Barion Pixel

Privacy notice

Introduction

Szilas Aroma Kft (headquarters: 2144 Kerepes, Szabadság út 252. tax number: (10673047-2-13 hereinafter: Service provider, data controller) submits to the following information.

REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL On the protection of natural persons with regard to the processing of personal data and on the free flow of such data and on the repeal of Regulation 95/46/EC (General Data Protection Regulation) (April 2016) 27.), we provide the following information.

This data management information sheet regulates the data management of the following pages: https://www.maxaroma.hu/

The information on data management is available from the following page: https://www.maxaroma.hu/adatvedelmi-declarazat

Amendments to the prospectus will take effect upon publication at the above address.

The data manager and his contact details:

Name: Szilas Aroma Kft

Headquarters: 2144 Kerepes, Szabadság út 252.

E-mail: aroma@szilas.hu

Phone: 06306832018

Term definitions

  1. “personal data”: any information relating to an identified or identifiable natural person (“data subject”); a natural person can be identified directly or indirectly, in particular on the basis of an identifier such as name, number, location data, online identifier or one or more factors relating to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person identifiable;
  2. “data management”: any operation or set of operations performed on personal data or data files in an automated or non-automated manner, such as collection, recording, organization, segmentation, storage, transformation or change, query, insight, use, communication, transmission, distribution or by making it available in another way, coordinating or connecting, limiting, deleting or destroying;
  3. “data controller”: the natural or legal person, public authority, agency or any other body that determines the purposes and means of processing personal data independently or together with others; if the purposes and means of data management are determined by EU or member state law, the data controller or the special aspects regarding the designation of the data controller may also be determined by EU or member state law;
  4. “data processor”: the natural or legal person, public authority, agency or any other body that processes personal data on behalf of the data controller;
  5. “recipient”: the natural or legal person, public authority, agency or any other body to whom or to which the personal data is communicated, regardless of whether it is a third party. Public authorities that have access to personal data in accordance with EU or Member State law in the context of an individual investigation are not considered recipients; the handling of said data by these public authorities must comply with the applicable data protection rules in accordance with the purposes of data management;
  6. “consent of the data subject”: the voluntary, specific and well-informed and clear statement of the will of the data subject, by which the data subject indicates through a statement or an act clearly expressing the confirmation that he gives his consent to the processing of personal data concerning him;
  7. “data protection incident”: a breach of security that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or unauthorized access to personal data transmitted, stored or otherwise handled.

Principles for handling personal data

Personal data:

  1. it must be handled legally and fairly, as well as in a transparent manner for the data subject (“legality, fair procedure and transparency”);
  2. should only be collected for specific, clear and legitimate purposes, and should not be handled in a way that is incompatible with these purposes; in accordance with Article 89 (1), further data processing for the purpose of archiving in the public interest, for scientific and historical research purposes, or for statistical purposes is not considered to be incompatible with the original purpose (“purpose limitation”);
  3. they must be appropriate and relevant from the point of view of the purposes of data management, and must be limited to what is necessary (“data economy”);
  4. they must be accurate and, if necessary, up-to-date; all reasonable measures must be taken to promptly delete or correct personal data that is inaccurate for the purposes of data management (“accuracy”);
  5. storage must take place in a form that identifies the data subjects only for the purposes of personal data management eallows for the time necessary for learning; personal data may be stored for a longer period only if the personal data will be processed in accordance with Article 89 (1) for the purpose of archiving in the public interest, for scientific and historical research purposes or for statistical purposes, the rights of the data subjects and subject to the implementation of appropriate technical and organizational measures required to protect your freedoms (“limited storage capacity”);
  6. it must be handled in such a way that adequate security of personal data is ensured by the application of appropriate technical or organizational measures, including protection against unauthorized or unlawful processing, accidental loss, destruction or damage of data (“integrity and confidentiality”).

Data management

Hosting provider

  1. Activity provided by data processor: Storage service
  2. Name and contact information of data processor:
    Tárhelypark Kft.
    Headquarters: 1122 Gaál József út 24.
    Phone number: +36 1 700 41401 422-1836
    Mailing address: 1122 Gaál József út 24.
    E-mail: info@tarhelypark.hu

The data controller is responsible for compliance with the above, and must also be able to prove this compliance (“accountability”).

  1. Fact of data management, scope of managed data: All personal data provided by the data subject.
  2. Group of stakeholders: All stakeholders who use the website.
  3. Purpose of data management: Making the website available and operating it properly.
  4. Duration of data management, deadline for data deletion: Data management lasts until the termination of the agreement between the data manager and the storage provider, or until the deletion request addressed to the storage provider by the data subject.
  5. Legal basis for data processing: User’s consent, Infotv. Section 5 (1), Article 6 (1) point a) and CVIII of 2001 on certain issues of electronic commerce services and services related to the information society. Act 13/A. Paragraph (3) of §.

Cookie management

  1. Cookies specific to websites
  2. Fact of data management, scope of managed data: Unique identification number, dates, times
  3. Group of stakeholders: All stakeholders who visit the website.
  4. Purpose of data management: Identification of users and tracking of visitors.
  5. Duration of data management, deadline for data deletion:
Cookie type Legal basis for data management Duration of data management Managed data circle
Session cookies CVIII of 2001 on certain issues of electronic commercial services and information society services. Act (Elkertv.) 13/A. Section (3) Period until the relevant visitor session is closed connect.sid

The duration of data management in the case of Addthis cookies lasts 2 years.

  1. Person of the possible data controllers entitled to access the data: The data controller does not manage personal data through the use of cookies.
  2. Description of the rights of data subjects related to data management: The data subject has the option to delete cookies in the Tools/Settings menu of browsers, usually under the settings of the Data Protection menu item.
  3. Legal basis for data management: Consent from the data subject is not required if the sole purpose of using cookies is the transmission of information via an electronic communication network or if the service provider absolutely needs it to provide a service related to the information society specifically requested by the subscriber or user.

Using Google Adwords conversion tracking

  1. The data controller uses the online advertising program called “Google AdWords”, and also uses Google’s conversion tracking service within its framework. Google conversion tracking is an analytics service of Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, USA; “Google”).
  2. When a User accesses a website through a Google ad, a cookie required for conversion tracking is placed on their computer. The validity of these cookies is limited and they do not contain any personal data, so the User cannot be identified by them.
  3. When the User browses certain pages of the website and the cookie has not yet expired, both Google and the data controller can see that the User has clicked on the ad.
  4. Each Google AdWords customer receives a different cookie, so they cannot be tracked through the websites of AdWords customers.
  5. The information – obtained with the help of conversion tracking cookies – serves the purpose of AdWords conve