PRIVACY POLICY / COOKIES

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service of the website www.barbaramedve.com and tells You about Your privacy rights and how the law protects You.

This Privacy Policy refers to the personal information asked and recorded by the website www.barbaramedve.com.

  1.  Personal data may only be processed for a specific purpose, in order to exercise a right and fulfill an obligation. At all stages of data processing, the purpose of data processing must be appropriate, and the collection and processing of data must be fair and lawful.
  2.  Only personal data which are necessary for the purpose of the processing may be processed,

suitable for the purpose. Personal data may only be processed to the extent and for the time necessary to achieve the purpose.

Personal data retains this quality during data processing as long as the connection with the data subject can be re-established. The connection with the data subject can be re-established if the data controller has the technical conditions necessary for the recovery.

  1. The processing must ensure the accuracy, completeness and, where necessary, the up-to-datedness of the data, and that the data subject can only be identified for the time necessary for the purpose of the processing.

GENERAL PROVISIONS

Name of the data controller: Medve Barbara (here in after: Data controller) Address of the data controller: 5500, Gyomaendrőd, Erkel u.6., Hungary

Contacts of the data controller: info@barbaramedve.com website: www.barbaramedve.com

Legal basis for data processing: REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL Article 6. The consent of the data subject pursuant to Article 6 (1) (a) and the legitimate interest of the Data Controller pursuant to Article 6 (1).

  1. SCOPE OF DATA PROCESSING AND PERSONAL DATA PROCESSED:

A During the voluntary provision of data, the User may provide the following data (on a voluntary basis, but it is essential to use the service) to use the subscription form on the website http://barbaramedve.com or on a subpage / landing page (target page):

  1. Data subjects: users registered on barbaramedve.com Personal data managed: e-mail address, personal name, username Purpose: storage of data and sending e-mail notifications

The IP address used by the Users during registration is always stored for the purpose of identifying the subscriber in the event of an incident or other problem.

Consent to data management: During registration, the Users expressly consent to the processing of their personal data by the Data Controller in the manner described in this prospectus.

Method of data management: automated data processing

  1. PERSONS OF DATA PROCESSORS (PERFORMING TECHNICAL TASKS RELATED TO DATA PROCESSING OPERATIONS):

Barbara Medve (5500, Gyomaendrőd, Erkel utca 6., tax number:)

  1. DURATION OF DATA PROCESSING:

The provided data shall be processed by the Data Controller for an indefinite period of time or until the withdrawal of the data subject’s consent.

  1. TRANSMISSION OF DATA ABROAD:

No data will be transferred in connection with the purpose of the Data Management.

  1. RIGHTS OF STAKEHOLDERS:

The data subject may apply to the Data Controller

(a) information on the processing of your personal data;

(b) the rectification of your personal data; and

(c) the erasure or blocking of your personal data, with the exception of mandatory data processing. At the request of the data subject, the Data Controller shall provide information on the data processed by the data subject or processed by the data processor entrusted by him or her or at his or her disposal, their source, the purpose and legal basis of the data processing,

the duration, name and address of the controller, the activities related to the processing, the circumstances, effects and measures taken to remedy the data protection incident, and, in the case of transfers of personal data of the data subject, the legal basis and the recipient of the transfer.

If the Data Controller has an internal data protection officer, the Data Controller shall keep a register containing the scope of the personal data concerned, the scope and number of data subjects of the data protection incident and the date of the data protection incident in order to check the measures related to the data protection incident and inform the data subject about its circumstances, effects and the measures taken to eliminate it, as well as other data specified in the legislation prescribing data processing. The Data Controller is obliged to provide the information in writing in a comprehensible form at the request of the data subject as soon as possible, but not later than within 25 days from the submission of the request.

The information is free of charge if the person requesting the information has not yet submitted a request for information to the Data Controller for the same data set in the current year. In other cases, the Data Controller may set a fee.

The Data Controller deletes personal data if

  • its processing is unlawful;
  • requested by the data subject;
  • is incomplete or incorrect and this condition cannot be legally remedied, provided that cancellation is not precluded by law;
  1. the purpose of the processing has ceased or the time limit for the storage of the data specified by law has expired;
  • it has been ordered by a court or the Authority.

The rectification, blocking, marking and erasure shall be notified to the data subject and to all persons to whom the data have previously been transmitted for data processing purposes. The notification may be omitted if it does not harm the legitimate interests of the data subject with regard to the purpose of the processing.

If the Data Controller does not comply with the data subject’s request for rectification, blocking or deletion, he shall, within 30 days of receipt of the request, communicate in writing or with the consent of the data subject the electronic and factual reasons for rejecting the request for rectification, blocking or deletion. If the request for rectification, erasure or blocking is rejected, the Data Controller shall inform the data subject of the possibility of legal redress and recourse to the Authority.

  1. PROTECTION AGAINST THE PROCESSING OF PERSONAL DATA: The data subject may object to the processing of his or her personal data,

(a) if the processing or transfer of personal data is necessary solely for the performance of a legal obligation to the Data Controller or to enforce a legitimate interest of the Data Controller, the data recipient or a third party, except in the case of mandatory data processing;

(b) where the use or transfer of personal data is for the direct acquisition of business, public opinion polling or

for the purpose of scientific research; and

(c) in other cases specified by law.

The Data Controller shall examine the protest within the shortest time from the submission of the application, but not later than within 15 days, make a decision on the merits of the application and inform the applicant of its decision in writing.

If the Data Controller establishes the validity of the data subject’s protest, the data processing, including further data collection and data transfer, shall be terminated and the data shall be blocked, and the data subject shall be notified of the protest and the action taken on it and who are obliged to take action to enforce the right to protest.

If the data subject does not agree with the decision made by the Data Controller, or if the Data Controller fails to comply with the above deadline, the data subject may apply to a court within 30 days from the notification of the decision or the last day of the deadline.

If the data subject objects to the processing of his / her personal data or seeks legal redress, and if a request for data is received from a third party without the data subject’s consent, the data may be disclosed to legal representatives appointed by the Data Controller to the extent necessary to assess the lawfulness of the above.

  1. COURT REMEDIES:

Dear Users, if they feel that the Data Controller has violated their rights to the protection of personal data, they should contact us so that we can investigate the case as soon as possible and remedy the possible violation.

We also inform the Users that in the event of a violation of their rights, the data subject may take legal action against the Data Controller. The court is acting out of turn in the case. The court has jurisdiction to hear the case. The lawsuit may also be brought before a court of the controller’s domicile or, at the option of the data subject, the domicile or residence of the data subject. A party who does not otherwise have legal capacity to sue may also be a party to a lawsuit.

If the Data Controller causes damage to another person by unlawfully processing the data subject’s data or violating the data security requirements, he / she shall compensate it. If the Data Controller violates the data subject’s right to privacy by illegally handling the data subject’s data or violating the data security requirements, the Data Controller may claim damages from the Data Controller. The Data Controller shall be released from the liability for the damage caused and the obligation to pay the damages if it proves that the damage or the violation of the personal rights of the data subject was caused by an unavoidable cause outside the scope of data processing. No damages shall be payable and no damages shall be payable in so far as the damage was caused by the intentional or grossly negligent conduct of the injured party or the breach of the right to privacy.

  1. UTHORITY PROCEDURE:

The person concerned may lodge a complaint or it may also request information from the Authority: Name: Nemzeti Adatvédelmi és Információs Hatóság

Address: 1125 Budapest Szilágyi Erzsébet fasor 22/c., Hungary Postal address: 1530 Budapest, Pf.: 5.

Email: ugyfelszolgalat@naih.hu

Phone: +36 1 391 1400

Fax: +36 1 391 1410

Website: http://naih.hu

DETAILED DATA MANAGEMENT PROVISIONS

  1. MANAGEMENT OF COOKIES:

When you read barbaramedve.com, we may also use cookies or similar technologies to identify your browser or device. A cookie is a small file that is placed on your computer when you visit a website. When you visit that site again, the cookie allows the site to recognize your browser. Cookies can also store user settings and other information. Other platforms, where cookies are not available or used, also use other technologies that have a similar purpose to cookies, such as the ad ID on Android mobile devices. You can reset your browser to reject all cookies or to indicate when a cookie is being sent. However, certain website features or services may not work properly without cookies.

The barbaramedve.com website uses cookies used by Google Analytics, for the operation of which the

This is Google’s privacy policy (https://support.google.com/analytics/answer/6004245?hl=en_US).

  1. USE OF EMAIL ADDRESSES FOR MARKETING purposes:

The Data Controller will send a letter containing an advertisement to the e-mail address provided during registration only if the User has given his / her prior express consent. The statement of consent may be revoked at any time without restriction or justification by means of a link at the bottom of the e-mail containing the advertisement.