Registration

Customer support:info@woodendoorhandles.comRegister
Home / Data Processing

Data Processing

Molnár Attila e.v. data processing information 

Molnár Attila e.v.

Registered office: Hungary 5700 Gyula, Csabai st. 82.

Representative: Molnár Attila c.t.

E-mail: info@fakilincs.hu

       The policy was prepared in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46 (General Data Protection Regulation). When drafting the policy, we used information from the regulation and NAIH information sheets, among others.





Table of Contents


         1.General Provisions


         2.Data Controller Details


         3.Data Protection Officer Details


         4.Principles


         5.Security Measures


         6.Security Measures Applied to Employees


         7.Protection Measures


         8.Principles Applied in Security Measures


    

  1. 

     
    

    2. 





III. Data Management

Definition of Data Management Activity
Newsletter Subscription
Data Management Activities

3.1. Product Purchase Without Registration

3.2. Product Purchase With Registration

3.3. Registration

3.4. Newsletter Subscription

3.5. Server Data

3.5. Use of Cookies

Rights of Data Subjects

4.1. Right to Erasure

4.2. Right to Information

4.3. Right to Feedback

4.4. User’s Right of Access

4.5. Right to Rectification

4.6. Right to Restriction of Data Processing

4.7. Right to Object




    

  1. 

    Data transfer
    

    2. 

  2. 

    Data protection incident management
    

    3. 

  3. 

    Restrictions
    

    4. 

  4. 

    Records of data processing activities
    

    5. 

  5. 

    Complaint handling
    

    6. 

  6. 

    Complaint handling location
    

    7. 

  7. 

    Complaint handling method
    

    8. 

  8. 

    Rights of enforcement
    

    9. 

  9. 

    General provisions
    

    10. 

  10. 

    Data controller details
    

    11. 

  11. Molnár Attila e.v. (in this information, as the Company) has created the following data protection information (hereinafter: Information) for the purpose of recording the commercial activity of interior design wood products and ensuring the rights of the data subjects:
    12. 





Data Controller

- Company name: Molnár Attila e.v.
- Registered office: 5700 Gyula, Csabai út 82.
- Tax number: 67946246-1-24
- Registration number: 50986673
- Representative: Molnár Attila c.t.
- E-mail address: info@fakilincs.hu










 


    

  1. 

    Data Protection Officer details

The Company has not appointed a Data Protection Officer.
    

    2. 

  2. Principles With this information and by making it available, the Company intends to ensure the fulfillment of its obligations set out in the GDPR regulation, including the obligation to inform data subjects. The purpose of this policy is to ensure that data subjects receive appropriate information about the data processed by the Company or transmitted to the data processor it has commissioned, the name and address of the data processor, the purpose of data processing, legal basis, duration, and legal basis for data transfer. The Company processes the personal data of external partners only with the prior written consent of the data subject, or for the performance of the contract or for the fulfillment of a legal obligation. The Company always informs the data subject of the purpose of data processing and the legal basis for data processing before recording the data.

     
    

    3. 



    

  • When processing personal data, the Company takes into account the following principles: Lawfulness, fairness and transparency: Personal data must be processed lawfully and fairly, and in a manner that is transparent to the User; Personal data is collected only for specified, explicit and legitimate purposes and is not processed in a manner that is incompatible with those purposes;
    • 

  • Accuracy: Personal data must be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes of the processing, are erased or rectified without delay;
    • 

  • Limited storage: Personal data must be stored in a form that allows identification of Users only for the time necessary to achieve the purposes of processing personal data; personal data may only be stored for a longer period if the personal data will be processed for archiving purposes in the public interest, scientific and historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organizational measures required by the GDPR to protect the rights and freedoms of the Partner;
    • 

  • Integrity and confidentiality must be managed in such a way that appropriate technical or organizational measures are used to ensure the appropriate security of personal data, including protection against unauthorized or unlawful processing, accidental loss, destruction or damage to the data.
    • 

  • Accountability: The Company is responsible for compliance with the Principles and must be able to demonstrate this compliance.
    • 



    

  1. 

    Security measures
    

    2. 

  2. 

    Security measures applied to employees
    

    3. 



     The employees of the Company who perform data processing and the persons who participate in data processing on behalf of the Company are obliged to treat the personal data they have come to know as a business secret and to preserve them. The persons who handle personal data and have access to them are obliged to make a Confidentiality Statement. The Company's employees ensure in their work that unauthorized persons cannot view personal data, and that the storage and placement of personal data is designed in such a way that it cannot be accessed, learned, changed or destroyed by unauthorized persons.










The Company's data protection system is supervised by the data protection officer.




 


    

  1. 

    Protective measures
    

    2. 



In order to ensure the security of personal data processed on paper, the Company applies the following measures: 


- the data may only be accessed by authorized persons, and may not be accessed by others, or disclosed to others; 


- the documents are stored in a well-locked, dry room equipped with fire protection and property protection equipment; 


- only authorized persons may access documents that are in continuous active management;


- the Company's data processing employee may only leave the premises where data processing is taking place during the day by locking the data carriers entrusted to him or by closing the office; 


- the Company's data processing employee locks the paper-based data carrier after completing work In order to ensure the security of personal data stored on the computer or network, the Company applies the following measures and guarantee elements in accordance with the provisions of its effective IT regulations: 


- the computers used during data processing are the property of the Company, or the Company has rights over them equivalent to ownership rights;


- the processed data can always be accessed with a valid, personal, identifiable authorization; 


- all computer records with the data are logged in a traceable manner; 


- if the legal basis for any data processing has ceased, the data will be permanently deleted in such a way that the data cannot be recovered again;




- the Company continuously ensures virus protection on the network that processes personal data;

- it does everything possible to prevent unauthorized persons from accessing the network using the available IT tools.




    

  1. 

    

    Principles applied in security measures
    

    

    2. 



 The Company, taking into account the state of science and technology and the costs of implementation, as well as the nature, scope, circumstances and purposes of data processing, as well as the risk of varying likelihood and severity to the rights and freedoms of natural persons, implements appropriate technical and organizational measures in order to guarantee a level of data security appropriate to the degree of risk, including; the ability to restore access to and availability of personal data in a timely manner in the event of a physical or technical incident; a procedure for regularly testing, assessing and evaluating the effectiveness of the technical and organizational measures taken to guarantee the security of data processing.


The Company has not joined any approved codes of conduct or approved GDPR certification mechanism.
The physical location of the data is the Company's registered office.


III. Data management


    

  1. Az adatkezelési tevékenység meghatározása:
    2. 



A Társaság az alábbi tevékenységet látja el magánszemélyek felé:


    

  • Sale of materials and tangible assets via website
    • 

  • Sale of materials and tangible assets in a business premises
    • 



The Company stores the following data from its partners in order to fulfill its obligations under the contract concluded with it: name, address, billing information, other data related to the purchase of the product.


    

  1. 

    Newsletter subscription
    

    2. 



Users who have checked the box next to "Newsletter subscription" when registering or who later subscribe to the newsletter on the website, thereby indicating that they "will require newsletters sent by the web store in the future", will have their e-mail address recorded by the Service Provider among those subscribed to the Newsletter and will thus send them newsletters in the future. After subscribing to the newsletter, the Service Provider will send the User a confirmation e-mail, in which they will also be informed about the possibility and method of unsubscribing.








    

  1. 

    

    Data management activities
    

    

    

    

    

    2. 



3.1. Product purchase without registration


 






 






Data category


Purpose of data processing




Legal basis of data




Lorage period




Data Transfer








Name


Contact and identification


fulfillment of contract and legal obligation, VAT tv. 169




contract and legal obligation accounting tv. 169. - courier service until the deadline, fulfillment of accountant 5, VAT TV. 169


courier service, accountant






E-mail


Contact
necessary for the performance of the contract
Contract Performance
hosting provider






Telefon nummer


Contact
Contract Performance
courier services






billing address


Fulfillment of invoice obligation
Compliance with legal obligations, VAT TV. 169
Accounting TV. 169. by a fixed deadline
accountant






shipping address


package delivery
necessary for the performance of the contract
courier service, accountant










 




3.2. Product purchase with registration




 






Data category


Purpose of data processing




Legal basis of data




Lorage period




Data Transfer








Name


Contact and identification


fulfillment of contract and legal obligation, VAT tv. 169


Accounting TV. 169. by a fixed deadline
courier service, accountant






E-mail


Contact
necessary for the performance of the contract


until the termination of registration, but maximum 5 years after the last purchase


hosting provider






Telefon 




Contact


courier service






billing address


Fulfillment of invoice obligation
Compliance with legal obligations, VAT TV. 169
Accounting TV. 169. by a fixed deadline
accounting






shipping address


package delivery
performance of a contract


until the termination of registration, but maximum 5 years after the last purchase


courier service, accounting






3.3. Registration






Data category


Purpose of data processing




Legal basis of data




Lorage period




Data Transfer








Name


facilitating the purchase of products, monitoring ongoing product orders
contribution of the data subject GDPR 6. Article 1 a
withdrawal of consent


hosting provider








E-mail








  


3.4. Newsletter subscription






Data category


Purpose of data processing




Legal basis of data




Lorage period




Data Transfer








Name


marketing activities, updates, new products, promotions, information about events
contribution of the data subject GDPR 6. Article 1 a
withdrawal of consent


hosting provider








E-mail








3.5. Server data






Data category


Purpose of data processing




Legal basis of data




Lorage period




Data Transfer




 








ip address, date and place of visit




Statistical analysis of the company, economic efficiency




contribution of the data subject GDPR 6. Article 1 a




withdrawal of consent




hosting provider














3.6. Use of Cookies 


Depending on the Cookie settings, additional data may also be processed (in particular data related to user/visitor habits and behaviors).


    

  1. 

    Rights of Data Subjects
    

    2. 





4.1. Right to erasure of data




The User may request the deletion of personal data without undue delay 


– in person or in writing by sending an e-mail, if
- the personal data are no longer necessary for the purposes for which they were collected or otherwise processed; 


- the data subject withdraws his or her consent on which the processing is based and there is no other legal basis for the processing;  


- the data subject objects to the processing of his or her data and there are no overriding legitimate grounds for the processing; 


- the personal data have been processed unlawfully; 


- the personal data must be erased for compliance with a legal obligation to which the controller is subject under Union or Member State law; 


- the personal data were collected in connection with the provision of information society services.


The Service Provider does not delete data that it is obliged to store due to legal requirements. Considering that during the purchase of a product, the Service Provider issues an invoice to the User, the name and address on the invoice, as well as the date of purchase, date of delivery, purchased product and its amount will remain in the invoicing program and on the invoice even after the User or any of his/her data is deleted, until the obligation specified in the Accounting Act is fulfilled.


 




4.2. Right to information




The User has the right to request information from the Service Provider in person or in writing about the processing of his/her personal data, the method of data processing, its blocking, deletion, and any measures related to his/her processed data at any time. The User may at any time request the Service Provider to view his/her personal data.


 


4.3. Right to feedback


The User has the right to receive feedback from the Service Provider as to whether his/her personal data is being processed, and if such processing is in progress, he/she has the right to access the personal data and the following information:


 


- the purposes of the processing; the categories of personal data concerned; 


- the recipients or categories of recipients to whom the personal data have been or will be disclosed, including in particular recipients in third countries or international organisations;


- where applicable, the planned period for which the personal data will be stored or, where that is not possible, the criteria for determining that period; 


- the right of the data subject to obtain from the controller rectification, erasure or restriction of processing of personal data concerning him or her and to object to the processing of such personal data; 


- the right to lodge a complaint with a supervisory authority; 


- where the data were not collected from the data subject, any available information on their source.


 


4.4. User's right of access


The Service Provider makes the personal data subject to data management available to the User in the confirmation e-mail after registration. The User can view the data managed by the User at any time under the “Profile” menu item by clicking on the Profile menu item in the upper left corner after logging in to the website.


 




4.5. Right to rectification










The User has the right to initiate changes to the data managed by the Service Provider at any time under the "Profile" menu item.




4.6. Right to restriction of data processing




The User has the right to request that the Service Provider restrict data processing if one of the following applies:
- The User disputes the accuracy of the personal data, in which case the restriction shall apply for a period enabling the Service Provider to verify the accuracy of the personal data; 


- the processing is unlawful, but the User opposes the erasure of the data and instead requests the restriction of their use;
 - the Service Provider no longer needs the personal data concerned for the purposes of the processing, but the Data Subject requires them for the establishment, exercise or defence of legal claims; 


- or the User has objected to the processing; in which case the restriction shall apply for a period of time until it is determined whether the legitimate grounds of the Data Controller override those of the Data Subject.


 


If data processing is subject to restrictions, such personal data may only be processed, with the exception of storage, with the consent of the User, or for the establishment, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person, or for important public interest reasons of the Union or a Member State. The Service Provider shall inform the User concerned, at whose request data processing has been restricted, in advance of the lifting of the restriction on data processing. 


 


4.7. Right to object


The User has the right to object at any time to the processing of his/her personal data for reasons relating to his/her own situation in the following cases:


- the data processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Service Provider 


– there is currently no such need 


– or the data processing is necessary for the purposes of the legitimate interests of the Service Provider or a third party,


unless these interests are overridden by the interests or fundamental rights and freedoms of the User which require the protection of personal data. In such a case, the Service Provider may no longer process the personal data unless it proves that the processing is justified by compelling legitimate grounds which override the interests, rights and freedoms of the User or which are related to the establishment, exercise or defence of legal claims.


 


The processing of personal data provided by the User to the Service Provider for purposes other than the original purpose of their collection may only take place if the data processing is compatible with the original purpose of the data processing. The User may initiate the modification or deletion of his/her data, or the notification of his/her objection to the data processing at any time by sending an e-mail to the Service Provider’s central e-mail address, or if the Profile menu item allows this, under the Profile menu item. The Service Provider shall respond to the User’s letter without undue delay, but no later than within one month – or, if this policy specifies a shorter period, within the period specified therein – and shall comply with his/her request – if it is compatible with his/her rights as set out in the law. The Service Provider informs the User that profiling and automated decision-making will not be carried out with the processed data.


    

  1. 

    

    Transmission of data
    

    

    2. 



In order to deliver the ordered goods, the Service Provider provides the following data to the supplier or the supplier's agent: customer name, company name, full delivery address, order amount, invoice number, payment method, customer's telephone number and e-mail address.


 




Delivery Service Providers details: 






GLS General Logistics Systems Hungary Parcel Logistics Limited Liability Company

- Headquarters: Hungary 2351 Alsónémedi, GLS Európa utca 2.
- Company registration number: 13-09-111755.
- Tax number: 12369410-2-44
- Telephone: (+36 29) 886 700. Mobile: (+36 20) 890-0660 *
- E-mail: info@gls-hungary.com.




 


Hungarian Posta ZRT. Company

- Registered office: Hungary 1138 Budapest, Dunavirág utca 2-6. 


- Company registration number: 01-10-042463 • 
- Tax number: 10901232-2-44 


- Telephone: +36 1 333 7777 


- E-mail address: ugyfelszolgalat@posta.hu





By selecting the “Delivery by courier” delivery method, the User expressly consents to the Service Provider forwarding the data provided by the User to GLS Hungary Korlátolt Felelfösségű Társaság or Magyar Posta Zártkórűen Működő Részvénytársaság in order to deliver the ordered product(s). In order to perform the tasks of an accountant under an employment contract with the Service Provider, the accountant receives invoices issued by the Service Provider, which include the User’s name, address, the product ordered by him, its amount, and the date of completion. At the same time as ordering the product, the User expressly consents to the Service Provider forwarding the issued invoice to the contractor performing the accounting tasks under an employment contract with him. 




 


Accountant details: 

- Name: AKTÍV ADÓ Kft. 
- Managing Director Ildikó Tóthné Szabó
Registered at: Hungary 5720 Sarkad, Bartók Béla str. 1.
Tax number: 25595637-1-04
Contact: aktivkiroda@gmail.com 


Hosting provider:




Name: Shoptet Kft.

Company registration number: 01-09-357795

Tax number: 27933460-2-41

Head office: Hungary 1027 Budapest, Kacsa utca 15-23.

Location: Hungary 1027 Budapest, Kacsa utca 15-23.

Place of business: Hungary 1027 Budapest, Kacsa utca 15-23.

Phone: +36 70 792 0527

E-mail address: info@shoptet.hu





Online payment service provider for bank cards:


Name: Shoptet Kft. 


Company registration number: 01-09-357795 


Tax number: 27933460-2-41 


Head office: Hungary 1027 Budapest, Kacsa utca 15-23. 


Location: Hungary 1027 Budapest, Kacsa utca 15-23. 


Place of business: Hungary 1027 Budapest, Kacsa utca 15-23. 


Phone: +36 70 792 0527 


E-mail address: info@shoptet.hu


 


    

  1. 

    

    Data protection incident management
    

    

    

    

    

    2. 



The Service Provider shall, as soon as it becomes aware of a data breach concerning data processed by it, notify the relevant supervisory authority without undue delay and, where feasible, no later than 72 hours after it has become aware of the data breach, unless it can demonstrate, in accordance with the principle of accountability, that the data breach is unlikely to result in a risk to the rights and freedoms of natural persons. If the notification cannot be made within 72 hours, the reason for the delay shall be stated and the required information shall be provided in detail without further undue delay.


 


In the event of a data breach, the Service Provider shall inform the User without undue delay if the data breach is likely to result in a high risk to the rights and freedoms of the User, in order to enable the User to take the necessary precautions. The Service Provider shall describe in the information the nature of the data breach and the recommendations for the affected User to mitigate the potential adverse effects. After the detection of the Data Breaches, the Service Provider shall examine whether all appropriate technological protection and organizational measures have been implemented, on the one hand, in order to promptly identify the data breach, and on the other hand, to notify the supervisory authority and to urgently notify the data subject.


To this end, the executive acting on behalf of the Service Provider shall convene the members, all persons handling the data, and an external IT expert within 24 hours of being notified of the incident to determine the cause of the incident, to develop action plans that have been and will be carried out, and to take the necessary measures to avoid future incidents.


    

  1. 

    Restrictions
    

    2. 



On behalf of the User who is under the age of 16 or otherwise incapacitated, the legal 8. Records of data processing activities The Service Provider keeps records of data processing activities. This record contains the following information:


 


- the name and contact details of the controller; 


- the purposes of the processing;


- a description of the categories of data subjects and the categories of personal data;


- the categories of recipients to whom the personal data are or will be disclosed;


- if possible, the deadlines for erasure of the different categories of data.


 


The Company informs the Partner that profiling and automated decision-making will not be carried out with the processed data.


1. Complaints handling

2. Complaint handling location

The Buyer may submit any objections regarding the product or the data processing activities of MOLNÁR ATTILA e.v. to the data controller's contact details specified in point 1.


 






Complaint handling method






In the case of a verbal complaint communicated by telephone or using other electronic communication services, MOLNÁR ATTILA e.v. shall send the Buyer a copy of the minutes at the latest together with the substantive response. In all other cases, MOLNÁR ATTILA e.v. shall proceed in accordance with the rules applicable to written complaints. MOLNÁR ATTILA e.v. shall assign a unique identifier to the complaint recorded by telephone or using other means of communication, which will simplify the retrieval of the complaint later. MOLNÁR ATTILA e.v. shall respond to the complaint received in writing within 15 days. This measure shall mean sending it by post within the meaning of this contract. In the event of rejection of the complaint, MOLNÁR ATTILA e.v. shall inform the Data Subject of the reason for the rejection.


    

  1. 

    

    Legal enforcement options
    

    

    2. 



In the event of a suspected violation of the rights related to the processing of their personal data, any data subject may contact the competent court, in the capital the Metropolitan Court, or initiate an investigation at the National Data Protection and Freedom of Information Authority (chairman: dr. Attila Péterfalvi, 1024 Budapest, Szilágyi Erzsébet fasor 22/C, üçünszolgálat@naih.hu, 036-13911400, www.naih.hu) 


 


This Data Protection Notice enters into force on: 18 February 2025.


 


 


 

            

        
    


    

                    

    

    
            
    
                    

                

                        
                    

                        

                            

                        

                    

                

            

            

                                

                        
                    

                        
What are you looking for?