Privacy Policy

PRIVACY POLICY

 

General information

BauReihe Clothing Kft. (Headquarters: 7940 Szentlőrinc, József Attila str. 34., Hungary, hereinafter, service provider, data controller), as a data controller, recognizes the content of this legal notice as binding on itself. Data Controller undertakes to ensure that all data management related to its activities meets the requirements set out in these regulations and in the applicable national legislation, as well as in the legal acts of the European Union.

The data protection guidelines arising in connection with the data management of the Data Controller are continuously available at www.baureiheclothing.com.

 

The Data Controller reserves the right to change this policy at any time and notify users of any changes in reasonable time.

If you have any questions related to this announcement, please write to us and our colleague will answer your question.

 

The Data Controller is committed to protecting the personal data of its customers and partners, and considers it of utmost importance to respect its customers' right to informational self-determination. The Data Controller treats personal data confidentially and takes all security, technical and organizational measures that guarantee data security.

The Data Controller describes its data management practices below.

 

Name and contact details of controller

If you would like to contact our Company, you can contact the data controller at info@baureiheclothing.com.

The Data Controller deletes all e-mails received, together with personal data, no later than 1 year from the date of data communication.

Name: BauReihe Clothing Limited Liability Company

Headquarters: 7940 Szentlőrinc, József Attila str. 34., Hungary

Company registration number: 02-09-086723

Registering authority: Company Registration Court of Pécs

Tax number: 27844975-2-02

Email: info@baureiheclothing.com

Data Protection Officer

Name: Csaba Kristóf Palkó

Phone number: +43 660 502 4574

 

Scope of processed personal data

 

Personal data

Purpose of data management

User name

Identification and registration.

Password

For secure access to the user account.

Name

For making contact, purchases and issuing invoices.

Address

For statistical purposes.

E-mail and phone number

For making contact and issuing invoices.

Billing address and name

Issuing invoices

Date of purchase/registration

Performing technical operations

IP address at the time of purchase/registration

Performing technical operations

Technical data

The Data Controller selects and operates the IT tools used for the management of personal data during the provision of the service in such a way that the managed data:

  • accessible to those authorized to do so (availability);

  • its authenticity and authentication are ensured (authenticity of data management);

  • its immutability can be verified (data integrity);

  • be protected against unauthorized access (data confidentiality).

The Data Controller protects the data with appropriate measures against unauthorized access, alteration, transmission, disclosure, deletion or destruction, as well as against accidental destruction.

The Data Controller ensures the protection of the security of data management with technical, organizational and organizational measures that provide a level of protection corresponding to the risks associated with data management.

The Data Controller during data management keeps

  • confidentiality: protects the information so that only those authorized to do so can access it;

  • integrity: protects the accuracy and completeness of the information and the method of processing;

  • availability: it ensures that when the authorized user needs it, he can really access the desired information and that the related tools are available.

Cookies

The purpose of cookies:

  • To collect information about visitors and their devices;

  • To note the individual settings of the visitors, which will be used, e.g. when using online transactions, so you don't have to type them in again;

  • To facilitate the use of the website;

  • To provide a quality user experience.

In order to provide customized service, a small data package, so-called a cookie is placed on the computer of the user and is read back during the next visit. If the browser returns a previously saved cookie, the cookie management service provider has the opportunity to connect the user's current visit with previous ones, but only with regard to its own content.

Duration of data management

The data storage period of the given cookie, more information is available here:

Google's general cookie information:

https://www.google.com/policies/technologies/types/

Google Analytics information: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=hu

Facebook information: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

Legal background and legal basis of cookies:

The legal basis for data management is your consent based on Article 6 (1) point a) of the Regulation.

The main characteristics of the cookies used by the website:

Cookies strictly necessary for operation: These cookies are essential for the use of the website and enable the use of the basic functions of the website. In the absence of these, many functions of the site will not be available to you. The lifetime of these types of cookies is limited to the duration of the session.

Cookies to improve the user experience: These cookies collect information about the user's use of the website, for example, which pages are visited most often or what error message is received from the website. These cookies do not collect information that identifies the visitor, that is, they work with completely general, anonymous information. We use the data obtained from these to improve the performance of the website. The lifetime of these types of cookies is limited to the duration of the session.

Google Adwords cookie: When someone visits our site, the visitor's cookie ID is added to the remarketing list. Google uses cookies, such as NID and SID cookies, in Google products, such as to customize the ads displayed in Google Search. For example, it uses such cookies to remember your most recent searches, your previous interactions with ads or search results from certain advertisers, and your visits to advertisers' websites. AdWords conversion tracking uses cookies. To track sales and other conversions resulting from the ad, cookies are saved on the user's computer when that person clicks on an ad. Some of the common uses of cookies are: to select ads based on what is relevant to the user, to improve reporting on campaign performance, and to avoid showing ads that the user has already seen.

Google Analytics cookie: Google Analytics is Google's analysis tool that helps website and application owners get a more accurate picture of their visitors' activities. The service may use cookies to collect information and report statistical data on the use of the website without individually identifying visitors to Google. The main cookie used by Google Analytics is the "__ga" cookie. In addition to the reports generated from website usage statistics, Google Analytics - together with some of the advertising cookies described above - can also be used to display more relevant ads in Google products (such as Google Search) and across the Internet.

Remarketing cookies: May be displayed to previous visitors or users when they browse other websites in the Google Display Network and search for terms related to your products or services

Session cookie: These cookies store the location of the visitor, the language of the browser, the currency of the payment, and their lifetime is until the browser is closed, or a maximum of 2 hours.

Mobile version, design cookie: Detects the device used by the visitor and switches to full view on mobile. Its lifespan is 365 days.

Cookie acceptance cookie: When you arrive at the page, you accept the statement on the storage of cookies in the warning window. Its lifespan is 365 days.

Facebook pixel (Facebook cookie): The Facebook pixel is a code with the help of which a report is prepared on the website about conversions, target audiences can be compiled, and the owner of the page receives detailed analysis data about the visitors' use of the website. With the help of the Facebook pixel, you can display personalized offers and advertisements to website visitors on the Facebook interface. You can read Facebook's privacy policy here: https://www.facebook.com/privacy/explanation

If you do not accept the use of cookies, certain functions will not be available to you. You can find more information about deleting cookies at the following links:

Internet Explorer: http://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie=ie-11

Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer

Mozilla: https://support.mozilla.org/hu/kb/weboldalak-altal-ellyezett-sutik-torlese-szamito

Safari: https://support.apple.com/kb/ph21411?locale=en_US

Chrome: https://support.google.com/chrome/answer/95647

The Data Processor participates in the sending of newsletters based on the contract concluded with the Data Controller. In doing so, the Data Processor processes the data subject's name and e-mail address to the extent necessary for the newsletter.

Purpose, method and legal basis of data management

General data management guidelines

The data management of the Data Controller's activities is based on voluntary consent and legal authorization. In the case of data processing based on voluntary consent, the data subjects may withdraw their consent at any stage of the data processing.

In some cases, the management, storage, and transmission of a range of the provided data is made mandatory by law, of which we notify our customers separately.

We draw the attention of informants to the Data Controller that if they do not provide their own personal data, the informant is obliged to obtain the consent of the data subject.

Its basic data management principles are in line with the applicable legislation on data protection, and in particular with the following:

CXII of 2011 Act - on the right to self-determination of information and freedom of information (Infotv.);

Regulation (EU) 2016/679 of the European Parliament and of the Council (April 27, 2016) - on the protection of natural persons with regard to the processing of personal data and on the free flow of such data, and on the repeal of Regulation 95/46/EC ( general data protection regulation, GDPR);

Act V of 2013 - on the Civil Code (Ptk.);

Act C of 2000 - on accounting (Accounting Act);

Act LIII of 2017 - on the prevention and prevention of money laundering and terrorist financing (Pmt.);

Act CCXXXVII of 2013 - on credit institutions and financial enterprises.

The physical storage locations of the data

Your personal data (that is, the data that can be linked to your person) can be processed by us in the following way: on the one hand, in connection with maintaining the Internet connection, technical data related to the computer you use, browser program, Internet address, and visited pages are automatically generated in our computer system, on the other hand, you can also provide your name, contact information or other data if you wish to contact us personally when using the website.

Technically recorded data during the operation of the system: the data of the computer of the concerned applicant, which are generated during the voting and which the system records as an automatic result of the technical processes. The data that is recorded automatically is automatically logged by the system upon entry and exit without a separate statement or action by the person concerned. This data cannot be combined with other personal user data, except in cases made mandatory by law. Only the data manager and the hosting provider have access to the data.

Data transmission, data processing, the circle of those familiar with the data

Delivery

1. Activity provided by data processor: Delivery of products, transportation

2. Name and contact details of data processors:

Magyar Posta Zrt.

1101 Budapest, Üllői út 114-116.

06-1-767-8282

ugyfelszolgalat@posta.hu

Österreichische Post AG

Unternehmenszentrale, Rochusplatz 1, 1030 Wien, Österreich

+43 800 010 100

Czech post

+420 954 292 103

info@cpost.cz

Česká pošta, s.p.,

Odbor communication,

Postovní příhrádka 99,

225 99 Prague 025

3. The fact of the data management, the scope of the managed data: Delivery name, delivery address, telephone number, e-mail address.

4. Scope of stakeholders: All stakeholders requesting home delivery.

5. Purpose of data management: Delivery of the ordered product to your home.

6. Duration of data management, deadline for deleting data: It lasts until the home delivery is completed.

7. Legal basis for data processing: User's consent, Article 6 (1) point a), Infotv. Paragraph (1) of § 5.

Online payment

  1. Activity provided by data processor: Online payment

  2. Name and contact information of data processor:

Stripe Inc. info@stripe.com

354 Oyster Point Blvd South San Francisco,

CA 94080 United States

3. Fact of data management, scope of managed data: Billing name, billing address, e-mail address.

4. Scope of stakeholders: All stakeholders requesting an online purchase.

5. Purpose of data management: Conducting online payments, confirming transactions and conducting fraud monitoring to protect users.

6. Duration of data management, deadline for deleting data: It lasts until the online payment is completed.

7. Legal basis for data processing: User's consent, Infotv. 5. § (1), Article 6 (1) point a) and Act CVIII of 2001 on certain issues of electronic commerce services and services related to the information society 13/A. § (3).

Storage service provider

  1. Activity provided by the data processor: Storage service

  2. Name and contact information of the data processor:

Shopify Inc. 151 O'Connor Street, Ground floor

Ottawa, ON K2P 2L8 Canada

3. The fact of the data processing, the scope of the processed data: All personal data provided by the data subject.

4. Scope of stakeholders: All stakeholders using the website.

5. Purpose of data management: Making the website available and operating it properly.

6. Duration of data management, deadline for data deletion: Data management lasts until the termination of the agreement between the data controller and the storage provider, or until the deletion request addressed to the storage provider by the data subject.

7. Legal basis for data processing: User's consent, Infotv. Section 5 (1), Article 6 (1) point a) and Act CVIII of 2001 on certain issues of electronic commerce services and services related to the information society 13/A. § (3).

Invoicing

1. Activity performed by the data processor: issuing invoices

2. Name and contact information of the data processor:

Billingo Technologies Zrt.

1133 Budapest, Árbóc str. 6. III. Floor

3. The fact of the data management, the scope of the managed data: Billing name, billing address, e-mail address.

4. Scope of stakeholders: All stakeholders requesting an online purchase.

5. Purpose of data management: Issuing an invoice

6. Duration of data management, data deletion deadline: Until the invoice is issued and sent.

7. Legal basis for data processing: User's consent, Infotv. Section 5 (1), Article 6 (1) point a) and Act CVIII of 2001 on certain issues of electronic commerce services and services related to the information society 13/A. § (3).

The Data Processor participates in the registration of orders based on the contract concluded with the Data Controller. In doing so, the Data Processor processes the data subject's name, address, telephone number, number and date of orders within the civil law limitation period.

Your rights and remedies

Within the period of data management, you are entitled to the following rights according to the provisions of the Regulation:

  • the right to withdraw consent

  • access to personal data and information about data management

  • right to rectification

  • restriction of data management,

  • right to erasure

  • right to protest

  • right to portability.

If you wish to exercise your rights, it involves your identification, and the Data Controller must communicate with you as necessary. Therefore, for the purpose of identification, it will be necessary to provide personal data (but the identification can only be based on data that the Data Controller manages about you anyway), and your complaint about data management will be available in the Data Controller's email account within the period specified in this information regarding complaints. If you were a customer of ours and would like to identify yourself in order to handle complaints or warranty, please enter your order ID for identification. Using this, we can also identify you as a customer.

The Data Controller will respond to complaints related to data management within 30 days at the latest.

Right to information

The Data Controller takes appropriate measures in order to provide the data subjects with all information regarding the processing of personal data referred to in Articles 13 and 14 of the GDPR and Articles 15-22. and provide each piece of information according to Article 34 in a concise, transparent, comprehensible and easily accessible form, clearly and comprehensibly worded.

The data subject's right of access

You are entitled to receive feedback from the Data Controller as to whether your personal data is being processed, and if it is being processed, you are entitled to:

  • get access to the processed personal data and

  • the Data Controller informing of the following information:

  • the purposes of data management;

  • categories of personal data processed about you;

  • information about the recipients or categories of recipients to whom the personal data has been or will be disclosed by the Data Controller;

  • the planned period of storage of personal data or, if this is not possible, the criteria for determining this period;

  • your right to request from the Data Controller the correction, deletion or restriction of processing of your personal data and, in the case of data processing based on legitimate interests, to object to the processing of such personal data;

  • the right to submit a complaint to the supervisory authority;

  • if the data was not collected from you, any available information about its source;

  • about the fact of automated decision-making (if such a procedure is used), including profiling, as well as, at least in these cases, comprehensible information about the logic used and the significance of such data management and the expected consequences for you.

The purpose of exercising the right may be aimed at establishing and checking the legality of data management, therefore, in case of multiple requests for information, the Data Controller may charge a fair fee in exchange for providing the information.

Access to personal data is ensured by the Data Controller by sending the processed personal data and information to you by email after your identification. If you have registered, we provide access so that you can view and check your personal data by logging into your user account.

Please indicate in your request that you are requesting access to personal data or information related to data management.

Right to rectification

You have the right to request that the Data Controller correct inaccurate personal data concerning you without delay.

Right to erasure

If one of the following reasons exists, the data subject has the right to request that the Data Controller delete his/her personal data without undue delay:

  • personal data are no longer needed for the purpose for which they were collected or otherwise processed;

  • the data subject withdraws the consent that forms the basis of the data management, and there is no other legal basis for the data management;

  • the data subject objects to data processing and there is no overriding legal reason for data processing;

  • personal data has been processed unlawfully;

  • the personal data must be deleted in order to fulfill the legal obligation prescribed by the EU or Member State law applicable to the data controller;

  • the collection of personal data took place in connection with the offering of services related to the information society.

Data deletion cannot be initiated if data management is necessary: ​​for the purpose of exercising the right to freedom of expression and information; for the purpose of fulfilling the obligation under the EU or Member State law applicable to the data controller requiring the processing of personal data, or for the execution of a task performed in the public interest or in the context of the exercise of public authority conferred on the data controller; affecting the field of public health, or for archival, scientific and historical research purposes or for statistical purposes, on the basis of public interest; or to submit, assert or defend legal claims.

The right to restrict data processing

At the request of the data subject, the Data Controller restricts data processing if one of the following conditions is met:

  • the data subject disputes the accuracy of the personal data, in this case the limitation is for that period of time

  • applies, which allows checking the accuracy of personal data;

  • the data processing is illegal and the data subject opposes the deletion of the data and instead requests the restriction of its use;

  • the data controller no longer needs the personal data for the purpose of data management, but the data subject requires them to present, enforce or defend legal claims; obsession

  • the data subject objected to data processing; in this case, the restriction applies to the period until it is determined whether the legitimate reasons of the data controller take precedence over the legitimate reasons of the data subject.

If data management is subject to restrictions, personal data may only be processed with the consent of the data subject, with the exception of storage, or to submit, enforce or defend legal claims, or to protect the rights of another natural or legal person, or in the important public interest of the Union or a member state.

Right to data portability

If the data management is carried out in an automated way or if the data management is based on your voluntary consent, you have the right to ask the Data Controller to receive the data you have provided to the Data Controller, which the Data Controller sends in xml, JSON or csv format to your at your disposal, if this is technically feasible, you can request that the Data Controller forward the data in this form to another data controller.

Right to protest

The data subject has the right to object at any time for reasons related to his own situation to the processing of his personal data necessary for the performance of a task carried out in the public interest or within the framework of the exercise of public authority granted to the data controller, or the processing necessary to enforce the legitimate interests of the data controller or a third party, including profiling based on the aforementioned provisions too. In the event of a protest, the data controller may no longer process the personal data, unless it is justified by compelling legitimate reasons that take precedence over the interests, rights and freedoms of the data subject, or that are related to the presentation, enforcement or defense of legal claims.

Automated decision-making in individual cases, including profiling

The data subject has the right not to be covered by the scope of a decision based solely on automated data management, including profiling, which would have a legal effect on him or affect him to a similar extent.

Right of withdrawal

The data subject has the right to withdraw his consent at any time.

Right to go to court

In the event of a violation of their rights, the data subject may apply to the court against the data controller. The court acts out of sequence in the case.

Data protection official procedure

You can file a complaint with the National Data Protection and Freedom of Information Authority:

Name: National Data Protection and Freedom of Information Authority

Headquarters: 1125 Budapest, Szilágyi Erzsébet fasor 22/C. Mailing address: 1530 Budapest, Pf.: 5., Hungary

Phone: 0613911400

Fax: 0613911410

E-mail: ugyfelszolgalat@naih.hu Website: http://www.naih.hu

Other provisions

We provide information on data management not listed in this information when the data is collected.

We inform our customers that the court, the prosecutor, the investigative authority, the infringement authority, the public administrative authority, the National Data Protection and Freedom of Information Authority, the Hungarian National Bank, or other bodies based on the authorization of the law, provide information, communicate data, transfer documents, or they can contact the data controller to make it available.

If the authority has specified the exact purpose and scope of the data, the Data Controller will only release personal data to the authorities to the extent and to the extent that is absolutely necessary to achieve the purpose of the request.

This document contains all relevant data management information regarding the operation of the webshop in accordance with the European Union's General Data Protection Regulation No. 2016/679 (hereinafter: Regulation. GDPR) and Act CXII of 2011 (hereinafter: Infotv.).