a way that personal data is processed only if it is necessary for the provision of the service and other purposes specified in this Act. necessary, but in this case only to the extent and for the time necessary.

• Article 6 (1) (c) if the invoice is issued in accordance with accounting legislation.

1. We inform you that

• data management is your consent
• and provide personal information so we can fulfill your order.
• Failure to provide information will result in consequences that we will not be able to process your order.

The data processors used

Transport

1. Activity of data processing: Delivery of goods, transportation

1. Name and contact details of the data processor::

TNT Express Hungary Kft. – Budapest, Ecseri út 14,

tnt@tnt.hu/ + 06 8031 3131

1. The fact of data management, the scope of the managed data: Delivery name, delivery address, telephone number, e-mail address.

1. Stakeholders: All stakeholders requesting home delivery.

1. Purpose of data management: Home delivery of the ordered product.

1. Duration of data management, deadline for deleting data: It lasts until the home delivery is completed.

1. Legal basis of the data processing: the User's consent, Article 6 (1) (a), Infotv. Section 5 (1).

Hosting provider

1. Activity of data processing: Hosting services
2. Name and contact details of the data processor::

1. Fact of data management, scope of data processed: All personal data provided by the data subject.

1. Stakeholders: All stakeholders who use the website.

1. The purpose of data management: To make the website available and to operate it properly.

1. Duration of data processing, deadline for deletion of data: The data processing lasts until the termination of the agreement between the data controller and the hosting provider, or until the data subject's request for deletion to the hosting provider.

1. The legal basis of the data processing: the User's consent, the Infotv. Section 5 (1), Article 6 (1) (a) and Article CVIII of 2001 on certain issues of electronic commerce services and information society services. Act 13 / A. § (3)

Management of cookies

1. Webshop-specific cookies are so-called “passwords used for password-protected sessions,” “shopping cart cookies,” and “security cookies,” the use of which does not require prior consent from those involved.

1. The fact of data management, the scope of data managed: Unique identification number, dates, times

1. Stakeholders: All stakeholders who visit the website.

1. The purpose of data management: To identify users, record a “shopping cart” and track visitors.

1. Duration of data management, deadline for deleting data:

1. Identity of potential data controllers entitled to access the data: The data controller does not process personal data using cookies.

1. Description of the data subjects' rights related to data management: The data subject has the possibility to delete cookies in the Tools / Settings menu of browsers, usually under the settings of the Privacy menu item.

1. Legal basis for data processing: The consent of the data subject is not required if the sole purpose of the use of cookies is the transmission of communications via the electronic communications network or the provision of an information society service specifically requested by the subscriber or user.

Apply Google Analytics

1. This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses so-called "cookies", which are text files placed on your computer, to help the website analyze how users use the site.

1. The information generated by the cookies associated with the website used by you will normally be stored and stored on a Google server in the USA. By activating IP anonymization on the Website, Google will shorten the User's IP address within the Member States of the European Union or in other States party to the Agreement on the European Economic Area.
2. The full IP address will only be transmitted to and truncated to Google's server in the U.S. in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate how the user has used the website, to provide the website operator with reports on website activity and to provide additional services related to website and internet usage.
3. Within the framework of Google Analytics, the IP address transmitted by the User's browser is not reconciled with other data of Google. The User may prevent the storage of cookies by setting their browser appropriately, however, please note that in this case, not all functions of this website may be fully available. You may also prevent Google from collecting and processing your information about your use of the Website (including your IP address) by cookies by downloading and installing the browser plugin available at the following link. https://tools.google.com/dlpage/gaoptout?hl= en

Complaint Handling

1. Fact of data collection, scope of data processed and purpose of data management :

1. Stakeholders: All stakeholders who buy on the webshop website and complain about quality complaints.

1. Duration of data processing, deadline for erasure of data: Copies of the record, transcript and response to the objection are included in the CLV Act 1997 on Consumer Protection. Act 17 / A. § (7) shall be kept for 5 years.

1. Identity of potential data controllers, recipients of personal data : Personal data may be processed by the data controller's sales and marketing staff, subject to the above principles.

1. Description of data subjects' rights in relation to data processing:

• The data subject may request from the controller access to, rectification, erasure or restriction of the processing of personal data concerning him or her, and
• may object to the processing of such personal data, and
• the data subject has the right to data portability and to withdraw his or her consent at any time.

1. Access to, deletion, modification or restriction of the processing of personal data, portability of data, protest against data processing can be initiated by the data subject in the following ways:

by email: info@reach.co.hu

1. Legal basis for data processing : consent of the data subject, Article 6 (1) (c), Infotv. Section 5 (1) and CLV of 1997 on consumer protection. Act 17 / A. § (7).

1. We inform you that

• providing personal information on a contractual obligation
• the processing of personal data is a prerequisite of the contract.
• and provide personal information so we can handle your complaint.
• Failure to provide information will result in consequences that we will not be able to handle your complaint.

Possibility to complain

Complaints against possible breaches of the data controller can be lodged with the National Data Protection and Freedom of Information Authority:

National Data Protection and Freedom of Information Authority

1125 Budapest, Szilágyi Erzsébet fasor 22/C.

Mailing address: 1530 Budapest, Mailbox: 5.

Phone: +36 -1-391-1400

Fax: +36-1-391-1410

E-mail: ugyfelszolgalat@naih.hu

Closing Remarks

During the preparation of the prospectus, we took into account the following legislation:

• On the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Regulation (EC) No 95/46 (General Data Protection Regulation) REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 2016 27.)
• annual CXII. Act - on the right to information self-determination and freedom of information (hereinafter: Infotv.)
• annual CVIII. Act - on certain issues of electronic commerce services and services related to the information society (especially Section 13 / A)
• annual XLVII. Act on the Prohibition of Unfair Commercial Practices against Consumers;
• annual XLVIII. Act - on the basic conditions and certain restrictions of commercial advertising (especially § 6)
• annual XC. Electronic Freedom of Information Act
• Act C of 2006 on Electronic Communications (specifically § 155)
• 16/2011. s. Opinion on the EASA / IAB Recommendation on Best Practices for Behavioral Online Advertising
• Recommendation of the National Authority for Data Protection and Freedom of Information on data protection requirements for prior information
• Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46