Privacy is of the utmost importance to us and we want to be open and transparent when processing your personal information.

Who handles your personal information?

The Supplier:

Hungaroharvest Kft.

Headquarter: 1221 Budapest, Madarász köz 4., Hungary

Tax No.: 24887511-2-43

Registration No.: 01-09-187725

Authorized person: György Sitku, Managing Director, handles the personal data you provide to us and this company is responsible for your personal data in accordance with the applicable data protection laws.

Web hosting, data storage and handling provider:

Tárhelypark Kft.

Headquarter: 1126 Budapest, Tartsay Vilmos u. 14. 2.em.

Tax No.: 23289903-2-43

Where do we store your data?

The data requested from you will be stored and processed in the European Economic Area (“EEA”).

Who has access to your data?

We will never pass on, sell or exchange your data for marketing purposes. We will only use the data transmitted to third parties to enable the service provided to you.

What is the legal basis for processing?

Each time we process your personal data, we will inform you whether the receipt of your personal data is based on a legal requirement or is necessary for concluding a contract, and whether the provision of personal data is obligatory and the possible consequences of refusing to do so.

What are your rights?

Access right:

You have the right to request information about the personal data we hold about you at any time. Contact our company and your personal details will be emailed to you.

Right to portability:

When our company automatically processes your personal data with your consent or consent, you have the right to request that your stored data be provided to you in a structured, commonly used and machine-readable format. This only applies to the personal information you provide to us.

Right of correction:

You have the right to request the correction of your personal data if it is incorrect, including the right to have incomplete personal data rectified.

Right of cancellation:

You have the right to delete any personal information we process about you at any time, except in the following situations

* you have an open order that has not yet been shipped or has been partially shipped
* outstanding debt, regardless of the method of payment

Right to object to direct marketing:

You have the right to object to direct marketing, including profiling for direct marketing purposes.

Data Protection Officer (DPO):

We have appointed a Privacy Officer to ensure that your personal information is always processed in an open, accurate and lawful manner. You can contact our data protection staff at the e-mail address shop@drhoney.hu; please enter DPO letters in the subject line.

Right to complain to the supervisory authority:

If you believe that our company is processing your personal data incorrectly, please contact us, but you also have the right to complain to a supervisory authority.

Data protection declaration

During the registration required to use the services of the Webshop, Hungaroharvest Kft. 1221 Budapest, Madarász köz 4., Tax number: 24887511-2-43, company registration number: 01-09-187725 (hereinafter: Data Manager) records the following data are necessary for the identification of users : customer’s user name, e-mail address, name, address, contact telephone number. In order to deliver the ordered goods, the Data Controller provides the following data to the supplier or the supplier’s agent: order time, recipient’s name (from delivery address), company name (from delivery address), full delivery address, order amount, order number, customer phone number and other contact information.

Data suitable for the individual access of the user (eg. e-mail addresses) will be used by the Data Controller only for the purpose previously approved by the user, they will not be transferred to third parties under any circumstances without the user’s prior permission, except for the exceptions provided by applicable law.

The Data Controller shall comply with the legal provisions on data protection in force at any time, in particular Article CXII. Act CVII of 2011 on certain issues of electronic commerce services and information society services. in accordance with the law, registers, manages and uses, for the purposes of its own marketing and advertising activities only, to the extent necessary, forwards information, newsletters and publications to the specified contact details. The legal basis for data management is the user’s statement of consent to voluntary data management.

Modification of personal data

The user can change or delete the entered personal data at any time in the user interface of the Web Store. The purpose of the automatically recorded data is the production of statistics, the technical development of the IT system, and the protection of the rights of the Users.
The Service Provider does not or may not use the personal data provided for purposes other than those described in this paragraph. The release of personal data to third parties or authorities is not possible unless the law has the prior express consent of the User, unless otherwise provided by law.

The Service Provider does not verify the personal data provided to it. The person who provided the data is solely responsible for the accuracy of the information provided. When providing the e-mail address of any User, it is also responsible for ensuring that only he / she uses the service from the provided e-mail address. In view of this liability, all liability in connection with logins to a given e-mail address rests solely with the User who registered the e-mail address.

The Service Provider and the Service Provider’s internal employees are entitled to get acquainted with the provided and technical data, they are not published, they are not passed on to third parties, except in the case when it is absolutely necessary for the fulfillment of the order. (We provide Csomagküldő.hu Kft. Courier Service with data for the success of the delivery, such as the User’s name, delivery address, e-mail address and telephone number, and in case of Online payment to Barion Payment Zrt., If you pay with a bank card or Barion balance out the amount of your order).

In order to fulfill the orders, the Service Provider uses a data processor (eg a transport company, an online payment service provider, an accountant). The Service Provider is not responsible for the data management practices of such external actors, but they do their utmost to protect personal data.

Data processors outside the Service Provider

Courier: Magyar Posta Zrt.,1138 Budapest, Dunavirág utca 2-6., Registration No.: Cg. 01-10-042463, www.posta.hu

Courier: Csomagküldő.hu Kft. 1031 Budapest, Vizimolnár utca 10. 6/54.

Invoicing: KBOSS.hu Kft., 1031 Budapest, Záhony utca 7/C.

Online payment provider: Barion Payment Zrt., 1117 Budapest, Infopark sétány 1. I. épület 5. emelet 5., Registration No.: Cg. 01-10-048552, www.barion.com/hu

Data safety

The Service Provider takes all necessary steps to ensure the security of the personal data provided by the Users both during the network communication and during the storage and guarding of the data. Access to personal data is strictly limited to prevent unauthorized access, unauthorized alteration or unauthorized use of personal data.

USER RIGHTS AND ENFORCEMENT POSSIBILITIES

Right to information:

The User is entitled to request information about the personal data managed by the Service Provider at any time, and – with the exception of the e-mail address provided during registration – may change them at any time in the manner specified in the User Information. The user is also entitled to request the deletion of his data via the contact details provided in this section. At the request of the User, the Service Provider provides information about the data processed by him / her, the purpose, legal basis, duration of the data processing, as well as who and for what purpose receives or has received his / her data. The Service Provider shall provide the requested information in writing within 30 days of the submission of the request.

At the request of the User, the Service Provider provides information on the data processed by it, the data processed by the data processor entrusted by it or at its disposal, their source, the purpose, legal basis, duration of the data processing, the data processor’s name, address and the circumstances of the data protection incident, its effects and the measures taken to eliminate it, as well as – in the case of the transfer of the User’s personal data – the legal basis and the recipient of the data transfer. The service provider shall provide the requested information in writing within 30 days of the submission of the request.

If the Service Provider – if it has an internal data protection officer, through the internal data protection officer – keeps a register for checking the measures related to the data protection incident and informing the User, which includes the User’s personal data, the scope and number of data protection incidents, the date of the data protection incident , its circumstances, effects and the measures taken to eliminate it, as well as other data specified in the legislation prescribing data processing.

The data subject may exercise his / her rights at the following contact details:

Address: 1221 Budapest, Madarász köz 4., Hungary

E-mail: shop@drhoney.hu

The User may contact the Service Provider’s employee with any questions or remarks related to data management via the above contact details.

The User has the right to request the correction or deletion of incorrectly recorded data at any time. Some data can be corrected by the User on the Website, in other cases the Service Provider will delete the data within 3 working days from the receipt of the request, in which case they will not be recoverable. The deletion does not apply to the data processing required by law, which the Service Provider retains for the required period of time. (eg. accounting regulations).

The User may also request the locking of his data. The Service Provider itself blocks the personal data if the User so requests or if, on the basis of the available information, it can be assumed that the deletion would harm the legitimate interests of the User. Personal data blocked in this way may only be processed for as long as the purpose of the data processing, which precluded the deletion of personal data, exists.

The User must be notified of the rectification, blocking and deletion, as well as all those to whom the data has previously been transmitted for data management purposes. The notification may be omitted if it does not infringe the legitimate interests of the User with regard to the purpose of data management.

If the Service Provider does not comply with the User’s request for rectification, blocking or deletion, it shall notify in writing the factual and legal reasons for the rejection of the request for rectification, blocking or deletion within 30 days of receipt of the request.

User may protest to the handling of his / her personal data if:

1. the processing or transmission of personal data is necessary only for the fulfillment of a legal obligation to the Service Provider or for the enforcement of the legitimate interest of the Service Provider, data recipient or a third party, unless the data processing is ordered by law;
2. personal data are used or transmitted for the purpose of direct business acquisition, public opinion polling or scientific research;
3. in other cases specified by law.

In such a case service provider must:

1. investigate as soon as possible after the submission of the application, but not later than 15 days,
2. take a decision,
3. inform in written the applicant about the decision.

If the Service Provider establishes the validity of the data subject’s protest, it terminates the data processing, including further data collection and data transfer, and blocks the data, and notifies all those to whom it has previously transmitted the data subject of the protest, and who are obliged to take action to enforce the right to protest.

If the User does not agree with the decision made by the Service Provider, he / she may file a lawsuit against it – within 30 days of its notification.

Legal opportunities:

1. 1. The User may enforce his rights in court on the basis of Info.tv and the Civil Code (Act IV of 1959), or

2. You can file a complaint with the NAIH

 

Contact: Nemzeti Adatvédelmi és Információszabadság Hatóság

1125 Budapest, Szilágyi Erzsébet fasor 22/C.

Mailing address: 1530 Budapest, PO box: 5.

Phone: +36 -1-391-1400

Fax: +36-1-391-1410

E-mail: ugyfelszolgalat@naih.hu

USE OF EMAIL ADDRESSES

The Service Provider undertakes not to send e-mails to the e-mail addresses provided by the Users during registration, except for e-mails related to the services used by the User and newsletters sent with the User’s consent.
The Service Provider must pay special attention to the legality of the use of the e-mail addresses managed by it, so it will only use them in the manner specified in the Data Management Information to send an information e-mail.

Handling of email addresses primarily

• serves the identification of user,
• serves to maintain contact during the fulfillment of orders and the use of services, so an e-mail is sent primarily for this purpose.

In case of changes in the services provided by the Service Provider or the General Terms and Conditions, the Service Provider shall provide information on the changes and other similar services of the Service Provider in electronic form by e-mail to the data subject, which the User must be informed. Of course, in the event that the Service Provider follows this practice and does not only post a notice about the change on the website.

NEWSLETTER

The Service Provider pays special attention to the legality of the use of the e-mail addresses it manages, so it is used only for sending e-mails as defined below.

Act XLVIII of 2008 on the basic conditions and certain restrictions of economic advertising activity. Pursuant to Section 6 of the Act, the User agrees in advance and expressly to contact the Service Provider with his advertising offers and other items at the contact details provided during registration (eg e-mail address or telephone number); The purpose of the newsletter is to inform the User about the current information, products, promotions, new functions, etc. in the form of an electronic message containing advertising. Thus, the Service Provider may send letters containing an advertisement (newsletter) to the e-mail addresses provided during registration only and exclusively with the express consent of the User, in cases and in a manner in accordance with legal regulations; in doing so, the User consents to the handling of the personal data of the Service Provider necessary for the sending of advertising offers, keeping in mind the provisions of this prospectus; providing a newsletter unsubscription and describing its process within the scope of this document. Provision of the possibility of unsubscribing is mandatory on the part of the Service Provider. In this case, the Service Provider deletes all personal data of the User from its register, which is absolutely necessary for sending the newsletter.

Service Provider reserves the right to unilaterally amend this Privacy Notice with prior notice to Users. After the entry into force of the amendment, the User accepts the contents of the amended Data Management Information by implicitly using the service. If the User provided the data of a third party during the registration in order to use the service or caused damage in any way during the use of the Website, the Service Provider is entitled to enforce compensation against the User. In such a case, the Service Provider shall provide all possible assistance to the acting authorities in order to establish the identity of the infringing person.