Privacy Policy

PRIVACY POLICY

marcomartely.com

data management information

in relation to data management on the website

Gy. Pálné Szabó E.V. (Headquarters: 6800 Hódmezővásárhely, Kölcsey 33.) (hereinafter: Data Controller), as the operator of the marcomartely.hu website (hereinafter: Webshop or Store), regarding the protection of the processing of personal data of natural persons and the free flow of such data in connection with data management in the Webshop , and provides the following information in accordance with REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (April 27, 2016) on the repeal of Directive 95/46/EC (hereinafter referred to as the Regulation or GDPR).

The data management information is available on the marcomartely.com website.

We reserve the right to unilaterally modify this Notice at any time. Thus, as a Data Controller, we are entitled (but not obliged) to inform the affected parties of the amendment by sending a system message when this notice is modified. You are a data subject, and you are entitled to exercise your rights related to data management as written in this information sheet and in the laws in force at all times.

Amendments to the information are published on the website.

We respect the privacy of our webshop visitors and those interested in our products, therefore we only collect and process information that is essential for the purposes defined in this information.

The use of the website and our services is completely voluntary, so any necessary personal data can be used on a voluntary basis. In some cases, we exercise our right to process personal data on the basis of our legitimate interest, supported by an interest assessment test.

Governing Laws

When creating the provisions of the Information, we took into account Regulation 2016/679 of the European Parliament and the Council (“General Data Protection Regulation”, hereinafter referred to as Regulation or GDPR), CXII of 2011 on the right to self-determination of information and freedom of information. Act (“Infotv”), Act V of 2013 on the Civil Code (“Ptk”), and Act XLVIII of 2008 on the basic conditions and certain limitations of economic advertising. the provisions of the Act (“Grtv.”).

When compiling the information, we also took into account the recommendation of the National Data Protection and Freedom of Information Authority on the data protection requirements of prior information.

Who are we?

Pálné Gy. Szabó E.V., as Data Controller, can be reached in connection with the following data protection rights in the following ways:

Headquarters: 6800 Hódmezővásárhely, Kölcsey 33.

Represented by: Pál Gy. Szabó

Email: info@marcomartely.hu

Phone: +36 / 70 / 636-6634

The data controller has not appointed a data protection officer.

What do we do?

We dreamed up our business in 2019, as we believe that a perfume can also be personalized. We sell individually branded, perfume-filled air fresheners. If you are interested in us and want to join our mission as a reseller, feel free to contact us at our contact details so that we can get in touch with you as soon as possible.

What do we collect and why?

Registration

You can also use our webshop as a registered user. In this case, in order to facilitate the use and transparency of the webshop and to ensure the comfort of our customers, under the My Account menu item, we manage the information related to your most recent orders, the shipping and billing addresses you provided, your last and first name, the name you provided to be displayed when writing a comment, your e-mail address, password, and technical data recorded during registration, such as the IP address that may have been recorded during registration, as well as the date ofregistration.

We process your data recorded in your registration account based on your consent, registration is not mandatory, it is also possible to shop in our webshop without registration.

We will cancel your registration at your request, and we will process your data for the duration of your registration.

Buying

When shopping in the Webshop, if you are a natural person or self-employed customer, we process the following data for the purpose of fulfilling the contract:

name, e-mail address, phone number, postal code, city, address, delivery address, name of the product you want to buy, quantity, chosen payment method, and your comment about the order. After entering the data, you send your data to us by pressing the “Done: Send order” button, for which specific order we receive additional log data, which are also considered personal data, such as the IP address and time of sending.

 

We process your data for the purpose of fulfilling the contract concluded in the Webshop, fulfilling warranty and guarantee claims related to the contract, and maintaining contact with you.

The legal basis for processing the data processed for the purpose of fulfilling the order:

Article 6 (1) point b) of the Regulation, data management is necessary to fulfill the contract

Duration of data management: the time required to fulfill the contract, maximum the statute of limitations for civil claims (5 years).

The legal basis for the processing of personal data processed for the purpose of fulfilling accounting obligations: the fulfillment of the legal obligation of the Data Controller (GDPR Article 6 (1) point (c)).

Duration of data management: 8 years in order to fulfill the obligation to preserve accounting documents (Számv. act. § 169. (2)).

We would like to draw your attention to the fact that if you do not provide us with data that is necessary for concluding a contract in the Webshop or is based on legislation, it is possible that the Data Controller will not be able to conclude a contract with you or will not be able to fulfill it.

Contact details

If you purchase on behalf of your company, we process your name, telephone number, and e-mail address under the legal title of legitimate interest for the purpose of maintaining contact and exercising the rights and obligations arising from the contract concluded with your company. Taking into account that you are employed or have another legal relationship with the company that has entered into a contract with us, this data management does not adversely affect your rights as a data subject. The data you provide will be processed until the contract is fulfilled.

Customer relations and other data management

If you have any questions or problems while viewing our website or placing your order, you can contact us via the methods specified on the website, by phone, e-mail, on our social media pages, etc. you can contact us.

Received e-mails, messages, phone calls, on Facebook, etc. the data you provide, including your name and e-mail address, as well as other voluntarily provided personal data, will be deleted no later than 2 years after the data was provided.

In the course of our service, data processing not listed in this information sheet may occur. In such cases, when the data is collected, we provide written information – in exceptional cases orally – about how, for what purpose, on what basis we will process your data during the current data collection, how long we will keep it and what rights you have in relation to data management.

We are obliged to provide information, communicate and transfer data, and make documents available in the case of an exceptional official request, or in the case of requests from other bodies based on the authorization of the law.

In these cases, if the requester has indicated the exact purpose and the scope of the data, we will only disclose personal data to the extent and to the extent that is absolutely necessary to fulfill the purpose of the request.

Community sites

We keep in touch with you on social media sites, so we can see your name registered on the Facebook/Instagram social media sites, as well as your user’s public profile picture, if you have registered on these social media sites and allowed this to the operator of the social media site in your settings. Data management takes place on social networking sites, so the duration and method of data management, as well as the options for deleting and modifying data, are governed by the regulations of the respective social networking site.

Who receives your data?

Your personal data can be processed by our colleagues, as well as those data processors who have entered into a written data processing contract with us as a data controller.

Your data can be processed by our employees, data processors and their direct employees only to the extent necessary to achieve the purpose of data management and for the period provided by the legal basis.

The data processors do not make independent decisions, they are only entitled to act according to the contract concluded with us as the Data Controller, and according to the instructions they receive. As Data Controllers, we control the work of our data processors. Data processors are only entitled to use additional data processors with our consent.

Data processors used by the data controller:

Hosting service:

Name: ITM Creative Group Kft.

Address: 1027 Budapest, Margit körút 48,

Storage location: 1132 Budapest Victor Hugo utca 18-22,

Contact: +36 30 592 00 99 / kocsis.norbert@zoneit.hu

Responsible person: Norbert Kocsis

Delivery company:

Magyar Posta Zrt.

Headquarters: 1138 Budapest, Dunavirág utca 2-6,

Company registration number: 01-10-042463,

Tax number: 10901232-2-44,

Mailing address: 1540 Budapest, website: www.posta.hu

 

Security of data management

We protect your data, in particular against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as against accidental destruction and damage. As a Data Controller, together with the operators of the server, we take care of data security with technical, organizational and organizational measures that provide a level of protection corresponding to the risks associated with data management.

 

What rights do you have?

As a Data Subject, you can request information about the management of your personal data, as well as request the correction or deletion of your personal data at any of our contact points, with the exception of data processing mandated by law.

Upon request, we provide information about the data we manage, the purpose, legal basis, duration of the data processing, the name, address (headquarters) of the data processor and its activities related to the data processing, as well as who receives or received the data and for what purpose.

We are obliged to provide the information in writing, in an understandable form, free of charge, as soon as possible after submitting the request, but no later than within 1 month.

If the Data Controller does not take measures following your request without delay, but at the latest within one month from the receipt of the request, it will inform you of the reasons for the failure to take action, as well as the fact that you can file a complaint with a supervisory authority and exercise your right to judicial redress.

We are also obliged to correct inaccurate personal data.

Personal data will be deleted if its processing is illegal, if the data subject requests it, if it is incomplete or incorrect – and this state cannot be legally corrected – provided that the deletion is not prohibited by law, if the purpose of the data management has ceased, the statutory period for storing the data has expired, or it has been ordered by the court or the data protection authority.

We will notify the person concerned about the correction and deletion, as well as all those to whom we previously forwarded the data for the purpose of data management. The notification will be waived if, in view of the purpose of the data management, this does not violate the legitimate interests of the data subject.

The data subject may object to the processing of his/her personal data if the processing (transmission) of the personal data is necessary solely to assert the rights or legitimate interests of the data controller, unless the data processing is ordered by law, the use or transmission of the personal data is for direct business acquisition, public opinion polls or scientific research purpose, the exercise of the right to protest is otherwise permitted by law.

As a Data Controller, we are obliged to examine the objection as soon as possible, but no later than 15 days after the submission of the request, and to inform the applicant of the result in writing, with the simultaneous suspension of data management. If the protest is justified, we will terminate the data management – including further data collection and transmission – and block the data, as well as notify all those to whom we have previously forwarded the personal data affected by the protest and who are obliged to take action on the protest and the measures taken based on it in order to enforce the right to protest.

If you find that any of your rights have been violated, contact us at our email address info@marcomartely.hue or by letter at Pálné Gy. Szabó, 6800 Hódmezővásárhely, Kölcsey 33. We will do everything we can to investigate the incident and to compensate for the inconvenience.

In the event of a violation of their rights, the person concerned can also apply to the court (at the choice of the defendant’s registered office or the place of residence of the person concerned). The court acts out of sequence in the case. The lawsuit initiated in connection with the protection of personal data is free of charge.

You can also exercise your right to complain at the National Data Protection and Freedom of Information Authority:

NAIH, 1125 Budapest, Szilágyi Erzsébet fasor 22/C.

Mailing address: 1530 Budapest, PO Box: 5.

Phone: +36-1-391-1400, Fax: +36-1-391-1410

E-mail: ugyfelszolgalat@naih.hu

Why we use cookies, what they are for and where you can disable them

We would like to share some technical information about the management of cookies so that you know what to set and where if you want to disable their management:

Management of technical data and cookies

Its data management system automatically records the IP address of the user’s computer, the starting time of the visit, and in some cases – depending on the computer settings – the type of browser and operating system. The data recorded in this way cannot be linked to other personal data. Data management is for statistical purposes only. Cookies allow the website to recognize previous visitors. Cookies help to optimize the website and to design the services of the website according to the user’s habits. Cookies are also suitable for memorizing the settings, so the user does not have to record them again when he goes to a new page, they remember the previously entered data, so they do not have to be typed in again, they analyze the use of the website in order to ensure that the as a result of improvements made using information, it should function as much as possible according to the user’s expectations, the user can easily find the information he is looking for, and the effectiveness of our ads is monitored.

If we display various contents on the website using external web services, this may result in the storage of some cookies that are not supervised by the Data Controller, so we have no influence on what data these websites and external domains collect. Information about these cookies can be found in the regulations for the specific service.

As a Data Controller, cookies and web beacons, pixels, in case of your express consent

Data management takes place without human intervention.

The user can set his web browser to accept all cookies, reject all, or notify the user when a cookie arrives on his machine. The setting options are usually found in the browser’s “Options” or “Settings” menu. By prohibiting the use of cookies, the User acknowledges that the operation of the website is incomplete without cookies.

The detailed information on the English website www.aboutcookies.org also helps with settings in different browsers.

Using Google Ads conversion tracking

– We use the online advertising program called “Google Ads” as Data Manager, and within its framework we use the Google conversion tracking service. Google conversion tracking is an analytics service of Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; “Google”).

– When a User accesses a website through a Google ad, a cookie required for conversion tracking is placed on their computer. The validity of these cookies is limited.

– When the User browses certain pages of the website and the cookie has not yet expired, both Google and the Data Controller can see that the User has clicked on the ad.

– Each Google Ads customer receives a different cookie, so they cannot be tracked through the websites of Ads customers.

– The information – obtained with the help of conversion tracking cookies – serves the purpose of creating conversion statistics for Ads’ customers who choose conversion tracking. In this way, clients are informed about the number of users who click on their ad and are redirected to a page with a conversion tracking tag.

– If you do not want to participate in conversion tracking, you can reject it by disabling the installation of cookies in your browser. After that, you will not be included in the conversion tracking statistics.

– Further information and Google’s data protection statement are available at the following page: google.de/policies/privacy/

Application of Google Analytics

– Our pages use the Google Analytics application, which is a web analysis service of Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files that are saved on your computer, thus facilitating the analysis of the use of the website you visit.

– The information created by cookies related to the website you use is usually sent to and stored on one of Google’s servers in the USA. By activating IP anonymization on the website, Google shortens the User’s IP address beforehand within the member states of the European Union or in other states that are parties to the Agreement on the European Economic Area.

– The entire IP address is transmitted to a Google server in the USA and shortened there only in exceptional cases. Google will use this information to evaluate how you use our website, to prepare reports related to website activity for us, and to provide us with additional services related to website and Internet use.

– Within the framework of Google Analytics, the IP address transmitted by your browser is not combined with other Google data. You can prevent the storage of cookies by setting your browser accordingly, but please note that in this case

– It may happen that not all functions of our website will be fully usable. You can also prevent Google from collecting and processing your website usage data (including your IP address) through cookies by downloading and installing the browser plugin available at the following link. https://tools.google.com/dlpage/gaoptout?hl=en

– We also use the Google Analytics system to analyze the visits to our website for the purpose of system development. In this case, we do not collect personal data. We share such data with other Google services for development purposes.

– We also use the Google Analytics system for marketing purposes after your consent.

Other informations

As a Data Controller, we comply with the legal requirements, we handle personal data only on the legal basis defined by law, and we comply with the basic principles regarding the handling of personal data. We have gathered these legal bases and principles together with the definition of a few terms at the end of our data management information, so that you can find out about them here. We also list your data subject rights for easier transparency.

Concept definitions

“personal data”: any information relating to an identified or identifiable natural person (“data subject”); a natural person can be identified directly or indirectly, in particular on the basis of an identifier such as name, number, location data, online identifier or one or more factors relating to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person identifiable;

“data management”: any operation or set of operations performed on personal data or data files in an automated or non-automated manner, such as collection, recording, organization, segmentation, storage, transformation or change, query, insight, use, communication, transmission, distribution or otherwise by making available, coordinating or connecting, limiting, deleting or destroying;

“data controller”: the natural or legal person, public authority, agency or any other body that determines the purposes and means of processing personal data independently or together with others; if the purposes and means of data management are determined by EU or member state law, the data controller or the special aspects regarding the designation of the data controller may also be determined by EU or member state law;

“recipient”: the natural or legal person, public authority, agency or any body to whom or through which personal data is communicated, regardless of whether it is a third party. Public authorities that have access to personal data in accordance with EU or Community law in the context of an individual investigation are not considered recipients; the handling of said data by these public authorities must comply with the data protection rules in accordance with the purposes of the data management;

“third party”: the natural or legal person, public authority, agency or any other body that is not the same as the data subject, the data controller, the data processor or the persons who, under the direct control of the data controller or data processor, are authorized to process personal data they got;

“involvement”: the will of the affected person is based on voluntary, specific and appropriate information, and it must be clearly stated that he/she indicates his/her consent to the processing of the data concerning him/her through a personal statement or an unmistakably expressive act;

Principles for handling personal data

Personal data

its handling must be carried out legally and fairly, as well as in a transparent manner for the data subject (“legality, fair procedure and transparency”);

be collected only for specific, clear and legitimate purposes, and they should not be handled in a way that is incompatible with these purposes; further data processing for the purpose of archiving in the public interest, for scientific and historical research purposes, or for statistical purposes is not considered incompatible with the original purpose (“purpose limitation”);

they must be appropriate and relevant for the purposes of data management and must be limited to what is necessary (“data sparing”);

they must be accurate and, where necessary, up-to-date; all reasonable measures must be taken to promptly delete or correct personal data that is inaccurate for the purposes of data processing (“accuracy”);

its storage must take place in a form that allows the identification of the data subjects only for the time necessary to achieve the goals of personal data management; personal data may only be stored for a longer period of time if personal data will be processed for the purpose of archiving in the public interest, for scientific and historical research purposes or for statistical purposes, for the implementation of appropriate technical and organizational measures prescribed in the Regulation to protect the rights and freedoms of the data subjects subject to (“limited shelf life”);

must be handled in such a way that adequate security of personal data is ensured by the application of appropriate technical or organizational measures, including protection against unauthorized or unlawful processing, accidental loss, destruction or damage of data (“integrity and confidentiality”).

The Data Controller is responsible for compliance with the above, and must also be able to prove this compliance (“accountability”).

Legal basis for data management:

The processing of personal data is only legal if and to the extent that at least one of the following is fulfilled:

the data subject has given his consent to the processing of his personal data for one or more specific purposes;

the data processing is necessary for the fulfillment of a contract in which the data subject is one of the parties, or it is necessary for taking steps at the request of the data subject prior to the conclusion of the contract;

data management is necessary to fulfill the legal obligation of the data controller;

data processing is necessary to protect the vital interests of the data subject or another natural person;

data processing is in the public interest or is necessary for the execution of a task performed in the context of the exercise of public authority granted to the data controller;

data processing is necessary to enforce the legitimate interests of the data controller or a third party, unless these interests are overridden by the interests or fundamental rights and freedoms of the data subject that require the protection of personal data, especially if the data subject is a child.

 

Affected rights in detail, based on the Regulation:

Right of access

You are entitled to receive feedback from the Data Controller as to whether your personal data is being processed, and if such data is being processed, you are entitled to access your personal data and the information listed in the Regulation.

Right to rectification

You have the right to request that the Data Controller correct inaccurate personal data concerning you without undue delay. Taking into account the purpose of data management, you are entitled to request the completion of incomplete personal data, including by means of a supplementary statement.

The right to erasure

You have the right to request that the Data Controller delete your personal data without undue delay, and the Data Controller is obliged to delete your personal data without undue delay under certain conditions.

The right to be forgotten

If the Data Controller has disclosed the personal data and is obliged to delete it, taking into account the available technology and the costs of the implementation, it will take reasonably expected steps – including technical measures – in order to inform the data controllers handling the data that you have requested the access to the personal data in question deleting links or copies or duplicates of these personal data.

The right to restrict data processing

You have the right to have the Data Controller restrict data processing at your request if one of the following conditions is met:

You dispute the accuracy of the personal data, in which case the limitation applies to the period that allows the controller to check the accuracy of the personal data;

the data processing is unlawful and you object to the deletion of the data and instead request the restriction of its use;

The data controller no longer needs the personal data for the purpose of data management, but you require them to present, enforce or defend legal claims;

You have objected to data processing; in this case, the limitation applies to the period until it is determined whether the Data Controller’s legitimate reasons take precedence over your legitimate reasons.

The right to data portability

You have the right to receive the personal data concerning you that you have provided to the Data Controller in a segmented, widely used, machine-readable format, and you are also entitled to transfer this data to another data controller without being hindered by the data controller whose provided the personal data.

The right to restrict data processing

You have the right to have the Data Controller restrict data processing at your request if one of the following conditions is met:

You dispute the accuracy of the personal data, in which case the limitation applies to the period that allows the controller to check the accuracy of the personal data;

the data processing is unlawful and you object to the deletion of the data and instead request the restriction of its use;

The data controller no longer needs the personal data for the purpose of data management, but you require them to present, enforce or defend legal claims;

You have objected to data processing; in this case, the limitation applies to the period until it is determined whether the Data Controller’s legitimate reasons take precedence over your legitimate reasons.

The right to data portability

You have the right to receive the personal data concerning you that you have provided to the Data Controller in a segmented, widely used, machine-readable format, and you are also entitled to transfer this data to another data controller without being hindered by the data controller whose provided the personal data.

The right to protest

You have the right to object to the processing of your personal data at any time for reasons related to your own situation, including profiling based on the aforementioned provisions.

Objection in case of direct acquisition of business

If personal data is processed for direct business acquisition, you have the right to object at any time to the processing of your personal data for this purpose, including profiling, if it is related to direct business acquisition. If you object to the processing of personal data for direct business purposes, then the personal data may no longer be processed for this purpose.

Automated decision-making in individual cases, including profiling

You have the right not to be subject to the scope of a decision based solely on automated data management, including profiling, which would have legal effects on you or would similarly significantly affect you.

The previous paragraph does not apply if the decision:

Necessary to conclude or fulfill the contract between you and the Data Controller;

it is made possible by EU or member state law applicable to the Data Controller, which also establishes appropriate measures for the protection of your rights and freedoms, as well as your legitimate interests; obsession

based on your express consent.