Privacy Policy

Privacy Policy

 

  1. Szikkim Kft. (registered office: H- 1034 Budapest San marco utca 51. III/1; company registration number: Cg. 01 09 340864; tax number:  26716516-2-41), as operator or the www.agopen.shopwebsite (hereinafter: website) and the webshop operating on the website (hereinafter: webshop) (hereinafter: Service Provider) respects the fundamental constitutional right to the protection of personal data; namely, that everyone has right of disposal over the disclosure and use of his personal data.

 

  1. In obtaining and processing the personal data required for the use of the services provided by data subject customers (hereinafter: Customer), the Service Provider pays particular attention to strict compliance with the provisions of Act VI of 1998 on the promulgation of the Convention for the protection of individuals with regard to automatic processing of personal data (signed in Strasbourg on 28 January 1981), Act CXIX of 1995 on the use of name and address information serving the purposes of research and direct marketing, and Act CXII of 2011 on the right of informational self-determination and on freedom of information (hereinafter: Privacy Act).

 

  1. Data provided by the Customer, namely, first and last name, shipping and billing address, phone number, e-mail address and the Customer’s sex, are contained in the electronic mail transmitted through the system.

 

In the case of card payments, data required for the payment are not processed by the Service Provider but by OTP Bank Plc.

 

I acknowledge that my personal data stored by the controller – Szikkim Kft. (registered office: H- 1034 Budapest San marco utca 51. III/1) – in the www.agopen.shop user database shall be transferred to OTP Mobil Kft. as data processor. The controller shall transfer the following data:

 

web order ID

date of the order

ordered items (product name, article number, price, quantity, VAT)

shipping cost

currency

discount rate

language

first name

last name

e-mail

phone number

billing name

tax number

billing ZIP

billing city

billing street

billing county

billing country

shipping name

shipping ZIP

shipping city

shipping street

shipping county

shipping country

 

The nature and purpose of the processor’s data processing activity are stated in the Privacy Policy of SimplePay under the following link:

 

http://simplepay.hu/vasarlo-aff

 

  1. Controllers: the Service Provider and the delivery services specified in Section 5.

 

  1. The Service Provider declares that the data stored in its database (name, shipping and billing address, e-mail address, phone number, Customer’s sex) shall be processed for the following purposes: enabling the provision of the services available in the webshop, displaying personalised contents and advertisements, compiling statistics, implementing technical developments for the IT system, protecting the rights of Customers. The Service Provider may use the data to create user groups and to display targeted contents and/or advertisements for the user groups on the Service Provider’s website, and to send newsletters.

 

The data provided by the Customer are required for the delivery of the products purchased in the webshop and shall be transferred to the shipping company (hereinafter: Delivery services) to the extent necessary for shipping.

 

Delivery services:

  • GLS Hungary Kft. (address: H-2351 Alsónémedi, GLS Európa u. 2.; phone number: +36 (29) 886 660);
  • Sprinter Futárszolgálat Kft. (address: H-1097 Budapest, Táblás utca 39.; phone number: 06 (1) 803 6300).
  • Gepárd Team Futárszolgálat Kft. (address: H-1149 Budapest, Mogyoródi út 32.; phone number: +36 (1) 399 9970).
  • Hajtás Pajtás Kft. (address: H-1074 Budapest, Vörösmarty u. 20.; phone number: +36 (1) 327 9000).
  • G4S Készpénzlogisztikai Kft. (address: H-1139 Budapest, Rozsnyai u. 21–25.; phone number: +36 (1) 2 380 222).

 

The Service Provider shall keep a data transmission log of the personal data provided by the Customer and forwarded to the delivery services in order to verify the legitimacy of the data transfer. The log shall contain the date and time of the transfer of the personal data processed by the Service Provider, the legal basis of the data transfer and the recipient, as well as the description of the personal data transmitted. The Service Provider shall retain the data stored in the data transmission log for 5 (five) years.

 

  1. The Service Provider shall not use the personal data provided by Customer for any purposes other than those stipulated above. Personal data may not be disclosed to any third party (except for delivery services) or authority without the Customer’s express consent, unless such disclosure is required by law or a binding administrative or court order. The Service Provider shall erase the Customer’s personal data at the Customer’s request or when the purpose of the processing no longer exists.

 

  1. The Customer’s data provision is voluntary; its legal basis is the data subject’s consent. By using the Service Provider’s services, the Customer consents to the use of his personal data for the purposes stated above (including the transfer of personal data to delivery services).

 

  1. The Customer may request the Service Provider at any time:

information on his personal data being processed;

the rectification of his personal data;

the erasure or blocking of his personal data.

 

8.1 Upon the data subject’s request the Service Provider shall provide information concerning the data subject’s data processed by it, the sources from where they were obtained, the purpose, legal basis and duration of processing, the name and address of the processor and the processor’s activities relating to data processing, and – if the data subject’s data are being transferred – the legal basis and the recipients of the data transfer.

 

The Service Provider shall comply with the request for information as soon as possible but within thirty (30) days at the latest, and provide the information requested in an intelligible form, at the Customer’s request in writing.

 

The information described above shall be provided free of charge provided that the Customer has not submitted a request to the controller for the same category of data in the current year. In all other cases the information supply may be subject to a charge of HUF 700 per request. Already paid charges shall be refunded if the Service Provider processed the data unlawfully or the request resulted in rectification.

 

The Service Provider may only refuse the provision of information to the Customer in the cases defined in Section 9 (1) and Section 19 of the Privacy Act.

 

Should a request for information be denied, the Service Provider shall inform the Customer in writing as to which provision of the Privacy Act serves grounds for refusal. In the event the request for information is refused, the Customer may turn to court or to the National Authority for Data Protection and Freedom of Information (address: H-1125 Budapest, Szilágyi Erzsébet fasor 22./c; phone number: +36 (1) 391 1400; e-mail address: ugyfelszolgalat@naih.hu; hereinafter: Authority).

 

8.2 Where a personal data item is deemed inaccurate and the correct personal data is at the Service Provider’s disposal, the Service Provider shall rectify the personal data in question.

 

Personal data shall be erased by the Service Provider if:

– the processing of the personal data is unlawful;

– the erasure of personal data is requested by the Customer;

– the personal data item is incomplete or inaccurate and this state may not be lawfully rectified, provided that the erasure is not ruled out by the Privacy Act;

– the purpose of processing no longer exists or the legal time limit for storage has expired;

– the erasure was ordered by court or by the Authority.

 

Instead of erasure, the Service Provider shall block the personal data if so requested by the Customer, or if there are reasonable grounds to believe that erasure could affect the legitimate interests of the Customer. Blocked data shall be processed only for the purpose which prevented their erasure.

If the accuracy of a personal data item is contested by the Customer and its accuracy or inaccuracy cannot be ascertained beyond doubt, the Service Provider shall mark that personal data for the purpose of referencing.

 

The Service Provider shall notify the Customer and all recipients to whom the data item has been transmitted for processing when a data item is rectified, blocked, marked or erased. Notification is not required if it does not violate the rightful interest of the data subject in light of the purpose of processing.

 

If the Service Provider refuses to comply with the data subject’s request for rectification, blocking or erasure, within 30 (thirty) calendar days of receipt of the request it shall communicate in writing the factual or legal reasons on which the decision for refusing the request for rectification, blocking or erasure is based. If the rectification, blocking or deletion request is rejected, the Customer may turn to court or to the Authority for remedy.

 

  1. The Service Provider shall process the data obtained by it in compliance with the prevailing legal regulations and in keeping with the data protection provisions stipulated in this Privacy Policy.

 

  1. The Service Provider shall take no responsibility for the data provided by Customer. Should the Service Provider become aware that the data violate the personality rights of a third party or legal regulations or breach these data protection rules, or that the data’s non-conformity to the data protection rules gives rise to damages, the Service Provider shall be entitled to take the necessary legal steps in cooperation with the competent authorities. If the Customer has provided a third party’s data for using the service or has caused damage in any way by using the website, the Service Provider shall be entitled to file a claim for damages.

 

  1. In order to avoid unauthorised access to and disclosure of data and to ensure the accuracy and the most appropriate use of the data, the Service Provider shall guard and safeguard the information collected online using appropriate physical, electronic and technical methods.

 

  1. Under the Club card scheme, throughout the validity period of the Club card and even after the expiry thereof – if no request for erasure has been submitted –, the Service Provider shall continue to process the Customer’s data in order to encourage the Customer to become a regular customer, and to be able to notify the Customer of any promotions at the contact details provided. The data shall be processed by the Service Provider’s staff. The Customer may exercise its right of informational self-determination and freedom of information in accordance with Act CXII of 2011.

 

  1. Web hosting service provider: Tárhely.Eu Kft.

Registered office: H- 1097 Budapest, Könyves Kálmán körút 12-14.

Tax number: 4571332-2-42

Company registration number: 01 09 909968

Customer service and technical support: info@tarhely.eu