Introduction
A TorTer e-Design Kft. always carries out its data processing activities—by implementing the appropriate technical and organizational measures—in accordance with the provisions of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (henceforward as the Regulation) and the provisions of Act CXII of 2011 on the right to self-determination as regards information and freedom of information (henceforward as Infotv.).
TorTer e-Design Kft. as the operator of the website www.torter.hu informs visitors of its website and social networking sites (henceforward as the “data subject”) that it will perform the processing of their data in accordance with the following Privacy Policy (henceforward as the “Policy”). TorTer e-Design Kft. reserves the right to change the Policy to continuously update it to follow the subsequent changes in the legislative background and the legal changes of its internal policies.
The purpose of this Policy is to inform the data subjects about the regulation applicable to the data processing activities performed by our company in relation to its website and social networking sites.
The Data Controller:
Name: | TorTer e-Design Kft. (henceforward as the Data Controller) |
Registered seat: | 1184 Budapest, Fáy utca 2. |
Tax number: | 13308669-2-43 |
Phone number: | +36 30 527-0666 |
Email address: | info@torter.hu |
adatvedelem@torter.hu | |
Website: | www.torter.hu |
Facebook: | www.facebook.com/torter |
Instagram: | www.instagram.com/torterdesign |
Flickr: | www.flickr.com/photos/torter |
YouTube: | https://www.youtube.com/channel/UCqJmR44QMxh4tJSWneH5mxA |
Controlled and processed data
1 Visiting the website of the Data Controller
No personal data is required to be given to view the information on the website of the Data Controller. Visitors to this site will not have the opportunity to subscribe to a newsletter or otherwise register. The data subjects can use the contact information—phone number and/or email address—to request information and quotes.
- Data processing in case of request for information
The Data Controller provides the possibility for the data subjects to request information using the contact information specified on the website.
The legal basis for data processing due to requests for information is the voluntary consent of the data subjects.
Data subjects are the natural persons who contact the Data Controller to request information and provide their personal information.
Scope and purpose of data processed:
Scope of data | Purpose |
- name | - identification |
- phone number | - contact |
- email address | - contact |
- subject of the enquiry | - identification of the enquiry |
- content of the enquiry | - basis for the response |
The purpose of data processing is to provide the correct information for the data subject and to maintain contact.
The duration of data processing ends with the fulfilment of its purpose.
- Data processing in case of quote requests
The Data Controller provides the possibility for the data subjects to request quote using the contact information specified on the website.
The legal basis for data processing due to requests for quote is the voluntary consent of the data subjects.
Data subjects are the natural persons who contact the Data Controller to request quote and provide their personal information.
Scope and purpose of data processed:
Scope of data | Purpose |
- name | - identification |
- phone number | - contact |
- email address | - contact |
- subject of the quote | - identification of the quote |
- content of the quote | - basis for the quote |
The purpose of data processing is to provide the correct quote for the data subject and to maintain contact.
The duration of data processing ends with the fulfilment of its purpose.
2 Links
The website of the Data Controller contains links to websites that are not operated by the Data Controller (typically social networking sites). The Data Controller has no control over the content and security of websites operated by other parties, and therefore not liable in relation to these.
3 Use of web analysis services (cookies)
According to Section 155 (4) of Act C of 2003 on Electronic Communications: “Data can only be store or accessed on the electronic communications terminal of a subscriber or user, on the sole basis of the consent of the relevant user or subscriber following the provision of a clear and complete—including the purpose of data processing as well—description.”
Based on the above, the Data Controller provides the following information about the analytical tools it uses, that is, about the use of cookies.
The Data Controller created its website with the help of www.google.com. The websites www.google.com and the one created using it use the following cookies, but the Data Controller does not use these cookies in any way. The cookies used can communicate between the user's device and www.google.com, but they do not transfer or transmit data to the Data Controller, and thus the Privacy Policy of www.google.com governs the use of the cookies. See https://www.cookielaw.org/google-analytics-eu-cookie-law/ for details about the cookies used by Google.
The cookies used by the website of the Data Controller and their purposes:
- Session cookies (absolutely necessary cookies)
Such cookies are vital for the proper functioning of the website, if they are not accepted, the proper functioning of the website cannot be guaranteed. The cookies do not acquire any personal information from the data subject. For example, the absolutely necessary cookies collect information about whether the website is working properly or not. They help to improve the site and the user experience by signalling any errors.
- Google Analytics cookies
Google Analytics is an analytical tool of Google that helps website and app owners to get a better picture of their visitors' activities. The service may use cookies to collect information and prepare report on the statistics about the use of the site without individually identifying visitors for Google.
In addition to preparing reports from site usage statistics, Google Analytics—together with the few advertising cookies described above—can be used to show more relevant ads in Google services (like Google Search) and across the Internet, and to measure interactions associated with ads they show.
For detailed information on Google Analytics cookies and data protection, visit the following link:
https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?hl=hu
The data subject can prohibit the installation of cookies by changing the settings of his/her computer or delete the installed cookies at any time.
The legal basis for data processing is the consent of the data subject in case of both the logging data and the cookies.
4 Presence on social networking pages
The Data Controller can be reached on the Facebook social networking site and on other social networking sites as well. (See Chapter “The Data Controller”)
The use of social networking sites, in particular the use of Facebook, contacting the Data Controller through it, contact and all other activities allowed by the social networking site are based on the voluntary consent off the data subject.
Data subjects are the natural persons who voluntarily follow, share, like, rate etc. the social networking sites of the Data Controller and their content.
Scope and purpose of data processed:
Scope of data | Purpose |
- public name | - identification |
- public photo | - identification |
- public email address | - contact |
- data subject’s message | - basis for response |
The Data Controller communicates with the data subjects only when the data subject contacts the Data Controller through the social networking site.
The purpose of the presence on social networking sites and the related data processing is to share and publish data on social networking sites.
based on the terms and conditions of the social networking sites, the data subjects voluntarily consent to the following, liking of the Data Controller’s contents and to recording their opinions and comments.
The Data Controller regularly publishes pictures and videos from various events, works and activities performed by the Data Controller.
The Data Controller asks—before publishing the material—for the written consent of the data subjects in all cases where the published photos or videos are not mass displays or not displays of public life.
The data subjects can get information about the data processing of a social networking site on the given social networking site.
The duration of the data processing ends upon request for deletion from the data subject.
Personal rights of the data subject
The Data Controller informs the data subjects that they can request information about the data processing performed by the Data Controller, changes to the consent regarding the processing, rectification or deletion of their data by sending the request to the adatvedelem@torter.hu email address or to the postal address of the Data Controller’s registered seat.
For transparency and readability purposes, this section gives a brief summary of the data subject’s rights and remedial possibilities.
- Right to advance information
The data subject has the right to be informed about the facts and information related to data processing prior to the commencement of the data processing.
- Right to access the data
The data subject has the right to receive information from the Data Controller about whether the data subject’s data are being processed or not, and is such processing is being performed the data subject has the right to get access to his/her personal information and the related information as specified in the Regulation.
- Right to rectification
The data subject has to request the Data Controller to rectify the incorrect data related to the data subject without any unjustified delay. Taking into account the purpose of data processing, the data subject has the right to request the amendment of incomplete personal data—including by means of a supplementary statement.
- Right to erasure (“right to be forgotten”)
The data subject has to request the Data Controller to erase the personal information related to the data subject without any unjustified delay, and the Data Controller is obliged to erase the personal information related to the data subject without unjustified delay if any of the reasons specified in the Regulation is present.
- Right to restrict data processing
The data subject has the right to request the Data Controller to restrict the processing of data if the conditions set out in the Regulation are met.
- Obligation to provide information regarding the rectification and erasure of personal information and the restriction of data processing
The Data Controller informs all recipients of all rectifications, erasures or restrictions on data processing to whom personal information has been communicated, unless this is impossible or requires disproportionate effort. At the request of the data subject, the Data Controller informs them about the recipients.
- Right to the portability of the data
As specified by the provisions of the Regulation, the data subject has the right to receive their personal information made available to them by a Data Controller in an articulated, commonly used, machine-readable format and has the right to transfer these data to another Data Controller without obstruction from the Data Controller to which the personal information was made available.
- Right to object to the processing of personal information
The data subject has the right to object at any time, for personal reasons, to the processing of his/her personal information with having regard to Article 6, paragraph (1), item (e) (processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller) or item (f) (processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party) of the Regulation.
- Automated decision making in individual cases, including profiling
The data subject has the right to be excluded from the scope of a decision—based solely on automated data processing, including profiling—which would have a legal effect on him/her or would have a similarly significant effect on him/her.
- Limitations
Limitation is possible by way of legislative procedures of the EU or member state law applicable to the Data Controller or the data processor in line with the rights and obligations specified in Articles 12–22 and 34.
- Informing the data subject about personal data breach
If the personal data breach is likely to pose a high risk to the rights and freedoms of natural persons, the Data Controller shall inform the data subject about the personal data breach without unjustified delay.
- Right to lodge a complaint with a Data Protection Authority (right to appeal before an authority)
The data subject has the right to lodge a complaint with a supervisory authority—particularly in the Member State of his/her residence, workplace or the suspected infringement—if the data subject thinks that the processing of his/her personal information is in violation of the Regulation.
- Right to effective judicial remedy against a supervisory authority
Any natural or legal person is entitled to an effective judicial remedy against the legally binding decision of a supervisory authority or in case the supervisory authority fails to address the complaint or to informs the data subject—within three months
—about the procedural developments or results of the complaint lodged.
- Right to effective judicial remedy against the Data Controller or the data processor
Each data subject is entitled to an effective judicial remedy if they think that the processing of their personal information is in violation of the Regulation.
The data subject has the right to lodge a complaint with the designated authority in case his/her right to self-determination as regards information and freedom of information was violated:
Nemzeti Adatvédelmi és Információszabadság Hatóság (NAIH)
1125 Budapest, Szilágyi Erzsébet fasor 22/c
Phone: +36 1 391-1400
Email: ugyfelszolgalat@naih.hu
Website: www.naih.hu
This Privacy Policy is in effect from 25 May 2018.