Privacy Policy
—
We collect and process personal data in compliance with applicable laws, ensuring maximum security in data storage. Personal information is shared with third parties only with consent. Individuals can request information on the data stored about them and can also request data deletion at any time through our contact details.
Data Management Policy for Using the tokajdrei.hu Website
Introduction
Company Information:
T3 Borászati Kft.
Address: 3907 Tállya, Barcsai u. 1.
Tax Number: 28798004-2-05
The company (referred to hereafter as the Service Provider or Data Controller) abides by this policy.
Under the Act CXII of 2011 on Informational Self-Determination and Freedom of Information, Section 20 (1) stipulates that the individual (in this case, the webshop user, referred to hereafter as the user) must be informed prior to data processing if data processing is based on consent or is mandatory.
Before data processing begins, the individual must be informed clearly and comprehensively about all facts related to data processing, including the purpose and legal basis of data processing, the identity of the person authorized to process data, and the duration of data processing. The individual must also be informed of their rights and possible legal remedies in connection with data processing.
When personal notification of individuals is impossible or would involve disproportionate costs (e.g., on a webshop), it may be made public by disclosing the following information:
1. The fact of data collection,
2. Scope of data subjects,
3. Purpose of data collection,
4. Duration of data processing,
5. The identity of authorized data processors,
6. The rights of data subjects regarding data processing, and
7. If applicable, the registration number of data processing in the data protection registry.
This privacy policy applies to data processing on the following website: https://tokajdrei.hu and is based on the above content requirements.
The privacy policy is accessible at the following link: https://tokajdrei.hu/privacy-policy/. Any modifications to the policy will be effective upon publication at this link.
Definitions
– **Data Subject/User:** Any identifiable individual based on personal data.
– **Personal Data:** Any data relating to an individual—such as their name, ID number, or characteristics specific to their physical, physiological, mental, economic, cultural, or social identity—as well as any conclusions drawn from this data.
– **Data Controller:** The individual or organization who determines the purpose and means of data processing.
– **Data Processing:** Any operation performed on data, such as collection, recording, storage, or use.
– **Data Processor:** The individual or organization who processes data on behalf of the data controller.
– **Data Breach:** Unauthorized access, alteration, or destruction of personal data.
Data Processing for Webshop Operation
In compliance with Section 20 (1) of Act CXII of 2011, data processing related to webshop operation includes the following:
1. Fact of data collection,
2. Scope of data subjects,
3. Purpose of data collection,
4. Duration of data processing,
5. Identity of authorized data processors,
6. Rights of data subjects regarding data processing.
**Scope of Processed Data and Purpose of Data Processing**
– **Username:** Enables user identification and registration.
– **Password:** Secures access to the user account.
– **Full Name:** Necessary for contact, purchase, and issuing valid invoices.
– **Email Address:** For communication.
– **Phone Number:** For communication and coordination on billing or delivery matters.
– **Billing Name and Address:** To issue valid invoices and fulfill contractual requirements.
– **Shipping Name and Address:** For delivery.
– **Callback Time:** Required to fulfill requested communication.
– **Purchase/Registration Time:** A technical operation.
– **IP Address at Time of Purchase/Registration:** A technical operation.
Data Processing Related to Direct Messaging on the Website
When a direct message (request or callback) is sent via the website, the following data may be processed for contact purposes:
– **Email Address:** For communication.
– **Name:** For communication.
– **Phone Number:** For communication.
– **Callback Time:** For requested communication fulfillment.
Usernames and email addresses do not need to contain personal data.
**Newsletter Data Processing**
For newsletters, the following data may be processed for communication purposes:
– **Email Address:** For communication.
– **Name:** For communication.
Email addresses do not need to contain personal data.
**Scope of Data Subjects:** Any individual registered on the webshop/website, as well as those interested in the website and newsletter subscribers.
**Duration of Data Processing and Data Deletion Deadline:** Immediately upon deletion of registration, except for accounting records, which must be retained for eight years per Act C of 2000 on Accounting, Section 169 (2).
**Authorized Data Processors:** Sales and marketing personnel of the data controller, respecting the principles above.
**Data Subjects’ Rights Regarding Data Processing:** Data subjects can initiate data deletion or modification via:
– Mail: 3907 Tállya, Barcsai u. 1.
– Email: info@tokajdrei.hu
– Phone: +36709308004
**Data Processor for Data Processing (Hosting Provider)**
*RackForest Informatikai Kereskedelmi Szolgáltató és Tanácsadó Zrt.*
Office Address: 1132 Budapest, Victor Hugo utca 11., 5th floor
Server Locations: 1132 Budapest, Victor Hugo u. 18-22., 3rd floor | 1087 Budapest, Asztalos Sándor u. 13. | 1108 Budapest, Kozma u. 2.
Billing Address: 1132 Budapest, Victor Hugo u. 11., 5th floor B05001
Tax Number: 32056842-2-41
Central Phone: +36 1 211 0044
**Legal Basis for Data Processing:** User consent, under Section 5 (1) of the Info Act, and Section 13/A (3) of the Act on Certain Aspects of Electronic Commerce Services and Services Related to the Information Society (Elker Act).
**Cookie Policy**
Under Act CXII of 2011, data processing related to cookies on the webshop website includes:
1. Fact of data collection,
2. Scope of data subjects,
3. Purpose of data collection,
4. Duration of data processing,
5. Identity of authorized data processors,
6. Data subjects’ rights regarding data processing.
Typical webshop cookies include “password-protected session cookies,” “shopping cart cookies,” and “security cookies,” which do not require prior consent from data subjects.
– **Fact of Data Collection, Scope of Processed Data:** Unique identifier, dates, times.
– **Scope of Data Subjects:** All individuals visiting the website.
– **Purpose of Data Processing:** To identify users, manage the shopping cart, and track visitors.
– **Duration of Data Processing and Data Deletion Deadline:** Session cookies last until the end of the visit; others up to one year.
– **Authorized Data Processors:** No personal data is processed through cookies.
– **Rights of Data Subjects:** Data subjects can delete cookies in their browsers’ privacy settings.
**Legal Basis for Data Processing:** No consent is required if cookies are exclusively for communication over an electronic network or for services expressly requested by the subscriber or user.
Using Google AdWords Conversion Tracking
The data controller uses the online advertising program “Google AdWords” and utilizes the Google Conversion Tracking service within this framework. Google Conversion Tracking is an analytics service by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
When a User reaches a website through a Google ad, a cookie necessary for conversion tracking is placed on their computer. These cookies have limited validity and contain no personal data, so the User cannot be identified through them.
When the User browses specific pages of the website and the cookie is still active, both Google and the data controller can see that the User clicked on the ad. Each Google AdWords client receives a unique cookie, making it impossible to track cookies through AdWords clients’ websites.
The information gathered through the conversion tracking cookies is used to generate conversion statistics for AdWords clients who have opted for conversion tracking, allowing clients to see the number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, clients do not gain access to any information that could be used to identify users.
If you do not wish to participate in conversion tracking, you can opt out by disabling cookie installation in your browser settings. You will then be excluded from the conversion tracking statistics.
For more information and Google’s privacy policy, please visit: policies.google.com
Using Google Analytics
This website uses Google Analytics, a web analytics service by Google Inc. (“Google”). Google Analytics employs “cookies”—text files stored on your computer—to assist in analyzing website usage by the User.
Information generated by these cookies about the User’s website usage is typically transferred to and stored on a Google server in the USA. With IP anonymization enabled on this website, Google truncates the User’s IP address within EU member states or other states that are parties to the Agreement on the European Economic Area.
Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. On behalf of the website operator, Google will use this information to evaluate the User’s website usage, compile reports on website activity, and provide other services related to website and internet usage.
Within Google Analytics, the IP address transmitted by the User’s browser is not associated with any other data held by Google. Users can prevent cookie storage by configuring their browser settings accordingly; however, please note that this may result in some website functions being unavailable in full.
Additionally, Users can prevent Google from collecting and processing data generated by cookies related to their website usage (including the IP address) by downloading and installing the browser plugin available at this link.
Social Media Data Processing
According to Section 20(1) of the Hungarian Act CXII of 2011 on the Right to Informational Self-Determination and Freedom of Information, the following must be defined for data processing on social media:
- The nature of data collection,
- Scope of data subjects,
- Purpose of data collection,
- Duration of data processing,
- Possible data controllers authorized to access the data,
- Explanation of data subjects’ rights concerning data processing.
Data collection involves:
- The registered name and public profile picture of the User on platforms like Facebook, Google+, Twitter, Pinterest, YouTube, Instagram, etc.
- Scope of data subjects: All Users registered on these social media platforms who have “liked” the website.
Purpose of data collection: To enable sharing or “liking” certain website content, products, campaigns, or the website itself on social media, thus promoting it.
For the duration, deletion deadline, authorized data controllers, and an explanation of data subjects’ rights, please refer to the respective social media platforms’ data processing and policy documentation, as the data processing occurs on these platforms and is subject to their regulations.
The legal basis for data processing: the User’s voluntary consent to the processing of their personal data on social media.