PRIVACY POLICY

The Fehéri Solutions Limited Liability Company operating the site sets out in this data management information the data management rules related to the purchase of a book on the website www.feheribooks.hu and provides information to the users of the site.

The operation of the site and data management is carried out in accordance with the following legislation:

  • REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals regarding the processing of personal data and on the free movement of such data, and repealing Regulation (EC) No 95/46 (General Data Protection Regulation)
  • 2001 CVIII. on certain issues in electronic commerce services and information society services
  • Act V of 2013 on the Civil Code

The operator of the site is also a data controller.

Name: Fehéri Solutions Limited Liability Company

Head office: 8412 Veszprém, Kolostor u. 5.

Company registration number: 19-09-518963

Tax number: 25872211-2-19

Managing director: Éva Fehéri

Phone number: +36303368484

Email address: eva@feheribooks.com

Hosting provider:

Name: C-Host Kft.

Address: 1115 Budapest, Halmi utca 29.

Phone: + 36-1-445-2040

Email: info@nethely.hu

Website: www.nethely.hu

Invoicing:

Fehéri Solutions Kft.

Head office: 8412 Veszprém, Kolostor u.5.

Purpose of data management and scope of data managed.

The website sells antique books, maps and manuscripts.

When purchasing the product, we ask the customer to provide the following information: name; e-mail address; telephone number; mailing address; billing name and address.

After the order, we will send the information related to the order to the given e-mail address, if necessary, we will contact you by phone. Based on the data provided when ordering, we will issue an electronic invoice, which will be sent by email. The condition of the purchase is that you provide us with the information requested when ordering, as these are essential for invoicing and mailing. The purchase price of the ordered volume is paid by credit card through Barion’s payment system, which acts as an independent data controller in accordance with its own data management rules. Credit card details will not be sent to the merchant. The service provider Barion Payment Zrt. Is an institution under the supervision of the Magyar Nemzeti Bank, license number: H-EN-I-1064/2013.

We do not check the data provided during the order, the person who provided it is responsible for its correctness. By providing your e-mail address, you are responsible for ensuring that only you use the service from the address provided. Based on this, the responsibility for logging in to the given e-mail address rests solely with the person who registered the e-mail address.

Legal basis for data management

In accordance with the relevant provisions of Article 6 of the General Data Protection Regulation on the lawfulness of data processing

  1. The processing of personal data shall be lawful only if and to the extent that at least one of the following conditions is met:
  2. (a) the data subject has consented to the processing of his or her personal data for one or more specific purposes;
  3. (b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to the conclusion of the contract;
  4. (c) processing is necessary for compliance with a legal obligation to which the controller is subject;

According to this, the legal basis of data management is our legal obligation to fulfill the contract concluded with you as a customer, to fulfill the contract concluded during the order, and to issue an invoice. The provision of data is a condition for concluding a contract, data management is therefore essential in order to fulfill the order.

When visiting the website, the website manages the IP address of the page visitor, the time and duration of the visit, the list of viewed subpages, the operating system of the page visitor, the type of browser and the screen resolution. The purpose of data management is to improve the quality of the service and to make statistical analyzes of the data. The duration of data management is 2 years.

. The data processor is Google Analytics.

By using cookies, we handle the following data in connection with the visitors of the website: unique identification number, date, browser settings data, visitor behavior on the website. The data controller is entitled to get acquainted with the data. The data is stored electronically. The purpose of data management is to develop the website, collect information about the use of the website, place targeted advertisements on other websites, identify browser users, track and analyze activities on the website in order to continuously improve the user experience and deliver relevant offers to the user. Cookies are placed on the user’s computer by the websites visited. These are small text files that are stored in the user’s web browser when using the website. They help improve the user experience by memorizing visitors ’custom settings that can be used when using different transactions so they don’t have to re-type them. Cookies can be deleted and set to not be stored by the user’s browser. However, in this case, some functions may not work properly, so the user may feel that the page is faulty.

 

System cookies are necessary for you to browse the website and use its functions. These cookies are valid for the current visit and will be automatically deleted from your computer when you close your browser. The use of such cookies does not require consent, they are indicated by a pop-up bar on your first visit. The purpose of data management is to provide a user experience, we do not process personal data.

Cookies that provide analysis of website performance allow us to measure website traffic and visitor behavior. Nor can they personally identify them, they only collect information that shows which page visitors viewed, how many pages they visited, how long they were on the page, whether there were any error messages. The website uses Google Analytics. The data is stored in encrypted form on Google’s servers, so the data collected is analyzed in bulk. We also use these cookies to improve the user experience and the website.

 

Advertising cookies also cannot identify the person, they collect information about the viewing of the pages. This information helps us know what content is of interest. With your consent, we may use the personal information we collect to track your use of the Website in order to further personalize our offerings.

Those who do not want Google Analytics to report JavaScript on their data can install the Goolge Analytics disabled browser extension. This extension does not prevent data from being sent to the site and other web analytics services. You can access Google’s privacy policy here: https://policies.goolge.com/privacy?hl=en

Pop-ups use anonymous cookies to prevent them from popping up again, disrupting the user experience. The pop-up cookie will remember the visitor for a week, during which time the pop up will not reappear.

The legal basis of data management is express consent, the purpose of which is to send messages, newsletters and advertisements containing electronic direct marketing content by the method of direct customer acquisition. The data management lasts until the withdrawal of the consent, ie the unsubscription from the website. The specific purpose of requesting a name and e-mail address is to enable identification, contact, and subscription to the newsletter. Recording the date of subscription and the IP address of your computer is a technical information operation. The data is stored electronically. The given name or e-mail address does not have to contain any data referring to your person. This data is used for contact, it is necessary for the sent newsletter, information, offer to reach the recipient.

The data is stored electronically. Data will be deleted upon withdrawal of consent to data processing, except for billing data, which may be deleted in accordance with legal requirements.

 

In order to issue the electronic fee request and invoice, the given data will be transferred to the Szamlazz.hu system, and in the case of bank card payments to the Barion system. This data transfer is for the purpose of issuing and transmitting the electronic fee request and invoice, as well as for the payment of the product or service by credit card.

After the performance of the contract, your data will be processed until the end of the civil limitation period (which is 5 years), but the data on the invoice must be kept for 8 years. Your rights regarding data management

Within the period of data processing, you, as the data subject, have the following rights in accordance with the provisions of the General Data Protection Regulation: access to personal data and information related to data processing; the right to rectification; data management restrictions; right of cancellation; the right to portability; right to protest, right to withdraw consent. If you wish to exercise your privacy rights, please provide us with any personal information you have already provided to us at the time of purchase of the book. Complaints about data management will be answered within 30 days at the latest.

Right to withdraw consent: You have the right to withdraw your consent to data processing at any time, in which case the data provided will be deleted from our systems.

Access to personal data and information: You have the right to receive feedback on whether your personal data is being processed and, if data is being processed, you have the right to access the processed personal data and to be informed about the processing.

 

The purpose of exercising the right may be to establish and verify the lawfulness of the data processing, therefore, in case of repeated requests for information with the same content, we may charge a fair fee for the provision of the information. We provide access to personal data by emailing you the personal data and information we process after you have been identified. Please indicate in your request whether you are requesting access to personal data or requesting data management information.

By right of rectification, you have the right to have inaccurate personal data about you corrected without delay upon request.

You have the right to restrict data processing, so you have the right to restrict data processing at your request if one of the following is met:

  • You dispute the accuracy of your personal information, in which case the restriction applies to the period of time that allows us to verify the accuracy of your personal information, if no verification is required, we will not apply a restriction;
  • the data processing is illegal and you oppose the deletion of the data and instead ask for a restriction on its use;
  • we no longer need your personal data for the purposes of the designated data processing, but you request it to make, enforce or protect legal claims; obsession , but you require them to make, assert or defend legal claims; obsession
  • You have protested against data management, but our legitimate interest can also justify data management, that is

until it is determined whether your legitimate reasons take precedence over you

legitimate reasons, data processing should be limited.

  • we no longer need your personal data for the purposes of the designated data processing, but you request it to make, enforce or protect legal claims; obsession
  • You have protested against data management, but our legitimate interest can also justify data management, that is

until it is determined whether your legitimate reasons take precedence over you

legitimate reasons, data processing should be limited.

If the processing is subject to a restriction, such personal data may be processed, with the exception of storage, only with your consent or for the purpose of bringing, enforcing or protecting legal claims or protecting the rights of another natural or legal person or in the important public interest of the Union or a Member State. We will inform you in advance about the lifting of the data management restriction (at least 3 working days before the lifting of the restriction). By virtue of your right to delete – to forget, you have the right to delete your personal data without undue delay if any of the following reasons exist:

  • personal data are no longer required for the purpose for which they were collected or processed;
  • You withdraw your consent and there is no other legal basis for the processing;
  • You object to data processing based on a legitimate interest and there is no lawful priority

reason (ie legitimate interest) for data processing,

  • personal data have been processed unlawfully and this has been established on the basis of a complaint,
  • personal data must be deleted in order to comply with a legal obligation under EU or national law applicable to us.

By virtue of your right to object, you have the right to object at any time to the processing of your personal data on the basis of a legitimate interest for reasons related to your own situation. In this case, we may not further process your personal data unless we can prove that the processing is justified by overriding legitimate reasons which take precedence over your interests, rights and freedoms or which relate to the submission, enforcement or protection of legal claims.

Under the right of portability, if the data processing is necessary for the performance of a contract or the data processing is based on your voluntary consent, you have the right to request that the data you provide to us be received in a machine-readable form. Remedies

If you believe that we have violated any legal provision on data processing or have not complied with any of your requests, you may initiate an investigation by the National Data Protection and Freedom of Information Authority (mailing address: 1530 Budapest, Pf .: 5., e-mail: ugyfelszolgalat@naih.hu). We also inform you that you can file a civil lawsuit in the competent court.

 

Other provisions

We reserve the right to amend this data management information in a manner that does not affect the purpose and legal basis of the data management. However, if we wish to carry out further data processing in connection with the collected data for a purpose other than the purpose for which they were collected, we will inform you about the purpose of the data processing, the storage period of personal data or, if this is not possible, the right to request access to, rectification, erasure or restriction of the processing of personal data concerning you and to object to the processing of personal data in the case of data processing based on a legitimate interest and to request the right to data portability in the case of data processing based on consent or contractual relationship . In the case of consent-based data management, you can withdraw your consent at any time. The data processing can only be started after that, if the legal basis of the data processing is consent, in addition to the information, you must also consent to the data processing.

During the operation of the IT systems, we ensure the necessary rights management, internal organization and technical solutions to ensure that your data cannot become the property of unauthorized persons, and that the data cannot be deleted, deleted from the system or modified by unauthorized persons. We also enforce data protection and data security requirements against our data processors. We keep a record of any privacy incidents and, if necessary, keep you informed of any incidents.

We will make every effort to ensure that risks related to data processing are excluded, but in the event of a data breach, we will take the necessary security measures to rectify the breach and restore security, and we will notify the supervisory authority and inform you within 72 hours of becoming aware of it. at your specified contact information.

Effective August 1, 2020