Ferenc Bálint sole proprietor (Address: 1122 Budapest, Krisztina krt. 27. 3rd floor, apartment No 35. hereinafter, “Service Provider”, “Data Controller”) as a data controller, acknowledges the content of this legal notice as binding on him.
It undertakes that all data processing related to its activities complies with the requirements set out in these regulations and in the applicable national legislation, as well as in the legal acts of the European Union.
This privacy statement covers the following domains and their subdomains:
The Privacy policies that apply to the data controller's privacy practices are available at https://ferencbalint.com/pages/privacy-policy.
The Privacy policy can be downloaded from the following link: Privacy policy.
The data controller reserves the right to amend this prospectus at any time. Stakeholders will be informed of the changes in due time.
The data controller is committed to the protection of the personal data of its customers and partners and considers it extremely important to respect the right of its customers to self-determination of information. The data controller shall treat the personal data confidentially and shall take all security, technical and organizational measures that guarantee the security of the data.
The data controller describes his data management practices below.
Name: Ferenc Bálint sole proprietor
Head office: 1122 Budapest, Krisztina krt. 27. 3rd floor, apartment No. 35.
Tax number: 56705447-1-43
Community tax number: HU56705447
Registration number: 55380649
Mobile Phone number: +36303050028
Email: info@ferencbalint.com
The data controller shall not engage in any activity that would justify the appointment of a data protection officer.
Technical details
The data controller selects and operates the IT tools used to manage personal data during the provision of the service in such a way that the managed data (are):
The data controller shall take appropriate measures to protect the data against unauthorized access, alteration, transmission, disclosure, deletion or destruction, and accidental destruction.
The data controller shall ensure the protection of the security of data processing with technical, organizational and operational measures that provide a level of protection appropriate to the risks associated with the data processing.
The data controller maintains confidentiality during data management: he protects the information so that only those who have the right to access it can access it; integrity: protects the accuracy and completeness of information and the method of processing; availability: ensures that when an authorized user needs it, they can actually access the information they want and have the tools to do so.
Cookies
The purpose of cookies
A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.
We use the following cookies to optimize your experience on our Site and to provide our services.
Essential session cookies
The purpose of these cookies is for visitors to fully and seamlessly browse https://ferencbalint.com, use its features and the services available there. These types of cookies last until the end of the session (browsing), and when you close the browser, these types of cookies are automatically deleted from your computer or other device used for browsing.
Cookies Necessary for the Functioning of the Store
Name |
Function |
_ab |
Used in connection with access to admin. |
_secure_session_id |
Used in connection with navigation through a storefront. |
cart |
Used in connection with shopping cart. |
cart_sig |
Used in connection with checkout. |
cart_ts |
Used in connection with checkout. |
checkout_token |
Used in connection with checkout. |
secret |
Used in connection with checkout. |
secure_customer_sig |
Used in connection with customer login. |
storefront_digest |
Used in connection with customer login. |
_shopify_u |
Used to facilitate updating customer account information. |
Third-party cookies (analytics)
Https://ferencbalint.com and its subdomains also use Google Analytics as a third-party cookies on their websites. Using Google Analytics for statistical purposes, the websites of https://ferencbalint.com and its subdomains collect information about how visitors use the websites. Use the data to improve the website and improve the user experience. These cookies also remain on the visitor's computer or other device used for browsing, in its browser or until the visitor deletes them until they expire.
Name |
Function |
_tracking_consent |
Tracking preferences. |
_landing_page |
Track landing pages |
_orig_referrer |
Track landing pages |
_s |
Shopify analytics. |
_shopify_fs |
Shopify analytics. |
_shopify_s |
Shopify analytics. |
_shopify_sa_p |
Shopify analytics relating to marketing & referrals. |
_shopify_sa_t |
Shopify analytics relating to marketing & referrals. |
_shopify_y |
Shopify analytics. |
_y |
Shopify analytics. |
The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.
You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.
Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as www.allaboutcookies.org.
Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Behavioural Advertising” section above.
Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.
Legal basis for cookie handling
The legal basis for the handling of cookies is the consent of the website visitor, in accordance with Article 6 (1) (a) of the relevant Regulation.
If you do not accept the use of cookies, then 3.2.3. Some features of the websites listed in section 3.2.3. will not be available when you use the websites, or some features may not work properly.
You can find more information about deleting cookies for the most common browsers at the following links:
Firefox: Clear cookies and site data in Firefox https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox
Chrome: Clear cache & cookies https://support.google.com/accounts/answer/32050?co=GENIE.Platform%3DDesktop&hl=en
Safari: Manage cookies and website data in Safari on Mac https://support.apple.com/en-gb/guide/safari/sfri11471/mac
If you are a resident of the EEA, you have the right to access the Personal Information we hold about you, to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact Shopify through the contact information below.
Your Personal Information will be initially processed in Ireland and then will be transferred outside of Europe for storage and further processing, including to Canada and the United States. For more information on how data transfers comply with the GDPR, see Shopify’s GDPR Whitepaper: https://help.shopify.com/en/manual/your-account/privacy/GDPR.
The data management of the data controller's activity is based on voluntary consent or legal authorization. In the case of data management based on voluntary solutions, the dissertation and the authorization can be revoked at any stage of the data management.
In some cases, the management, preservation, and transfer of particular sets of data is being done according to mandatory legislation of which our customers must be specifically notified. We would like to hereby draw the attention of data providers to the fact that if they do not provide their own personal data, it is the data controller's duty to obtain the consent of the affected person. The principles of our data management and data protection comply with the following:
Preparation of data maps of the data controller, on the basis of which the scope of the processed data, their use, legal basis and retention period were determined.
CCPA
If you are a resident of California, you have the right to access the Personal Information we hold about you (also known as the ‘Right to Know’), to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information below:
info@ferencbalint.com
If you would like to designate an authorized agent to submit these requests on your behalf, please contact us at the address below.
info@ferencbalint.com
Behavioural Advertising
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:
You can opt out of targeted advertising by:
Options available on the website for ordering products, personal data during the order:
Name (required field)
Email address (required field)
Phone number (required field, use in case of problem with delivery of the ordered product)
Address (required field, place of delivery of the product)
Billing address (required field, otherwise from Address)
Newsletter subscription (optional, insurance required)
The purpose of data management, the use of managed data: The data is used to fulfill the order.
The legal basis for data management is the assignment of a contract.
Retention period: the duration of a business relationship or a cancellation request.
Data related to online administration
Personal data requested during the contact registration:
Name (required field)
Email address (required field)
Phone number (optional field, optional, to initiate a callback)
The purpose of data management, the use of the managed data: The full use of the data is for contacting and ordering.
The legal basis for data management is voluntary consent.
Retention period: the duration of a business relationship or a cancellation request.
Personal data requested during the contact registration:
Name (required field)
Phone number (optional field, if initiation of a callback is required by the data provider)
Intended use of the managed data: The data will be used for contact and fulfillment of the order.
The legal basis for data management is voluntary consent.
Retention period: the duration of a business relationship or a cancellation request.
Personal data requested during the newsletter subscription:
Name (required field)
Email address (required field)
The newsletter is available after reading and accepting the data management policy. The data management policy is accepted by ticking the mandatory check box.
After subscribing, the subscriber will receive an email informing them of the subscription, which must be confirmed, after which their subscription will take effect.
During all related processes, the customer still has the option to unsubscribe, the option to unsubscribe is included in each letter in the form of a link, it is easily accessible with one click.
As the newsletter contains the name of the company and the contact details of its website, it is considered advertising, eDM.
Purpose of data management and intended use of the managed data: The data will be used to send out a newsletter including advertising. The newsletter contains the address of the website, so it is already considered an advertisement.
The legal basis for data management is voluntary consent.
Retention period: until unsubscribing.
Registration is an available ption in the webshop module of the website, which makes it easier to use the additional service, make it unnecessary to re-enter data. Personal data processed during registration:
Name
E-mail address
Address:
Phone number:
Purchase information (product, date, etc.)
Purpose of data management, intended use of the managed data: invoicing and fulfillment of contractual order.
The legal basis for data management is voluntary consent.
Retention period: until revoked.
If you want to place an order in the webshop module, data management and the provision of data during the purchase is essential for the fulfillment of the contract.
Name
E-mail address
Address
Phone number
Purchase information (product, date, etc.)
The purpose of data management, the intended use of the managed data: fulfillment of a contractual order.
The legal basis for data management is a contractual mandate.
Retention period: according to legal regulations, current year + 5 years
The data controller enters into a contract with its customers for the ordered services, during which it stores the following data:
Name
E-mail address
Address
The purpose of data management, the intended use of the managed data: invoicing.
Legal basis for data management: legal requirement.
Retention period: according to legal regulations, current year + 5 years
If you initiate warranty administration, data management and the provision of data are essential for administration.
Name
E-mail address
Phone number
Complaint
The purpose of data management, the intended use of the managed data: guarantee administration.
The legal basis for data management is voluntary consent.
Retention period: subject year + 5 years according to the Consumer Protection Act
If you submit a consumer protection complaint, data management and the provision of data are essential for the administration.
Name
E-mail address
Phone number
Complaint
The purpose of data management, the intended use of the processed data: administration of consumer protection complaints.
The legal basis for data management is voluntary consent.
Retention period: subject year + 5 years according to the Consumer Protection Act.
Your personal data (that is data that may be associated with you) may be processed by us in the following ways:
The data that is automatically being recorded at login and logout without the specific consent of the data provider.
This data may not be linked to other personal user data, except in cases required by law. Only https://ferencbalint.com domains and subdomains have access to the data.
As part of its business activities, the data controller uses the following data processors:
Hosting service:
Shopify International Limited
Address: 2nd Floor Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland
Attn: Data Protection Officer
Website: https://shopify.com
The scope of the data: the content of the websites on the https://ferencbalint.com domain and its subdomains
Invoicing:
Billingo Technologies Private Limited Company
Address: 1133 Budapest, Árbóc utca 6. 3. em.
Email: hello@billingo.hu
Tel: +3615009491
Scope of known data: issued invoices, billing data
Book keeping:
Prevent Financial, Informatics Bt./Prevent Financial Ltd.
Address: 1196 Budapest, Nagysándor József u. 196.
Email: fokk.zsolt@preventbt.hu
Scope of information: invoices issued
Newsletter:
Klaviyo, Inc.
Address: 125 Summer Street, Boston, Massachusetts 02111
Phone: (800) 338 1744
Email: privacy@klaviyo.com.
Scope of information: subscriber name and email address.
Google Analytics:
Google Inc., Mountain View, California, USA
The scope of the data: the IP address of the visitors of the website https://ferencbalint.com - anonymised, non-personal.
Google Workspace:
Google Inc., Mountain View, California, USA
Range of information: emails sent to email addresses related to the https://ferencbalint.com domain
The data will be transferred to the United States, with which a decision on compliance was taken on 12 July 2016 (https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu- us-privacy-shield_en).
The compliance decision is available from Klaviyo (https://www.klaviyo.com/privacy/policy), Google (https://policies.google.com/privacy/frameworks?hl=en) and Facebook (https://www.facebook.com/about/privacyshield) also applies to data handlers.
The data provider may request information on the processing of their personal data, as well as request the correction or deletion or revocation of their personal data, except for mandatory data processing. They may exercise their right by contacting the data provider in the manner and through the contact channels indicated above.
The data controller shall take appropriate measures to provide the data subject with all information concerning the processing of personal data referred to in Articles 13 and 14 of the GDPR and Articles 15 to 22. and Article 34 shall be provided in a concise, transparent, comprehensible and easily accessible form, in a clear and comprehensible manner.
The data provider shall have the right to receive feedback from the controller as to whether their personal data are being processed and, if such processing is in progress, to have access to the personal data and the following information:
The data controller shall provide the information no later than one month after the submission of the request.
The data provider may request the correction of inaccurate personal data processed by the Data Controller and the completion of incomplete data.
The data provider shall have the right to ask the Data Controller to delete their personal data immediately should the following reasons occur: personal data are no longer required for the purpose for which they were collected or otherwise processed; the data provider withdraws their consent on which the processing is based and there is no other legal basis for the processing; the data provider objects to the processing and there is no overriding legitimate reason for the processing; personal data have been processed unlawfully; personal data must be deleted in order to fulfill a legal obligation under Union or Member State law applicable to the controller; personal data was collected in connection with the provision of information society services.
Deletion of data may not be initiated if the processing is necessary: for the purpose of exercising the right to freedom of expression and information; for the purpose of fulfilling an obligation under Union or Member State law governing the processing of personal data or performing a task carried out in the public interest or in the exercise of official authority vested in the controller; in the field of public health, or for archival, scientific and historical research or statistical purposes, in the public interest; or to bring, assert or defend legal claims.
At the request of the data provider, the Data Controller shall restrict the data processing if one of the following conditions is occur: the data provider disputes the accuracy of the personal data, in which case the restriction shall apply for a period that allows the accuracy of the personal data to be verified; the processing is unlawful and the data provider opposes the deletion of the data and instead requests that their use be restricted; the controller no longer needs the personal data for the purpose of data processing, but the data provider requests them in order to make, enforce or protect legal claims; or the data provider has objected to the processing; in that case, the restriction shall apply for as long as it is established whether the legitimate reasons of the data controller take precedence over the legitimate reasons of the data provider.
If the processing is restricted, personal data other than storage may be processed only with the consent of the data provider or for the purpose of bringing, enforcing or protecting legal claims, protecting the rights of another natural or legal person or in the important public interest of the European Union or a Member State.
The data provider shall have the right to receive their personal data made available to the data controller in a structured, widely used, machine-readable format and to transmit these data to another data controller.
The data provider shall have the right to object at any time, for reasons related to their situation, to the processing of their personal data in the public interest or in the exercise of public authority or to the processing of data subjects or third parties, including profiling based on those provisions. is. In the event of an objection, the controller may not further process the personal data, unless justified by compelling legitimate reasons which take precedence over the interests, rights and freedoms of the data subject or which relate to the submission, enforcement or protection of legal claims.
The data subject shall have the right not to be covered by a decision based solely on automated data processing, including profiling, which would have legal effects on them or would be similarly significant.
The data subject has the right to withdraw their consent at any time.
In the event of a breach of his rights, the data subject may take legal action against the data controller. The court is acting out of turn in the case. Data protection authority proceedings can be lodged with the Hungarian National Data Protection and Freedom of Information Authority (NMHH)
Name: National Data Protection and Freedom of Information Authority (NMHH)
Headquarters: 1125 Budapest, Szilágyi Erzsébet avenue 22 / C.
Mailing address: 1530 Budapest, Pf .: 5.
Phone: 0613911400
Fax: 0613911410
E-mail: ugyfelszolgalat@naih.hu
Website: http://www.naih.hu
Information on data processing not listed in this statement will be provided at the time of data collection. We inform our clients that the court, the prosecutor, the investigating authority, the infringement authority, the administrative authority, the Hungarian National Data Protection and Freedom of Information Authority, the Magyar Nemzeti Bank, or other bodies are authorized to provide information, disclose data, transfer or documents they may contact the data controller to make it available. The data controller shall provide personal data to the authorities, provided that the authority has indicated the exact purpose and scope of the data, only to the extent and to the extent strictly necessary for the purpose of the request.
(This data management information has been prepared on the recommendation of the Budapest Chamber of Commerce and Industry.)