Euro Home Shop
Euro Home Shop GSM Kft.
The Euro Home Shop GSM Kft. (hereinafter referred to as: Provider, data controller) agrees to abide by the contents of the privacy statement.
According to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (27th April, 2016) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), we provide the following information.
Furthermore, during the processing of Client’s personal data, Provider adheres to the provisions of Act CXII of 2011 on the Right of Informational Self-Determination.
This Privacy Notification controls the data processing of the following sites:
The amendments of this
notification enter into force upon publication at the address above.
Contact details of the controller:
Name: Euro Home Shop GSM Kft.
Registered office: 11. Pannónia Str. Budapest, 1136
Tax ID No.: 25428678241
Current Company Registration Number: 01 09 274620
EURO HOME SHOP GSM KFT.
TERMS AND DEFINITIONS
1. Personal data is defined as any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
2. Processing of personal data is defined as any operation or set of operations, whether or not by automated means, such as collection, recording, organising, structuring, storage, adoption or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
3. ‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
4. A Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller.
5. ‘recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. Public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;
6. ‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
7. "personal data breach" means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
PRINCIPLES REGARDING THE PROCESSING OF PERSONAL DATA:
Personal data must be:
a) processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);
b) collected for only for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (‘purpose limitation’);
c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (“data minimisation”);
d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);
e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89 (1) subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (‘storage limitation’);
f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
The controller shall be responsible for, and be able to demonstrate this compliance with the above (‘accountability’).
DATA PROCESSING RELATED TO THE OPERATION OF A WEB STORE
1. The fact of the data collection, scope of processed data and the purpose of data processing:
Personal Data The purpose of data processing
Username Identification, enabling registration
Password For the secure entry to the user account.
Surname and first name Required for contract, purchase and issuing regular invoice.
E-mail address: Contact.
Phone number: Contact, more efficient agreement on issues of billing or delivery.
Billing name and address For issuing regular bill, creating contract, determining its contents, amending it, monitoring its completion, billing costs incurring from it and exercising claims arising from it.
Delivery name and address Enabling delivery.
Time of purchase/registration Performing technical operation.
IP address at the time of purchase/ registration Performing technical operation.
Neither the username nor the e-mail address is required to contain any personal data.
2. Scope of data subjects: Every data subject registered/purchasing on the webshop’s website.
3. Period for which the data will be processed, deadline for their erasure: Immediately upon deleting registration. Data controller shall notify the data subject on the erasure of any personal data specified by the data subject according to Article 19 of the GDPR. Where the erasure request of the data subject includes the e-mail address specified by him or her, the data controller shall erase the e-mail address as well, following notification. Except in case of accounting documents because according to § 169, Paragraph (2) of the Act C of 2000 on Accounting these data shall be kept for 8 years.
The accounting document supporting the accounting balance directly or indirectly (including main book invoices and the detailed records), shall be kept for at least 8 years in a readable form searchable according to the accounting record references.
4. Possible data controller persons entitled to the knowledge of the data, recipients of the personal data: The personal data may be controlled by the sales and marketing employees of the data controller with regard to the principles above.
5. Description of data subjects’ rights related to data processing:
• The data subject may request from the controller the access to and rectification or erasure of personal data or restriction of processing concerning the data subject
• and to object to processing, and
• data subject has the right to data portability and to revoke his or her consent at any time.
6. Access to, erasure, change of or restriction of the processing of personal data, the portability of data, the objection to data processing may be initiated by the data subject in the following ways:
- via mail to 6, Váci Str. Budapest, 1132
- via e-mail to EHSGSM@gmail.com,
- via phone at number +36709488854.
7. Legal basis of data processing:
7.1. GDPR Article 6, paragraph 1, point (b),
7.2. The Act CVIII of 2001 on certain issues of electronic commerce services and information society services (hereinafter referred to as: Elker tv.) §13/A Paragraph (3)
The service provider may – for the purpose of providing the service – process personal data indispensable for providing the service for technical reasons. Should other conditions be identical, the service provider shall select and operate the means applied in the course of providing information society service at all times, so that personal data be processed only if it is absolutely indispensable for providing the service or achieving other objectives stipulated in this Act, and only to the required extent and duration.
7.3. In case of issuing invoice according to accounting legislation, part c) of Paragraph (1), Article 6.
7.4. In case of exercising contractual claims, 5 years according to the § 6:21 of Act V of 2013 on the Civil Code.
§ 6:22. [Statute of limitations]
(1) Un less otherwise provided for in this Act, claims shall lapse after five years.
(2) The period of limitation commences upon the due date of the claim.
(3) An agreement for changing the limitation period shall be executed in writing.
(4) Any agreement excluding prescription shall be null and void.
8. Be advised that
• the data processing is required for the completion of contract.
• you are obliged to provide personal data in order to the completion of your order.
• failure to provide data will have the consequence that we will be unable to process your order.
DATA PROCESSORS OBTAINED
1. Activity performed by data processor: Delivery of goods, freight
2. Name and contact details of data processor: DPD Courier Service
Phone: +36 1 501 6200
3. The fact of the data processing, scope of processed data: Delivery name, delivery address, e-mail address.
4. Scope of data subjects: Every data subject requesting delivery.
5. The purpose of data processing: Delivery of the ordered goods.
6. Period for which the data will be processed, deadline for their erasure: Until the completion of delivery.
7. Legal basis of data processing: Article 6, paragraph 1, point (b),
1. Activity performed by data processor: Online payment
2. Name and contact details of data processor: EURO HOME SHOP GSM Kft.
6, Váci Str. Budapest, 1132
3. The fact of the data processing, scope of processed data: Billing name, billing address, e-mail address.