GDPR DOCUMENT
The GDPR Document of our Webshop has been created by the Terms and Conditions Managing System of the Association of Trustworthy Stores.
In case you have questions regarding the present Terms and Conditions, the usage of the Webshop, the products or the processes of purchasing or shipping, reach out to us through the contacts available below.
Webshop Contacts:
Postal address: Österreich, 8072 Fernitz-Mellach, Erzherzog-Johann Platz 16.
Phone: +36 70 676 5337
The company’s electronic contact: hello@studiodd.hu
Webshop domain: https://studiodd.hu
GDPR Document
Krisztina Dóra Halász entp. ( further: Salesperson, Data manager ), as Data manager declares that the managing of data regarding the operation of the Webshop managed by her is in accordance with the rules and regulations applicable presently. The data managing of the customers is being applied in regards of the legislation operative currently.
The aim of the present GDPR Document is to define the legislation applied in regards of the managing of personal and other data that was given during the purchasing products through the https://studiodd.hu webshop managed by Krisztina Dóra Halász ( Data manager ).
The scope of the Present Document is applied solely for the usage of the website, and the datas provided for the Data manager. It does not apply to the situation, where one makes their own personal data, or a part of them, or through mediating the website into public willingly.
Customers can share datas that qualify as personal datas, when purchasing a product distributed through the https://studioddteam.com/en/ Webshop.
Any determined ( identified or unidentified ) data that can be associated with any natural person ( for further reference: the given person ), or any data that can be concluded of them qualifies as personal data.
The personal data upholds this quality through the data managing, until this contact can be restored with the given person. The person can be regarded as identified, if they can be identified based on their social congeniality.
Out of datas given during the order of the user, solely the name and the email address can be regarded as personal data if certain conditions apply ( eg. the name and the email address is valid)
Webshop Company Datas:
Datamanager Datas:
Name of Datamanager: Krisztina Dóra Halász entr.
Postal address: Österreich, 8072 Fernitz-Mellach, Erzherzog-Johann Platz 16.
Phone: +36 70 676 5337
E-mail address: hello@studiodd.hu
Website: https://studioddteam.com/en/
Phrases
Personal data: any data that can be connected to any determined ( identified or unidentified) natural person ( further: any given person), or any data that can be concluded of any given person. The personal data during the data managing upholds this quality till the contact can be restored with the given person. The given person can be regarded as identified especially, if they can be – directly or indirectly – identified based on their name, identification number, or one or more physical, physiological, mental, economical, cultural or social attributes.
Consent: the voluntary and determined declaration of the given persons wish, that is based on appropriate informing, with which they give their unambiguous consent in regards of managing their personal datas that can be full scope or applied only to various operations.
Datamanager: is that natural or legal person, or an association without a legal personality, who or what determines the aim of the data managing, declares and executes the decisions regarding the managing of data ( including the tools being used) or executes it with the data manager trusted by them.
Datamanaging: irrespectively of the process applied, data managing is any process or sum of processes made on the datas: eg. collecting, fixing, recording, systemizing, storing, modifying, using, forwarding, making public, synchronizing or joining, blocking, deleting or nullifying, or the hindrance of the further usage of the datas. Creating a picture, audio or voice recording qualifies as data managing, as well as recording the physical attributes ( eg. fingerprint, palm print, DNA-sample, Iris picture) of the given person that enables their identification.
Data Transmission: in case the data is being made available for a third party ; tor being made public ; or making it available to any other person.
Data Clearing: making the data unrecognizable in a way so restoration is not possible anymore.
Data Processing: technical assignments necessary for processing data, irrespectively of the methods and tools or place of process, connected to data managing procedures.
Third person: that natural or legal person, or association without a legal personality, who or what is not identical with the given person, the data manager or the data processor.
Legal base of Data management
The voluntary consent of the user to have their personal datas processed by using the webshop, as well as the GDPR 6. article (1) paragraph a. point.
Aim of Data management
The aim of the data management is solely to ease keeping contact with the user, give personalized services in certain cases, and ship ordered product.
Consent to Data management:
While submitting the order, the user consents to the process of datas by the data manager – Krisztina Dóra Halász ev, that are necessary for the orders.
Based on the 2011. year CXII. Law 20. § (1) paragraph that concerns the Right of Autonomy of Information and the Freedom of Information, given person must be informed about all facts concerning the webshop, especially the aim and legal base of the data management, the identity of the person who is entitled of the data management and data processing, as well as the time interval of the data management.
Managed Data:
Name: contacting, invoicing, verification of order
Address: contacting, invoicing, managing shipping
E-mail address: contacting, keepng contact, sending newsletter, informing of shipping
Phone Address: contacting, keeping contact, informing of shipping
Date of Shopping/Registration: technical procedure
Data management information regarding Orders
Legal background of the data management in regards of orders
The legal background of the data management is ensured by the 2011. year CXII. Law 20. § (1) paragraph that concerns the Right of Autonomy of Information and the Freedom of Information. only hungarian speaking)
Legal base of the data management in regards of orders:
The legal base of the data management is the users voluntary consent, that their personal datas given through using the webshop will be processed, as well as the GDPR 6. article §
( 1 ) paragraph b. point.
Aim of the data management in regards of orders:
The aim of the data management is solely to ease keeping contact with the user, give personalized services in certain cases, and ship ordered product.
Managed data: name, address, e-mail address, phone number.
Time interval of the data management in regards of orders:
Data manager is managing the datas up until the inquiry of the given person to clear the data, but at least until the confirmation of shipping has happened.
Datamanagement informations in regards of invoicing
Legal background of datamanagement in regards of invoicing:
Based on the Sztv. 169. §
( 1) – ( 2 ) paragraph, the invoice given by the entrepreneur has to be kept for 8 years.
Legal base of data management in regards of invoicing:
The legal base of the data management is the users voluntary consent, that their personal datas given through using the webshop will be processed, as well as the 2007. year CVII. 159. § ( 1 ) Law concerning the general sales tax, the 2000. year C. Law 169. §
( 2 ) concerning accounting, as well as the GDPR 6. article § ( 1 ) paragraph c. point regarding data management.
Aim of data management in regards of invoicing:
Based on the Sztv. 169 § ( 1 ) – ( 2 ) paragraph, to ensure the obligation of keeping the accounting invoices that proves the accounting settlement directly or indirectly.
Managed data: name, address, e-mail address and phone number
Provider only stores the customers data to make sure that the contract was fulfilled, as well as to prove the fulfillment of the terms of the contract, only during the time the contract is alive.
Time interval of data management in regards of invoicing
Based on the 2000. year C. Law 169., Data manager is obliged to keep the given persons data for 8 years.
Data management informations in regards of shipping
Legal background of data management in regards of shipping:
The legal background of the data management is ensured by the 2011. year CXII. Law 20. § (1) paragraph that concerns the Right of Autonomy of Information and the Freedom of Information.
Legal base of data management in regards of shipping:
The legal base of the data management is the users voluntary consent, that their personal datas given through using the webshop will be processed, as well as the GDPR 6. article §
( 1 ) paragraph b. point.
Aim of data management in regards of shipping:
Shipping the ordered product as well as informing about the date of shipping.
Managed data: name, address, e-mail address and phone number
Time interval of data management in regards of shipping:
Data manager is managing the datas up until the inquiry of the given person to clear the data, but at least until the confirmation of shipping has happened.
Informations concerning Newsletters and Personalized Advertisements:
Our Webshop does not send Newsletters.
Datamanagement Informations concerning registrations:
Legal background of data management in regards of registration:
The legal background is the GDPR 6. article § (1.) paragraph b. point
Legal base of data management in regards of registration:
The legal base of the data management is the users voluntary consent, that their personal datas given through using the webshop will be processed, as well as the GDPR 6. article §
( 1 ) paragraph b. point.
Aim of data management in regards of registration:
The aim of the data management is solely to ease keeping contact with the user, give personalized services in certain cases, informing about new and products on sale.
Managing Cookie:
During the process of using the website, the Manager is installing small sized data files ( cookies) on the users computer with data, that cannot be associated directly with the user, in order to identify the user, so to make the further visits of the user easier in the future. During the use of the data files, the Data manager does not connect the datas given to the Data manager to the given users identification datas. During the use of the webshop, the Data manager fixes and manages the following datas connected to the given person:
Users IP address
Type of Browser
attributes of the operation system used for browsing
date of visit
sites visited
Legal background of cookie management
The data management regarding cookies is contained in the 2011. year CXII. Law 20. § (1) paragraph that concerns the Right of Autonomy of Information and the Freedom of Information, as well as the 2001. year CVIII Law concerning the services related to the information society in some aspects. The legal base of the data management is the consent of the user based on the Information Law 1. §
- point.
Cookie Settings:
With most browsers, any given person has the possibility for cookie settings. The default setting of the browser automatically accepts cookies, but these can generally be modified, so to stop automatic acceptance and offers the possibility to choose each time, weather the given person would like to accept the cookies or not.
Aim of applying cookies:
In order to make the usage of the webshop and its processes easier or possible, in case of limiting or clearing the cookies, it might happen, that the User cannot or just partly use certain function of the webshop.
More information can be found about cookie settings in the most popular browser below:
GoogleChrome
Firefox
Mozilla
Persistent cookies will be stored on the computer, notebook or mobile, even after leaving the webshop, With the help of these cookies, the website recognizes the user as returning visitor. It is not possible for personal identification.
Session cookies are being stored on the computer, notebook or mobile phone only temporarily, until the User does not leave the website. These cookies store the activities made on the webshop during a visit. These cookies will be automatically erased from the computer, notebook or mobile phone, after finishing the session.
Google Analytics
The Google Analytics is the analyzing tool of Google, that helps the owners of the websites and applications to get a clearer picture of the visitors activities. The service can use cookies to collect information and create reports in regards of the statistical data of the usage of the website, without identifying the visitors separately for the Google. The main cookie used by Google Analytics is the ,,__ga” cookie. Besides the reports created out of the website usage statistical datas, the Google Analytics – including some of the advertisement cookies mentioned before – can be used to apply more relevant advertisement in the Google Services ( for example Google Search) and across the internet, as well as to measure the interactions connected to our advertisements.
Google Adwords Cookies:
The Google Adwords uses cookies to make advertisements more attractive to the users, and make it more valuable for the providers and advertisers. Some of the frequent application of cookies are: choosing advertisement based on what is relevant for the given user, perfecting the reports of the success of campaigns, and avoiding advertisements already seen by the user. Google cookies – eg. NID and SID cookies – are being used in Google products, for example to customize advertisements in Google Searches. These cookies are used to remember the last searches of the user, or to remember the advertisements of the advertisers, or the previous interactions of the search results, as well as the visits on the advertiser’s websites. This helps us to create customized advertisement for you on Google.
Other Used Cookies
no other cookie
In case the user does not accept the cookies, certain functions will not be available for them. You can find more detailed information of the deleting of cookies here:
Internet Explorer
Firefox
Chrome
The Provider does not need to give the consent of the user in case of using the following cookies:
cookie used to work process protected with a password
cookies used for the shopping cart
safety cookie
The user can set in their own browser weather to get notification about the Provider playing cookies on their computer, or can forbid sending cookies at any given time.
Please pay attention, that in case not accepting the cookies, certain pages or functions will not be running properly, and there is the possibility that the user will not get a right to access certain datas. The users has the possibility to delete cookies in the Tools / Setting menu, usually under the Data protection menu settings.
The cookies used on the website cannot be used to identify the person of the User.
Social Media:
Data manager is maintaining social media sites in order to make the products of the webshop known and popular. ( Facebook / Instagram / Twitter). In case the User ,liked’ the webshop through any social media site or got in contact with them, then the Users personal data can be used: registered name, users public profile picture. The regulations applied to the users are in accordance with the legislation concerning the given social media platforms data policy. In case of Publishing illegal or harmful material, the Data manager can block the User without any further notification. The legal base of the DataManagement is the users voluntary concern to manage their data on the social site.
Data of Data processor and their data management activities:
Name of the data processor responsible for the storage of personal data: Krisztina Dóra Halász entr. – Location: Österreich, 8072 Fernitz-Mellach, Erzherzog-Johann Platz 16. – Tax number: GISA: 35393276 – Email Address: hello@studiodd.hu – Phone Address: +36 70 676 5337, Location of Data processing:2421 Nagyvenyim Bolt street 12. The data processor is responsible for determined tasks based on the written contract with the data manager and is not legalized to get to know personal datas.
Data Security
The Data manager intends to take all necessary actions in order to secure the safety of the information systems used by them, especially to prevent illegal access to the datas stored on the website.
In order to secure personal data, we made the following steps:
making personal data secret – securing the systems and services used for storing personal data continuously – in case of physical or technical incident or the possibility or it, we secured the access and the providing of datas to be restored in time – regularly testing, measuring and evaluating the effectiveness of the technical and organizing actions of the safe datamanagement – SSL certification
Rights of the User in regards of data management
The user can inquire about the management of their personal data, as well as inquire for the correction, deleting and blocking of them. User can inquire for the deleting, modifying or the information of thei management of data on the contacts given below:
email: hello@studiodd.hu
Postal address: Österreich, 8072 Fernitz-Mellach, Erzherzog-Johann Platz 16.
Based on the inquiry of the user, the Data manager is obliged to give information about the data managed by them, the base, aim and the time interval of the data management. The Data manager is obliged to give information as soon as possible counting from the filing of the inquiry, in 25 days time maximum. The user can ask for their data’s correction, modifying or deleting at any given time. The data manager is obliged to manage the modification, correction or deletion in 25 days time. In case the data manager informs the factual and legal reasons of the denial of the inquiry for modification, blocking, 25 days after getting the inquiry.
In case of The denial of the inquiry for the correction, deletion or blocking, the data manager informs the given person about the possibility to access the assistance of Court or the given Office.
For the natural person, the information must be given in a short, clear, easy to understand way, with easy access and phrasing.
The information has to be given in written and other – including electronic – forms too. In case of the inquiry of the given person, verbal informing can be given as well, in case the given person’s identity can be identified. The data manager is informing the given person about the activities made in regards of the inquiry, in one months time counting from the arrival of the inquiry. If needed, regarding the complicity and the numbers of inquiry, this timeframe can be lengthened with two months. The given person is being informed about the lengthening of the time interval with clarifying the reasons of the delay, in one months time counting from the filing of the inquiry. If the given person filed their inquiry through an electronic channel, the informing should be made through electronic means if possible, except if the given person wishes otherwise. If the data manager does not make any action based on the given persons inquiry, they inform the given person, without further delay, but in one month time maximum counting from the filing of the inquiry, about the reasons of failing these activities, as well as informing the given person about their possibility to make complaints through one of the Offices and to access legal remedy.
The Provides respects and takes care of personal datas. Usage of the datas of the Contractor is being done according to current legislation. Provider can only store the customer’s data in order to prove the fulfillment of the conditions of the contract, and only until the contract is valid. The Provider is obliged to keep the customer’s data for at least 8 years, according to 2000. year C. Law 169 §.
Provider is obliged to take all necessary actions in in order to keep the datas safe, but do not take responsibility for any natural disasters, criminal acts, or other dataloss, data damage, or access by unauthorized person by any inevitable reasons.
Right for clear previous information
The natural persons are authorized to be informed about the handling of their data in a clear and easy to access and understand way.
Right for correcting
Any given person is authorized to have the personal data related to them be corrected without any delay from the data manager, by their inquiry.
Righ for deleting
Any given person is authorized to have the personal data be erased by the data manager, by their inquiry, if:
the personal datas are not needed anymore in regards of the aim they were collected
the given person withdraws the consent that have been the base of the data management and there is no other legal base of the data management
the given person is protesting against the management of their data, and there is no priority of right to have their data managed
the personal datas have been managed illegally
In case the data manager gave access to a third party in regards of the datas inquired to be erased, then they need to inform all of those who have been informed about the given persons datas, to have all the personal datas stored by them to get them erased.
Right for data restriction
Any given person is obliged to have their data management restricted by the data manager, if any of the conditions below stand:
Any given person debates the punctuality of the personal datas
the data management is illegal, and the given person is protesting against the erasure of the datas, and is asking for having their usage restricted only
the data manager no longer needs the personal data, but the given person is requiring them to have their legal inquiries validated.
Right for data carrying
Any given person is authorized to have the personal datas related to them, that have been provided to a data manager, being given to them in a computerized way, as well es they are authorized to forward these datas to another data manager without being obstructed
Automatized data management
Right for Protesting
The given person has the right to protest at any time, based on the reasons of their own situation, against the handling of their data, based on the 6. article 1. paragraph e. or f. point, including the creation of profile based on the regulations mentioned below. In this case, the data manager cannot manage the personal datas further, except if the data manager proves, that the data management is necessary based on those obligatory legal reasons, that have priorities in regards of the interests, rights and freedoms of the given person. The data manager is obliged to investigate the protest in the shortest time possible, but latest in 15 days time counting from the filing of the inquiry, and is obliged to make a decision in regards of the base of the inquire, as well as inform the inquirer about their decision in written format.
In case the Data manager doest not fulfill the inquiry of the user to correct, block or delete, then the data manger informs the denial of the inquiry of correction, blocking or deletion in 25 days time counting from filing the inquiry. In case of denying the inquiry for correction, deletion of blocking, the data manager is obliged to inform the given person about the possibility for legal remedy or turning to the proper Office.
Possibilities for managing Complaints
In case any given person thinks that the data manager did not comply to the rules of the data management regulations or did not fulfill the given persons inquiry in regards of data management, then the User can start the testing procedure in front of the Office of the National Data protection and Freedom of Information through the contacts below.
Postal address: 1530 Budapest Mailbox: 5.
email: ügyfelszolgalat@naih.hu
In case the User does not agree with the decision of the Data manager, they can turn to court in 30 days from the day of the communication. The court will act line out in this case.
Third Party Storing Personal Data:
name of data processor: Tarhely. Eu Provider Kft.
Location of data processor: 1144 Budapest, Ormánság utca 4. X/241.
Phone of data processor: t9,
email of data processor: support@tarhely.eu
For the inquiry o the user, the Data manager is obliged to give information of the data managed my them, the base, goal and time interval of the data management. The user can inquire for the modification or correction or deleting of their data at any given point. The data manager is obliged to modify, correct or delete the personal data of the user in 25 day time from the day of inquiry. In case the data manager, after 25 days from the written or electronic form of inquiry from the user,
Forwarding Data
Name: Wise
Bank Location: Avenue Louise 54, Room S52 Brussels 1050 Belgium
Phone: – (only online)
Bank website: https://wise.com/
Bank Gdpr: https://www.sberbank.hu//hu/lablec/cookie.html
User Complaints in regards of the activities of the datamanager can be made on the contact below:
Postal address: Österreich, 8072 Fernitz-Mellach, Erzherzog-Johann Platz 16.
Phone address: +36 70 676 5337
E-mail address: hello@studiodd.hu
Office of National Dataprotection and Freedom of Information
1125 Budapest, Szilágyi Erzsébet road 22/C.
Postal Address: 1530 Budapest, Mailbox: 5
Phone: + 36 – 1- 391 – 1400
Fax: +36-1-391-1410
E-mail: ugyfelszolgalat@naih.hu
Applied from: 2021. 08. 25.